No clue about hackers of PAVietnam

[WhoNet]

No clue about hackers of PAVietnam
Tien Phong / 05/08/2008

VietNamNet Bridge – At least one more week is needed to find clues about the hackers that nabbed the domain names of PAVietnam, the largest domain name service provider in Vietnam, said a representative of a unit participating in hunting the hackers.

After the hack on PAVietnam on July 27, thousands of domain names registered with PAVietnam were locked for checking, affecting the businesses of thousands of clients.

The hackers still haven’t returned the expensive domain names of PAVietnam, such as pavietnam.com, pavietnam.net, dotvndns.com, 5giay.com, etc.

Their names have still not been discovered though many special agencies, including the Vietnam Computer Emergency Response Team (VNCERT), the Ministry of Information and Communications, the BKIS Network Security Centre, the HCM City Department of Information and Communications and the Anti-Hitech Crime Police Agency of the Ministry of Public Security, have joined forces to track them down.

Vu Ngoc Son, Chief of BKIS’ Virus Department, said BIKS will have clues in another week.

Experts have to localise their searches to find clues at PAVietnam and ENOM, one of the biggest domain name service providers in the world, which choose PAVietnam as its agent in Vietnam.

Is there any infiltrator in PAVietnam?

Some people suspect that there is an agent inside PAVietnam because the hackers had both reseller and email passwords of the owner and the time it took the hackers to transfer domain names from this domain name service provider (ENOM) to another one (Onlinelnc) was very short.

BKIS rejected the idea about there being people inside PAVietnam involved. Son said hackers didn’t need to have both passwords, only the reseller password to hack PAVietnam.

But how did the hackers get the reseller password without being discovered? Son explained that administrators log in everyday with a reseller password and can see thousands of domain names so it is very difficult to discover which domain names or emails lost the password.

But how could hackers get the reseller password?

This question has been being discussed by experts for the past week. However, some network security experts said ENOM might have some errors and the hackers attacked PAVietnam from ENOM.

While the hackers have still not been identified, experts say the hack didn’t cause heavy losses, just worries. However, the lesson from this case is Vietnamese clients should not register domain names abroad.

http://english.vietnamnet.vn/tech/2008/08/797302