Vietnamese Activists Targeted with Malware

According to Google, during the last many months, there has been a tremendous use of politically motivated malicious software to monitor the computers of Vietnamese users as well as to hack into the blogs of activists. The attacks associated with the Vietnamese bot network attempted at silencing protests against bauxite mining inside Vietnam, a significant and sensitive issue charging the nation.

The botnet's C&C (command-and-control) servers utilized a few of the Web domains that were also used in the Chinese attacks against Google during January 2010. However, McAfee, the security vendor, holds the opinion that the Vietnamese bot network isn't involved. According to it, a few files previously understood to have a connection with the Google assaults in fact had a connection with the said Vietnamese bot.

Reportedly, the Vietnamese malicious program started proliferating during late 2009. At that time, hackers invaded the website operated by the Vietnamese Professionals Society, and installed a malicious Trojan program in place of keyboard language software offered by the website to download.

According to Neel Mehta, member of Google Security Team, numerous Web-surfers who downloaded the Vietnamese keyboard driver became infected with the Trojan, which compromised PCs and monitored their users' activities According to the news published by BusinessWeek on March 30, 2010.

Mehta added that although the malicious Trojan wasn't particularly sophisticated, yet it helped in causing damage.

Commenting on this, George Kurtz, CTO of McAfee, said that his firm believed the hackers possibly had political motivations while having an adherence with the Socialist Republic of Vietnam's government, as per the news published by PCWorld on March 31, 2010.

Experts said that users can lessen the danger from the malware if they remain vigilant about the attack. A few anti-virus agencies, in the meantime, have brought in signature solutions capable of detecting the Trojan. Therefore, the researchers recommend certain measures for users to adopt especially if they've become infected with the malware. That is, they must regularly scan their computers with anti-spyware and anti-virus software from authentic purveyors. Further, they must install all operating system and Web-browser updates for making sure that only the most recent editions are in place, the researchers said.

Related article: Vietnam – Nearly 4,000 New Computer Viruses Detected in October 2008

» SPAMfighter News - 4/8/2010