New Computer Trojan Targeting Anti-Communist Vietnamese Bloggers

According to the researchers at the security firm, SecureWorks, a new family of the computer Trojan horse programs is being employed to suppress political opposition against the Vietnamese Communist Party.

According to SecureWorks, the computer Trojan named Vecebot is a new malware family and has been associated to denial of service (DDoS) attacks against bloggers who have posted critical comments against the ruling Communist Party and Chinese mining operations in the nation, as reported by ThreatPost on October 29, 2010.

According to the analysis, targets of the Vecebot botnet were estimated somewhere between 20,000-30,000 hosts. These hosts included some of the famous blogs and online forums of Vietnam. Further, as per the analysis, the launch of Vecebot might have been synchronized with the "Vietnam Blogger Day" on October 19, 2010, an online civil action to commemorate the launch of a blogger and political detainee who exploited the name Dieu Cay.

On the contrary, Cay was not released from the jail. SecureWorks wonders that the attacks on the anti-Communist party may be an effort to suppress potential criticism regarding his further detainment by the Vietnam government.

Commenting on the whole issue, Joe Stewart, Director of malware Research at SecureWorks Counter Threat Unit stated that, though employing a computer network to compromise websites is quite common, the recent attack is more specifically targeted than most, as reported by BusinessWeek on October 28, 2010. He further added that the strikes indicate that, there is an increasing trend to employ these attacks to propagate a political message, instead of extorting money, which has been done in rest of the world.

Stewart was pointing towards the politically provoked DDoS attacks that are being carried out by the 'Black Energy Botnet' against political websites in Brazil.

Finally, Stewart noted that, DDoS attacks and other types of cyber attacks into some of these similar anti-communist blogging websites and forums also cropped up during January - February 2010, as reported by darkreading on 29, October 2010. Those attacks were executed by a botnet called Vulcanbot, which was originally assumed to be a part of the Aurora attacks against Google, though this belief was rejected later on.

Related article: New Zealand Releases Code To Reduce Spam

» SPAMfighter News - 11/8/2010