-F1, Vietnam Today

Vietnamese hackers target EFF staffers, journalist in phishing attack

ARS Technica
20/01/2014

Malware part of a campaign to spy on, silence bloggers and other critics.

January 20, 2014

by Sean Gallagher

The Electronic Frontier Foundation has published details of an attempted malware attack on two of its employees by a group of hackers associated with the Vietnamese government. The hacker group, known as Sinh Tử Lệnh, has targeted Vietnamese dissidents and bloggers in the past; it now appears that the campaign has been extended to attacks on US activists and journalists who publish information seen as critical of the Vietnamese government.

The Vietnamese government has gone after bloggers in its own country before, and as of last year it had jailed 18 independent journalists—bloggers being the only journalists in the country not affiliated with state-run media. And since 2009, the hacker group has taken that campaign beyond Vietnam’s borders, targeting members of the Vietnamese diaspora critical of the Hanoi regime.

In December, two staff members of the EFF received e-mails from someone claiming to be from Oxfam International, inviting them to “Asia Conference.” The e-mail, from a Gmail address for “Andrew Oxfam,” appeared to have been sent to a list and included links to two documents that appeared to be information on the conference shared over Google Drive.

But both links were actually to the same HTML application—one that wrote a Microsoft Word document and a Windows executable onto the users’ local drive. When either file was opened, the dropped package installed some malware and made changes to the Windows registry. One of the installed files is integrated into the Windows user shell (explorer.exe) and starts an outbound Internet connection (using port 443) to start communicating with a command-and-control server.

The same malware was sent to an AP reporter in November, disguised as a Vietnam human rights white paper. Similar malware has also been used against Vietnamese dissident bloggers, including a prominent Vietnamese pro-democracy blogger in California whose blog login and personal information were exposed. “It appears that a single blog post is enough to make you a target for Vietnamese spying,” EFF Global Policy Analyst Eva Galperin and University of Toronto Citizen Lab security researcher Morgan Marquis-Boire wrote in their post on the attack.

Source: ARS Technica

LATEST ARTICLES

Vietnam: A Half Century Of Backwardness And The Path Forward

Viet Tan February 23, 2025

Half a century after the war and following three decades of integration, Vietnam has seen economic growth but our overall development remains behind the advanced countries in the region. Without sustainable and comprehensive development, Vietnam is at risk of falling further behind.

Internet Freedom Campaign

Viet Tan February 20, 2025

Vital to Vietnam’s development, the Internet has the power to transform Vietnamese society; in many ways it already has. In the absence of an independent media, citizens have turned to the Internet to follow the news and debate national issues.

Fleeing My Homeland but Unable to Escape Repression !

Nguyen Van Trang February 18, 2025

My name is Nguyễn Văn Tráng, a human rights defenderwanted by the Vietnamese government. As a democracy activist in Vietnam, I spent five years living in constant fear of being hunted down. I thought that fear would subside once I fled the country. I believed I would be safe—or at least safer. But I was wrong.

Chris MacLeod pays tribute to Y Brec Bya

Chris MacLeod December 16, 2024

Y Krec has exhibited personal bravery in the face of horrific persecution. Not just against himself but against his community. He has been jailed multiple times simply for practicing his faith outside of government control.

With members inside Vietnam and around the world,
Viet Tan aims to establish democracy
and reform the country through peaceful means.

© Copyright 2018 | Viet Tan