Vulcanbot

Last updated

Vulcanbot is the name of a Trojan botnet predominantly spread in Vietnam, apparently with political motives. It is thought to have started spreading in late 2009.

The botnet began to spread after the website of the Vietnamese Professionals Society (vps.org) was hacked and the legitimate Vietnamese keyboard driver VPSKeys hosted on the site was replaced with a backdoored version. Google posted on its blog that it believed the botnet thus created was used predominantly to DDoS bloggers critical of the bauxite mining in Vietnam, thus making it a politically motivated attack. McAfee compared it to Operation Aurora, which was also active in 2009, but found it to be unrelated. [1] Approximately 15,000 computers were infected. Since the government of Vietnam was also seeking to suppress criticism in 2010, it was suggested that it was government-backed. [2]

Related Research Articles

Demographics of Vietnam

This article is about the demographic features of the population of Vietnam, including population density, ethnicity, education level, health of the populace, economic status, religious affiliations and other aspects of the population.

Denial-of-service attack Cyber attack disrupting service by overloading the provider of the service

In computing, a denial-of-service attack is a cyber-attack in which the perpetrator seeks to make a machine or network resource unavailable to its intended users by temporarily or indefinitely disrupting services of a host connected to the Internet. Denial of service is typically accomplished by flooding the targeted machine or resource with superfluous requests in an attempt to overload systems and prevent some or all legitimate requests from being fulfilled.

Timeline of computer viruses and worms computer malware timeline

This timeline of computer viruses and worms presents a chronological timeline of noteworthy computer viruses, computer worms, Trojan horses, similar malware, related research and events.

Vietnam Country in Southeast Asia

Vietnam, officially the Socialist Republic of Vietnam, is a country in Southeast Asia. Located at the eastern edge of mainland Southeast Asia, it covers 311,699 square kilometres. With a population of over 96 million, it is the world's fifteenth-most populous country. Vietnam borders China to the north, Laos and Cambodia to the west, and shares maritime borders with Thailand through the Gulf of Thailand, and the Philippines, Indonesia, and Malaysia through the South China Sea. Its capital is Hanoi and its largest city is Ho Chi Minh City (Saigon).

Vietnamese Americans are Americans of Vietnamese ancestry. They make up about half of all overseas Vietnamese and are the fourth-largest Asian American ethnic group after Chinese Americans, Filipino Americans, and Indian Americans. There are 2.2 million people of Vietnamese descent residing in the U.S.

Linux malware includes viruses, Trojans, worms and other types of malware that affect the Linux operating system. Linux, Unix and other Unix-like computer operating systems are generally regarded as very well-protected against, but not immune to, computer viruses.

Bagle was a mass-mailing computer worm affecting Microsoft Windows. The first strain, Bagle.A, did not propagate widely. A second variant, Bagle.B, was considerably more virulent.

Zombie (computing) Network connected computer that has been compromised and is used for malicious task without the owner being aware of it

In computing, a zombie is a computer connected to the Internet that has been compromised by a hacker via a computer virus, computer worm, or trojan horse program and can be used to perform malicious tasks under the remote direction of the hacker. Zombie computers often coordinate together in a botnet controlled by the hacker, and are used for activities such as spreading e-mail spam and launching distributed denial-of-service attacks against web servers. Most victims are unaware that their computers have become zombies. The concept is similar to the zombie of Haitian Voodoo folklore, which refers to a corpse resurrected by a sorcerer via magic and is enslaved to the sorcerer's commands, having no free will of its own. A coordinated DDoS attack by multiple botnet machines also resembles a "zombie horde attack", as depicted in fictional zombie films.

Botnet Collection of compromised internet-connected devices controlled by a third party

A botnet is a number of Internet-connected devices, each of which is running one or more bots. Botnets can be used to perform Distributed Denial-of-Service (DDoS) attacks, steal data, send spam, and allow the attacker to access the device and its connection. The owner can control the botnet using command and control (C&C) software. The word "botnet" is a portmanteau of the words "robot" and "network". The term is usually used with a negative or malicious connotation.

VPSKeys is a freeware input method editor developed and distributed by the Vietnamese Professionals Society (VPS). One of the first input method editors for Vietnamese, it allows users to add accent marks to Vietnamese text on computers running Microsoft Windows. The first version of VPSKeys, supporting Windows 3.1, was released in 1993. The most recent version is 4.3, released in October 2007.

Việt Tân Political reform organization

The Vietnam Reform Revolutionary Party or the Việt Tân is a network of members inside Vietnam and around the world, that aims to establish liberal democracy and reform Vietnam through peaceful and political means.

Torpig, also known as Anserin or Sinowal is a type of botnet spread through systems compromised by the Mebroot rootkit by a variety of trojan horses for the purpose of collecting sensitive personal and corporate data such as bank account and credit card information. It targets computers that use Microsoft Windows, recruiting a network of zombies for the botnet. Torpig circumvents antivirus software through the use of rootkit technology and scans the infected system for credentials, accounts and passwords as well as potentially allowing attackers full access to the computer. It is also purportedly capable of modifying data on the computer, and can perform man-in-the-browser attacks.

Storm botnet Computer botnet

The Storm botnet or Storm worm botnet is a remotely controlled network of "zombie" computers that have been linked by the Storm Worm, a Trojan horse spread through e-mail spam. At its height in September 2007, the Storm botnet was running on anywhere from 1 million to 50 million computer systems, and accounted for 8% of all malware on Microsoft Windows computers. It was first identified around January 2007, having been distributed by email with subjects such as "230 dead as storm batters Europe," giving it its well-known name. The botnet began to decline in late 2007, and by mid-2008 had been reduced to infecting about 85,000 computers, far less than it had infected a year earlier.

Internet censorship in Vietnam prevents access to websites critical of the Vietnamese government, expatriate political parties, and international human rights organizations, among others or anything the Vietnamese government does not agree with. Online police reportedly monitor Internet cafes and cyber dissidents have been imprisoned. Vietnam regulates its citizens' Internet access using both legal and technical means. The government's efforts to regulate, monitor, and provide oversight regarding Internet use has been referred to as a "Bamboo Firewall". However, citizens can usually view, comment and express their opinions civilly on the internet, as long as it does not evoke anti-government movement, political coup and disrupt the social stability of the country.

Srizbi BotNet is considered one of the world's largest botnets, and responsible for sending out more than half of all the spam being sent by all the major botnets combined. The botnets consist of computers infected by the Srizbi trojan, which sent spam on command. Srizbi suffered a massive setback in November 2008 when hosting provider Janka Cartel was taken down; global spam volumes reduced up to 93% as a result of this action.

Bauxite mining in Vietnam

According to the United States Geological Survey, Vietnam is estimated to hold the world's third-largest bauxite ore reserves, after Guinea and Australia. The majority of Vietnam's reserves are located in the Central Highlands and have only been minimally mined. Bauxite is typically strip mined and is used to produce aluminum. According to estimates by Vietnam's Ministry of Industry and Trade, Vietnam's reserves in the Central Highlands amount to 5.4 billion tons. Despite its large reserves, Vietnam produces only 30,000 tons of bauxite per year.

Avalanche was a criminal syndicate involved in phishing attacks, online bank fraud, and ransomware. The name also refers to the network of owned, rented, and compromised systems used to carry out that activity. Avalanche only infected computers running the Microsoft Windows operating system.

The Mariposa botnet, discovered December 2008, is a botnet mainly involved in cyberscamming and denial-of-service attacks. Before the botnet itself was dismantled on 23 December 2009, it consisted of up to 12 million unique IP addresses or up to 1 million individual zombie computers infected with the "Butterfly Bot", making it one of the largest known botnets.

The Asprox botnet, also known by its aliases Badsrc and Aseljo, is a botnet mostly involved in phishing scams and performing SQL injections into websites in order to spread malware. It is a highly infectious malware which spreads through an email or through a clone website. It can be used to trace any kind of personal or financial information and activities online.

Censorship in Vietnam is pervasive and is implemented by the Communist Party of Vietnam in relation to all kinds of media – the press, literature, works of art, music, television and the Internet. In its 2018 World Press Freedom Index, Reporters Without Borders ranked Vietnam as 175 out of 180 countries. Similarly, Freedom House's 2017 Freedom on the Net report classifies Vietnam as "not free" in relation to the Internet, with significant obstacles to access, limits on content and violations of user rights.

References

  1. "Google frets over Vietnam hacktivist botnet". The Register. 2010-03-31. Retrieved 2018-02-13.
  2. Lolita C. Baldor (2010-10-28). "Computer attack hits dissidents in Vietnam". Boston.com. AP. Retrieved 2018-02-13.