A hacker claimed to have compromised the system of a Vietnamese bank and is demanding a US$100,000 ransom, otherwise they will reveal personal data of more than 275,000 customers stolen in the hack.
On Saturday night, customers visiting the website of the Co-operative Bank of Vietnam (Co-op Bank) at the address http://co-opbank.vn/ were greeted with an English message “Hacked by Sogo Nakamoto.”
The message claimed that the hacker has a full database of online banking users as well as the Web Host Manager (WHM) of the credit institution.
The hacker threatened to release personal information for over 275,000 customers of the bank unless the lender pays a $100,000 ransom for its safe return.
Or the bank could choose to ransom 10,000 online banking accounts accepting ACH (automated clearing house) transfer with $10,000.
The payment should be made in cryptocurrencies such as Bitcoin or Bitcoin Cash.
Tran Dinh Quoc, a software security specialist in Hanoi, commented that “the information the hacker left means that the Co-op Bank website has been hacked, but the level of impact depends on the security system of the bank.”
“It is currently not possible to identify what kind of user data that the hacker mentioned include, and whether it is actually stolen,” Quoc said.
According to the expert, the Vietnam Co-operative Bank website employs WordPress, a free, open source content publishing system, which is popular in the world.
However, this system has long been reported many security-related issues.
The vulnerability that hacker exploited on the Co-op Bank website may have been xmlrpc.php, which has been warned for years, not to mention that the bank's WordPress version is not the latest, according to Quoc.
Another software security expert in Ho Chi Minh City assessed that “it is not professional for the website of a bank to use WordPress.”
According to the expert, hackers wanted to receive the ransom in Bitcoin or Bitcoin Cash to ensure their anonymity as this payment method does not require the identity of recipients.
Addressing the issue, Co-op Bank’s deputy CEO Nguyen Thac Tam told news website VnExpress that “the webpage that hackers attacked is only an extra page of the bank’s website, a mere information portal storing no customer database in general.”
“The important database of the bank is saved on another independent system. And currently, we also have yet to offer Internet Banking service,” the CEO added.
The website of Co-op Bank at http://co-opbank.vn/ returned to normal operation, with the hacker’s notice taken down, according to a test visit by Tuoi Tre News on Tuesday.