JavaScript is off. Please enable to view full site.

Website of Vietnam’s Co-opBank hit by hack, $100,000 ransom

Tuesday, October 16, 2018, 10:40 GMT+7
Website of Vietnam’s Co-opBank hit by hack, $100,000 ransom
A screenshot of the home page of Co-op Bank's website.

A hacker claimed to have compromised the system of a Vietnamese bank and is demanding a US$100,000 ransom, otherwise they will reveal personal data of more than 275,000 customers stolen in the hack.

On Saturday night, customers visiting the website of the Co-operative Bank of Vietnam (Co-op Bank) at the address http://co-opbank.vn/ were greeted with an English message “Hacked by Sogo Nakamoto.”

The message claimed that the hacker has a full database of online banking users as well as the Web Host Manager (WHM) of the credit institution.

The hacker threatened to release personal information for over 275,000 customers of the bank unless the lender pays a $100,000 ransom for its safe return.

Or the bank could choose to ransom 10,000 online banking accounts accepting ACH (automated clearing house) transfer with $10,000.

The payment should be made in cryptocurrencies such as Bitcoin or Bitcoin Cash.

Tran Dinh Quoc, a software security specialist in Hanoi, commented that “the information the hacker left means that the Co-op Bank website has been hacked, but the level of impact depends on the security system of the bank.”

“It is currently not possible to identify what kind of user data that the hacker mentioned include, and whether it is actually stolen,” Quoc said.

According to the expert, the Vietnam Co-operative Bank website employs WordPress, a free, open source content publishing system, which is popular in the world.

However, this system has long been reported many security-related issues.

The vulnerability that hacker exploited on the Co-op Bank website may have been xmlrpc.php, which has been warned for years, not to mention that the bank's WordPress version is not the latest, according to Quoc.

Another software security expert in Ho Chi Minh City assessed that “it is not professional for the website of a bank to use WordPress.”

According to the expert, hackers wanted to receive the ransom in Bitcoin or Bitcoin Cash to ensure their anonymity as this payment method does not require the identity of recipients.

Addressing the issue, Co-op Bank’s deputy CEO Nguyen Thac Tam told news website VnExpress that “the webpage that hackers attacked is only an extra page of the bank’s website, a mere information portal storing no customer database in general.”

“The important database of the bank is saved on another independent system. And currently, we also have yet to offer Internet Banking service,” the CEO added.

The website of Co-op Bank at http://co-opbank.vn/ returned to normal operation, with the hacker’s notice taken down, according to a test visit by Tuoi Tre News on Tuesday.

Like us on Facebook or follow us on Twitter to get the latest news about Vietnam!

Bao Anh / Tuoi Tre News

More

Read more

;

Photos

VIDEOS

Experience summer sand-boarding in Mui Ne

Sand-boarding, a popular activity amongst local children in the coastal tourism town of Mui Ne in south-central Vietnam, is attracting hundreds of tourists to the Red Sand Dunes

Young maple trees given better protection as Hanoi enters rainy season

The trees are currently growing well, with green leaves and healthy branches.

Hunting skinks for food in southern Vietnam

Skink meat is known to be soft, tasty, and highly nutritious.

Vietnamese-made app allows people to grow real veggies via smartphone

Nguyen Thi Duyen, a young engineer in Hanoi, developed the app and its related services to help busy people create their own veggie gardens.

Chinese tourists hit by Vietnamese over dine and dash

Four Chinese were reportedly injured, with one having a broken arm.

Latest news