Facebook tracks hackers to HCM City

Cybersecurity investigators at Facebook have traced a hacking group long suspected of spying on behalf of the Vietnamese government to an IT company in Ho Chi Minh City.

Yesterday’s announcement was the first time Facebook has publicly exposed an offensive hacking operation and, if confirmed, would be a rare case of suspected state-backed cyberspies being tracked to a specific organisation.

The hackers, known as OceanLotus or APT32, have been accused for years of spying on political dissidents, businesses and foreign officials.

Facebook said it had found links between cyberattacks previously attributed to OceanLotus and a Vietnamese company called CyberOne Group, which lists an address on a sidestreet in a commercial district of Ho Chi Minh City.

CyberOne Group denied being connected to the hackers.

“We are NOT Ocean Lotus. It’s a mistake, ” a person operating the company’s now-suspended Facebook page said when contacted.

Vietnam’s Foreign Ministry, which handles enquiries from international media, did not immediately respond to a request for comment. The ministry has previously denied connections to OceanLotus attacks.

Facebook said the hackers had used its platforms to carry out a range of cyberattacks, some of which employed fake accounts to trick targets by posing as activists, businesses and possible love interests.

Facebook’s head of cybersecurity policy Nathaniel Gleicher said his team had found technical evidence that linked CyberOne’s Facebook page to accounts used in the hacking campaign, as well as to other OceanLotus attacks.

He declined to detail the exact evidence, saying to do so would make the group more difficult to track in the future.

But he said it included online infrastructure, malicious code, and other hacking tools and techniques.

Ben Read, a senior manager at cybersecurity firm FireEye, said OceanLotus had been active since at least 2013 and had “all the hallmarks of a substantial state-backed organisation acting in support of Vietnamese government”.

In Vietnam, Facebook is navigating a standoff with government officials who have threatened to ban it if it does not agree to censorship demands.

It was reported in April that Facebook had complied with a government request to increase its censorship of “anti-state” posts after its servers in Vietnam were taken offline, slowing traffic there to a crawl. — Reuters

Article type: metered
User Type: anonymous web
User Status:
Campaign ID: 1
Cxense type: free
User access status: 3

Did you find this article insightful?


Next In Aseanplus News

Asia markets tumble as rate hike fears take hold
Seoul may elect first female mayor as scandal stirs President Moon's party
Asean News Headlines as at 7pm on Thursday (Feb 25) Asean News Headlines as at 7pm Thursday (Feb 25)
Court suspends construction contract of Malaysian firm for Thai-Chinese railway
Russian diplomats push their way home with handcar out of N. Korea
China state media says Biden's early policy 'smacks of Trumpism'
A million people have registered for Covid-19 vaccine via MySejahtera, says Khairy
Thai PM says meeting with Myanmar's military envoy not 'endorsement'
Britain imposes more sanctions as Myanmar sees fresh clashes
Govt to protect maids against ‘evil’

Stories You'll Enjoy