VietNamNet Bridge – Representatives of PAvietnam said over half of the domain names that were deactivated in the morning on July 29 are operational again. However, many clients still can’t contact PAvietnam.

Most of the recovered websites bear international domain names .com, .net, .infor, etc., not national domain names like .vn, .com.vn.

PAvietnam is trying to contact its parent company, Enom in the US, to take back three significant domain names that it lost, .net., .com, dotvndns.com. The homepage of PA was temporarily locked for checking. PAvietnam has asked the police, the HCM City Department of Information and Communications and the Vietnam Computer Emergency Response Team to deal with this case.

PAvietnam said around over 2,000 websites were affected by the incident, which started on July 27.

Huynh Viet Phuong, Director of PAVietnam, said this incident occurred because the domain name system (DNS) couldn’t analyse IP so email and websites couldn’t run, but data is safe. The owners of the websites that are still being hacked can fix their pages by logging into the domain administration page to put in their IP address, instead of logging in via the domain name system (DNS) server.

Tran Quoc Trung, Director of Mai Nguyen Mobile Technology Company, the owner of muabandtdd.com, said his website also uses DNS service of PAVietnam and because of the hacking, connections to muabandtdd.com and raovatdtdd.com were redirected to beyeu.vn, but the websites had returned to operating normally.

Connections to an online market, 5giay.com, were also redirected to Yahoo and Google but Internet users currently can access this website via a sub-domain name provided by PAVietnam. However, the number of visitors to this website has fallen by one-sixth compared to before.

Many clients of PAVietnam are not as lucky as 5giay.com or raovatdtdd.com because they haven’t been able to contact PAVietnam to fix their problems.

The manager of a company which has two domain names at PAVietnam said his website was hacked and nearly hundreds of employees haven’t been able to work since late last week because the firm hasn’t been able to contact PAvietnam.

On some online forums, some people say they are clients of PAvietnam and are disappointed with this firm’s service because they couldn’t reach the service provider when the incident happened.

According to experts, in principle, DNS servers of .vn domain name service providers must use .vn domain name to ensure security but PAvietnam uses international domain names .com and .net, which enables hackers to steal passwords.

Tran Minh Tan, Deputy Director of the Vietnam Network Information Centre, said the centre has warned businesses not to use overseas DNS servers because the centre can’t intervene, as in the case of PAvietnam.

Tan said after this case, the centre will tighten regulations on domain name service providers by forcing them to use .vn domain name for their official websites and DNS server with .vn domain name to provide services for clients.

After sneaking into the domain server, the hackers changed the password, according to Nguyen Tu Quang, director of Bach Khoa Internet Securities Center. Later, they changed its international server from Encom.com to onlinenic.com and set the administration function for this new server. The IP hosting address of PA Vietnam was changed to 74.200.202.215.
The hacking was done by residents of Vietnam, Quang said. The hackers changed codes to redirect users to receive Vietnamese websites, but not international websites.

After repairing the server, the network engineers recognised that only the domain names which end with generic top-level domain extensions were being hacked, not those that end with “.vn,” the country code top-level domain extension.
Small- and medium-size enterprises should use “.vn” domain names as these domain names are protected by Vietnamese law and by the Vietnam Internet Network Information Centre, Quang said. If these sites are hacked, the centre can immediately resolve the issue because the hosting server is located in Vietnam.
Larger enterprises can use generic domain names, but they need to pay more attention to network security.