Security Experts:

Connect with us

Hi, what are you looking for?



Notorious Vietnamese Hacker Turns Government Cyber Agent

At the height of his career, Vietnamese hacker Ngo Minh Hieu made a fortune stealing the personal data of hundreds of millions of Americans.

Now he has been recruited by his own authoritarian government to hunt, he says, the kind of cyber criminal he once used to be.

At the height of his career, Vietnamese hacker Ngo Minh Hieu made a fortune stealing the personal data of hundreds of millions of Americans.

Now he has been recruited by his own authoritarian government to hunt, he says, the kind of cyber criminal he once used to be.

After serving seven years in US prisons for stealing some 200 million Americans’ personal details, Hieu was sent back to Vietnam, which imposes some of the world’s strictest curbs on online freedom.

Hieu says he has since turned his back on his criminal past.

“I fell to the bottom, now I am trying to climb up again,” the 32-year-old told AFP. 

“Though I don’t earn much now, I have peace instead.”

His transformation, however, is complicated.

Hieu says his new job involves educating Vietnamese citizens about the dangers of the same sort of hacking he perpetrated.

But he is also working on cybersecurity for the government of a one-party state that cracks down ruthlessly on dissent, harassing and arresting people for posting critical opinions online.

‘More, more, more’

Nicknamed HieuPC when he was 12, Hieu was fascinated by computers as soon as he first laid hands on one.

But he was soon racking up $1,000 fines for stealing others’ internet connections for his own personal use.

He began hacking into foreign bank accounts, netting up to $600 a day in high school then using the money to study cybersecurity in New Zealand.

Hieu was forced to return home in 2010 after hacking his university and selling students’ personal information, and his illegal activities spiralled.

In his 20s, he made $100,000 a month hacking and selling some 200 million US social security numbers.

“I was on the top of success. I was over-proud of myself. I wanted more villas, more apartments, more luxurious cars,” Hieu said.

Then, in February 2013, he was lured to the United States in a sting operation and promptly arrested on landing.

‘Fallen to the bottom’ 

“I don’t know of any other cybercriminal who has caused more material financial harm to more Americans than Ngo,” Secret Service agent Matt O’Neill, who executed the plan to catch Hieu, told, a blog dedicated to cybersecurity.

Hieu was initially given a sentence of 45 years, later reduced to 13.

“I had fallen to the bottom, losing everything in my life,” Hieu said. “I thought of hanging myself.”

But he struggled through and was released in 2019, returning to Vietnam in 2020.

The former millionaire now lives in an average apartment in commercial capital Ho Chi Minh City and works at the state-owned National Cyber Security Centre.

“We’re focused on hunting criminals and thwarting cyberattacks,” he said, declining to comment on Vietnam’s increasingly repressive approach to online censorship.

A new cybersecurity law came into effect in 2019 that Amnesty International has warned grants the government “sweeping powers to limit online freedom” and target those who post opinions it dislikes.

The UN Human Rights Council in 2019 criticized the law for imposing “severe restrictions on freedom of expression and opinion”.

Activists and bloggers have been arrested, with some even jailed on charges of spreading propaganda against the state, and Amnesty warned last year that government-linked hackers were targeting rights activists.

Hieu insists that his work as a “threat hunter” is not political but focused on criminal hackers, tracking those who are trying to steal Vietnamese people’s data.

‘Hacking is like a knife’

Roughly 70 percent of Vietnam’s 98 million people use the internet, and cyber threats are rife.

A report by the International Institute for Strategic Studies quoted Microsoft data from 2020 showing Vietnam had the highest rate of ransomware attacks in the Asia-Pacific region.

Hieu travels the country speaking at schools and universities about the importance of cybersecurity, as well as the consequences of data being stolen.

While the government is pushing public awareness, Hieu said many Vietnamese had little understanding of cybercrime.

“Now I still hack, but I hack fraudulent webpages or try to understand data that blackhat hackers are trading online to trace them and find out who they are,” he said.

“Hacking is like a knife, which you may give to someone who wants to use it on something — bad or good.”

RelatedVietnamese Hackers Target Human Rights Defenders: Amnesty

Written By

AFP 2023

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join this webinar to learn best practices that organizations can use to improve both their resilience to new threats and their response times to incidents.


Join this live webinar as we explore the potential security threats that can arise when third parties are granted access to a sensitive data or systems.


Expert Insights

Related Content


Zendesk is informing customers about a data breach that started with an SMS phishing campaign targeting the company’s employees.


The release of OpenAI’s ChatGPT in late 2022 has demonstrated the potential of AI for both good and bad.


Satellite TV giant Dish Network confirmed that a recent outage was the result of a cyberattack and admitted that data was stolen.


The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.

Application Security

PayPal is alerting roughly 35,000 individuals that their accounts have been targeted in a credential stuffing campaign.


No one combatting cybercrime knows everything, but everyone in the battle has some intelligence to contribute to the larger knowledge base.


A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...


As it evolves, web3 will contain and increase all the security issues of web2 – and perhaps add a few more.