Detecting APT attack campaign on important national infrastructure on Tet holiday

Recently, hackers' intentional attack (APT) campaign for the purpose of stealing important information aimed at bank information systems and hosting the national important infrastructure information system was discovered by Vietnam Computer Emergency Response Center (VNCERT) under the Ministry of Information and Communications.

According to VNCERT, hackers have learned thoroughly about the attacker before making these targeted attacks. To bypass the information security protection system of the information systems of the bank and organize the management of important national infrastructure information system, hackers have carried out fraud and fraudulent procedures. with high technical measures. This makes attacks more difficult to detect, helping hackers maintain control of the information system.

The main purpose of hackers is to gain user control, then through it to attack internal computer systems to steal important information.

In the evening of January 31, 2019, VNCERT Center issued an order to regulate the fire, requiring nearly 200 member units of the National Emergency Response Network to implement measures to promptly detect and prevent war. translated on.

Specifically, the network member units are recommended to monitor and prevent connection to C&C servers with the following domain names and IP addresses:

Dangerous malicious files and folders can steal information and destroy information systems with corresponding signs to be removed, including:

See more:

1. Strange ransomware detection only attacks the rich
2. Warning: New extortion code GandCrab is attacking Vietnamese Internet users
3. 'Scoring' tool to prevent network attacks for free