Discovering a large-scale APT attack into Vietnam, users need to quickly download the malicious tool

Recently, the Department of Information Security has discovered a large-scale targeted attack (APT) campaign taking place in Vietnam's cyberspace. The host of this attack is located outside of Vietnam. The objective of this APT attack campaign is to spread malicious code into the information systems of Government agencies and to the national important national information infrastructure system of our country.

This morning (October 30, 2019), the Department of Information Security issued an order to coordinate and rescue incidents to specialized IT units, agencies, organizations, enterprises, etc. removed malicious files of the targeted attack (APT) campaign.

Discovering a large-scale APT attack into Vietnam, users need to quickly download the malicious tool Picture 1

According to the Department of Information Security, this targeted attack campaign (APT) has now infected more than 400,000 IP addresses in Vietnam.

The agency also recommends that users urgently download this malicious code-checking and removal tool built and provided by the Department according to the link below.

 http://remove-apt.vnpt.vn/download/tools/incident-response-v1.0.exe 

For agencies, organizations, businesses and the Information Security Department, it is recommended that measures should be urgently implemented to monitor and monitor connections to malicious server control according to the list provided by the Information Security Department. summarize in the table below and instruct users, customers to download scanning tools, remove malicious code of APT campaign on ais.gov.vn, vncert.vn.

Discovering a large-scale APT attack into Vietnam, users need to quickly download the malicious tool Picture 2

Discovering a large-scale APT attack into Vietnam, users need to quickly download the malicious tool Picture 3

Discovering a large-scale APT attack into Vietnam, users need to quickly download the malicious tool Picture 4

The malicious code used by the hacker group during the large-scale APT attack was emphasized as particularly dangerous with more than 16 variants, so the Department of Information Security requested units to send a love report. infection and treatment results (if any) to the Department before November 5, 2019.

This malware is mainly spread by deceiving users into clicking the word (.doc) file attached to an email. The purpose of hackers is to steal information, mobilize infected computers into a computer network to attack DDoS on large systems, perform escalating attacks on critical information systems. .

According to experts' recommendations, to prevent the spread of malicious malware on purpose of APT's attacks, users should pay attention to:

1. Be careful when opening emails, especially 'strange' emails.
2. When suspecting mail has malware installed, never open the attachment.
3. It is necessary to quickly download and run APT's anti-malware scanning and removal tool at the website of the Information Security Department at ais.gov.vn.

New malware using web application has turned into a source of attack, very difficult to detect

Chinese hackers use fingerprints on glass to crack smartphones