Warning: Detecting a campaign to spread malicious code GandCrab 5.2 into Vietnam via fake email of the Ministry of Public Security
Vietnam Computer Emergency Response Center (VNCERT) has sent a dispatch to member units informing that there is a campaign to distribute malicious code to extort GandCrab 5.2 into Vietnam and Southeast Asian countries. .
Today (March 15), the Vietnam Computer Emergency Response Center (VNCERT) has sent a dispatch to member units to announce that there is a campaign to distribute malicious code GandCrab 5.2. into Vietnam and Southeast Asian countries.
The campaign to spread malicious code GandCrab 5.2 when entering Vietnam spread via phishing email Vietnam Ministry of Public Security with the title 'Go in Vietnam' has attached the file 'documents.rar'.
TipsMake.com's email containing the malicious code GandCrab received.
.Rar file attached to the end of the email
For over a year, GandCrab extortion code has spread globally. GandCrab 5.2 is a new version of this dangerous extortion family.
VNCERT once discovered that version 1.0 and 2.0 of malicious code GandCrab attacked Vietnam in April 2018 and issued a command to coordinate requests of agencies, units and enterprises to prevent malicious server connection GandCrab. Currently, VNCERT is still supporting decoding GandCrab version 5.1 and earlier.
If the user opens the mail, unzip and open the malicious attachment that will be activated. It will encrypt the entire user's data and a new file will be generated and instruct the user to pay the ransom to decrypt the data. The ransom is paid via electronic currency and is priced from 400 USD - 1,000 USD.
Malware to extort GandCrab 5.2 is distributed via fake email of the Ministry of Public Security of Vietnam.(Photo: VNCERT).
In the new command of coordinated fire rescue coordination, VNCERT Center requires the management units to monitor and prevent connections to servers that control the extortion of GandCrab malicious code and update the systems. Protection systems such as IDS / IPS, Firewall . according to the identification information in the table below to prevent and prevent the attack of malicious code GandCrab 5.2 in Vietnam.
List of servers controlling GandCrab 5.2 extortion code and list of hash codes to monitor and prevent connections.
The dispatch also stated that if detected, it is necessary to quickly isolate the detected area / machine.
In order to prevent malicious code GandCrab 5.2, users need to improve their vigilance. Do not open and click links, .doc, .pdf, .zip, rar . attachments in emails sent from strangers or emails with strange titles sent from acquaintances. If detected or in doubt, please notify the system administration department.
You should read it
- Warning: GandCrab extortionist code is attacking Vietnam
- Warning: New extortion code GandCrab is attacking Vietnamese Internet users
- Warning: Dangerous new malicious code spills over to Vietnam
- The official GandCrab 5.2 decoder was released, ending a bad nightmare called GandCrab Ransomeware
- Lukitus Guide to preventing extortion malicious code
- Shade ransomware, the nightmare of 5 years ago is showing signs of returning
- GandCrab blackmail extinguished after earning $ 2.5 billion worldwide
- GIBON extortion code spread through spam
- How to handle the emergency WannaCry malicious code from the National Information Security Department
- Appearing dangerous Android malicious code specializing in stealing chat content on Facebook Messenger, Skype ...
- After WannaCry, Petya's 'extortion' malicious code is raging, this is a remedy to prevent
- Discover a new kind of malicious code that can record the phone call to extort money