YM messages with content inviting to see pictures taken sneakily in Mai Phuong Thuy appear full of computer screens in the morning of October 6 ( Source: VNN )
According to initial research, this virus was distributed from free subdomains by a domain and hosting service provider at http.vn. Some recent internal viruses are regularly distributed via free subdomains like http.vn, vnn.bz , geocities.co .
An official of the National Computer Incident Response Center (VNCERT) said that after receiving information about this virus, VNCERT had an immediate response by sending an official dispatch to 6 major ISPs in Vietnam. requires an Internet address block containing a virus to prevent infection.
VNCERT also recommends that domain and hosting service providers should regularly control the content of pages using the service to prevent malicious code spreading towards the domestic Internet community.
VNCERT also said that after requesting Hanoi University of Technology's Network Security Center to verify and confirm that this new virus is capable of automatically deleting all Word files (.doc files) and Excel (.xls). ), VNCERT immediately implemented the above coordination activities with ISPs to prevent the spread of harm and recommends that users do not click on links attached to the content mentioned in the article.
According to statistics, there have been new links containing viruses every 2 weeks, even though BKIS has announced that 10 objects have been found to be the culprits for spreading internal viruses.
While the remedial measures have not proved effective, many people ask why Vietnamese authorities do not directly contact Yahoo service providers to take measures. Thorough prevention?
Answering this question, VNCERT representative said they had a plan to contact Yahoo to add more functions to YahooMessenger to automatically block links to spread viruses or for users to install additional blocking tools. can. However, the Yahoo side has not yet had official response information.
Even if we have a comprehensive solution, we still recommend users to raise their awareness of participating in online activities to minimize the risk of virus attacks.
VietNamNet has listed some new YM virus links that have appeared in about two weeks now (please note that readers do not try to access these links because there may still be viruses):
www.nuhondau.nhacvn.org
http://www.geocities.co.jp/thanatos18388
http://thptnguyengiathieu.com
http://www.stb.tsukuba-ac.jp/thuviennhacbn1/index.html
http://www33.websamba.com/xomnuocden/dungdedoi.html
http://kyniemmoitinh.com
http://members.lycos.co.uk/freesoftvn/audition1.txt
http://hoadongnoi.biz
http://66.98.138.31/~kfc/giaitri/thugian1ti.html
http://vnnnn.com
http://www33.websamba.com/xomnuocden/dungdedoi.html
http://quatangtraitim.us.tf
According to the latest information, the BKIS Center has updated the latest version of BKAV to be removed by the YM virus, implying the image of Mai Phuong Thuy. When running BKAV, you need to start Windows in Safe Mode.
The Phong