Accordingly, the Authority of Information Security discovered a new APT attack from a server outside of Vietnam aiming at information systems in state offices and critical information infrastructure in the country.
Therefore, it immediately put in a request for all related organizations to strictly monitor connections to foreign servers that are releasing malware in order to timely stop these links. The Authority has already published a list of these servers.
All state offices, organizations, and businesses should instruct their customers or users to download the tool provided by the Authority in the web addresses of ais.gov.vn or vncert.vn to properly scan and kill this malware.
These organizations are also asked to send their report on infection status and handling processes to the Authority of Information Security before November 5.
According to the Deputy Head of this Authority, the attack comes from a well-organized foreign team, and the malware released this time is extremely dangerous. It has already attacked many state offices as well as individual users nationwide.
Until now, more than 400,000 IP addresses are identified as infected by the malware with its 16 versions. It mainly attacks victims via an attached MSWord document in an email.
Besides stealing victims’ sensitive information, the malware is able to use the infected computer to attack others, creating a network to form a Distributed Denial of Service (DDoS) attack to complicated and critical systems.
Therefore, network users are advised to carefully verify information before clicking any attached files sent along with emails at the moment. They are recommended to visit the formal website of the Authority of Information Security at ais.gov.vn to download a tool to scan and kill this serious malware.