Global cyber attack: Vietnam has had cases of malware infection

There is a global cyber attack going on. The ransomware Wanna Crypt0r has infected more than 100,000 computers in 74 countries around the world in just a few hours.

Exploiting the EthernalBlue vulnerability. (Source: Whitehat)

The latest announcement from Bkav Cyber ​​Security Company on the Whitehat forum shows that on Saturday morning (May 13), the company's virus monitoring system recorded several cases of malware infection in Vietnam.

Bkav experts also said that this number could continue to increase early next week because today is a holiday and many computers are not turned on.

Wanna Crypt0r attacks victims' computers via email attachments or malicious links, like other ransomware strains. However, this malware has the added ability to infect peer-to-peer computers. Specifically, Wanna Crypt0r will scan all computers on the same network to find devices containing the EternalBlue vulnerability of the SMB service (on Windows operating systems). From there, the malware can spread to vulnerable computers without requiring users to directly interact with attachments or malicious links.

Bkav experts said that it has been a long time since a virus has spread widely over the Internet, combined with exploiting vulnerabilities to spread in LANs. Similar viruses in the past were mainly used by hackers to "score points" and not for direct destruction or money-making purposes. Wanna Crypt0r can be classified as the most dangerous because it spreads quickly and is highly destructive.

A figure released by Bkav's monitoring system in 2016 showed that up to 16% of the circulating emails spread ransomware. Thus, for every 10 emails received, users will encounter 1.6 emails containing ransomware. The company as well as many other security experts believe that 2017 will witness an explosion of ransomware.

According to Mr. Vu Ngoc Son, Vice President in charge of Anti-Malware at Bkav, the infection pattern of Wanna Cprypt0r malware is not new, but it shows that the trend of exploiting new vulnerabilities to attack and make money will continue to be used by hackers in the near future, especially operating system vulnerabilities.

Bkav also recommends that users update the patch as soon as possible and urgently back up important data on their computers.

In addition, users should open text files received from the Internet in the Safe Run isolation environment and install permanent anti-virus software on their computers for automatic protection./.

According to Vietnam+