Global cyber attack: Vietnam has had cases of malware infection

There is a global cyber attack going on. The Wanna Crypt0r ransomware has infected more than 100,000 computers in 74 countries around the world in just a few hours.

Exploiting the EthernalBlue vulnerability. (Source: Whitehat)

The latest announcement from Bkav Cyber ​​Security Company on the Whitehat forum shows that on Saturday morning (May 13), the company's virus monitoring system recorded several cases of malware infection in Vietnam.

Bkav experts also said that this number could continue to increase early next week because today is a holiday and many computers are not turned on.

Wanna Crypt0r attacks the victim's computer via email attachments or malicious links, like other ransomware strains. However, this malware has the added ability to infect peer-to-peer computers. Specifically, Wanna Crypt0r will scan all computers on the same network to find devices containing the EternalBlue vulnerability of the SMB service (on Windows operating systems). From there, the malware can spread to vulnerable computers without the user having to directly manipulate the attachment or malicious link.

Bkav experts said it has been a long time since a virus has spread widely over the Internet, combined with exploiting vulnerabilities to infect LANs. Similar viruses in the past were mainly used by hackers to "score points" and not to directly destroy or make money. Wanna Crypt0r can be classified as the most dangerous because it spreads quickly and is extremely destructive.

A figure released from Bkav's monitoring system in 2016 shows that up to 16% of circulating emails spread ransomware. Thus, for every 10 emails received, users will encounter 1.6 emails containing ransomware. The company as well as many other security experts predict that 2017 will witness an explosion of ransomware.

According to Mr. Vu Ngoc Son, Vice President in charge of Anti-malware at Bkav, the infection pattern of Wanna Cprypt0r malware is not new, but it shows that the trend of exploiting new vulnerabilities to attack and make money will be used more by hackers in the near future, especially operating system vulnerabilities.

Bkav also recommends that users update the patch as soon as possible and urgently back up important data on their computers.

In addition, users should open text files received from the Internet in the Safe Run isolated environment and install anti-virus software on their computers for automatic protection./.

According to Vietnam+