Cybersecurity experts warn users to be careful of websites impersonating .gov.vn or .vn. because they pose a high risk of being hacked or scammed.
Recently, Vietnam National Cyber Security Technology Joint Stock Company (NSC) said it has received many requests for assistance from agencies and businesses regarding websites being attacked and having gambling and betting advertising codes inserted.
The danger is that these websites all use https, are certified "officially" by government agencies and large enterprises, but when clicking on the link, they redirect access to the website of an online betting and gambling organization.
According to Mr. Vu Ngoc Son - Technical Director of NSC, through expanded research, NSC found that just by searching on Google with keywords related to betting and gambling, with the option site:.gov.vn or site:.vn, we will easily see countless pages that have been hacked and have advertising links inserted.
This morning (April 10), when checking again, NCS found that some links in Google's cache still showed the update date and time just a few hours ago.
"The common feature of this form of attack is that hackers will take advantage of vulnerabilities to take control of websites and servers, from there inserting advertising links, even installing malicious code to redirect any content accessed to gambling and betting websites," said Mr. Son.
This form of attack was quite popular in the past, but recently there have been signs of an outbreak and brought many cyber security risks to users. It is especially dangerous if these "official" https links are used to spread fraudulent links, steal information, then users can easily fall into the trap.
Summarizing the supported cases, NCS found that there are common forms of attack as follows:
- Attack servers with old operating systems that have not been patched
- Attack websites that use shared libraries with vulnerabilities
- Attack administrative accounts with weak passwords
- Attack database connection accounts with weak passwords
- Attacking a decentralized server without tight authorization, from a vulnerability of one website can attack other websites on the same server
Through the above incident, Mr. Vu Ngoc Son also recommended that administrators urgently review their entire website system, focusing on reviewing source code pages, paying special attention to newly created files or files with different creation times compared to most other files in the same folder.
"Administrators need to change their administrative passwords and database access passwords if they are using weak passwords. If possible, they can conduct a comprehensive network security assessment for the system and deploy automatic monitoring solutions to detect unusual changes so that they can be handled promptly," Mr. Son emphasized./.
Minh Son (Vietnam+)
Source link
![[Photo] Discover unique experiences at the first World Cultural Festival](https://vphoto.vietnam.vn/thumb/1200x675/vietnam/resource/IMAGE/2025/10/11/1760198064937_le-hoi-van-hoa-4199-3623-jpg.webp)
![[Photo] General Secretary attends the parade to celebrate the 80th anniversary of the founding of the Korean Workers' Party](https://vphoto.vietnam.vn/thumb/1200x675/vietnam/resource/IMAGE/2025/10/11/1760150039564_vna-potal-tong-bi-thu-du-le-duyet-binh-ky-niem-80-nam-thanh-lap-dang-lao-dong-trieu-tien-8331994-jpg.webp)
Comment (0)