Inside the compressed file is a shortcut file disguised as a job application, but actually contains the LOTUSHARVEST virus, which specializes in collecting saved password information, login cookies, and browsing history from Chrome, Edge browsers... and then sending it to the hacker's server.
According to Bkav experts, the shortcut file inside “Le Xuan Son CV.zip” is disguised under the PDF/PNG icon, making the recipient mistakenly think this is a normal CV file. With just one click, LOTUSHARVEST is immediately activated and begins the process of infiltrating the system.
The worrying point in this attack campaign is the sophisticated virus LOTUSHARVEST, which is capable of hiding deep and running on its own. LOTUSHARVEST takes advantage of the library loading mechanism to maintain long-term control and access sensitive accounts and data, beyond the protection of conventional security measures. Stolen data becomes the "key" for hackers to expand their penetration, deploy dangerous tools and turn businesses into multi-layered attacks or extortion targets in the next stages.
Mr. Nguyen Dinh Thuy, a malware analyst at Bkav, said: “All signs show that the Hanoi Thief campaign was meticulously planned, directly targeting Vietnamese businesses. Taking advantage of the recruitment department, which regularly receives applications from outside but is not fully equipped with cybersecurity awareness, hackers use fake files in the form of CVs or documents and can continuously transform into many different variations, making the risk of infection unpredictable.”
Bkav noted that there were Vietnamese businesses that were victims of this attack campaign. Due to the dangerous nature of LOTUSHARVEST and the Hanoi Thief campaign, users need to be extremely vigilant with documents received via email, because just one mistake can open the door for hackers.
Businesses and organizations need to regularly organize periodic training for employees, raise awareness and vigilance against online fraud tricks. Internal monitoring systems need to be strengthened, especially monitoring unusual libraries or suspicious files.
The default tools on the operating system only meet the basic protection needs, completely incapable of fighting against modern malware and viruses that can hide, persist for a long time and penetrate deeply into the system. Therefore, it is necessary to install an email monitoring system and use licensed anti-virus software to be protected professionally.
Source: https://nhandan.vn/canh-bao-chien-dich-hanoi-thief-tan-cong-mang-doanh-nghiep-viet-nam-post927978.html
![[Photo] Cat Ba - Green island paradise](/_next/image?url=https%3A%2F%2Fvphoto.vietnam.vn%2Fthumb%2F1200x675%2Fvietnam%2Fresource%2FIMAGE%2F2025%2F12%2F04%2F1764821844074_ndo_br_1-dcbthienduongxanh638-jpg.webp&w=3840&q=75)
![[VIMC 40 days of lightning speed] Da Nang Port: Unity - Lightning speed - Breakthrough to the finish line](https://vphoto.vietnam.vn/thumb/402x226/vietnam/resource/IMAGE/2025/12/04/1764833540882_cdn_4-12-25.jpeg)
Comment (0)