Attack every corner
Security firm Group-IB has announced the discovery of GoldPickaxe, the first version of the trojan (malicious code, malicious software), targeting iOS users in Vietnam and Thailand, with the ability to collect facial data, other identification documents and intercept SMS messages on Apple iPhones. With the appearance of GoldPickaxe, the iPhone, which was considered to have high security, is no longer safe.
Meanwhile, Kaspersky experts discovered the cyberattack campaign on phones while monitoring the unit's Wi-Fi network traffic using the Kaspersky Unified Monitoring and Analysis Platform (KUMA). After further analysis, the researchers discovered that the threat actor targeted the iOS devices of dozens of company employees. Accordingly, the victims received a message via iMessage with a zero-click attachment. Without any interaction from the victim, the message triggered a vulnerability that led to code execution to escalate privileges and give full control over the infected device.
Mr. Nguyen Van Thu, General Director of Cyber Security of BKAV Technology Group, said: Currently, there are many popular forms of attacks via mobile phones such as Malware (malicious software) - infection through fake applications, files downloaded from unknown sources; Phishing (scam) - sending fake messages/emails to steal personal information or accounts; Social Engineering (social engineering attack) - taking advantage of gullibility and lack of knowledge to gain access. Or exploiting operating system and application vulnerabilities: attacking outdated operating systems or applications that are not updated; attacking via wireless connections: using fake Wifi, attacking Bluetooth, NFC...
According to a recent announcement, Kaspersky's security solutions prevented more than 893 million phishing attacks in 2024, 26% more than the nearly 710 million attacks in 2023. A series of online scams aimed at stealing data, money and spreading malware, and cybercriminals often impersonate the website interfaces of famous brands such as Booking, Airbnb, TikTok, Telegram and many other platforms on smartphones.
One thing that few people expect is that the most common threat on mobile devices is adware, which is designed to display ads in the form of pop-ups, accounting for 40.8% of all threats detected by security firms... In parallel, there is eavesdropping software "planted" through many applications. Therefore, cybersecurity experts affirm that mobile phones are more vulnerable to attack than computers because criminals only need to prepare a psychological manipulation scenario to be able to make users install malware on their phones.
Notes for organizations and businesses
Many people do not pay attention to protecting data on mobile phones, due to subjectivity and the belief that mobile phones only serve individuals and do not store important data, while mobile phones store a lot of sensitive information such as: passwords, OTP codes, bank accounts, work data, etc.
Therefore, Mr. Vu Ngoc Son, Head of Technology Department of National Cyber Security Association (NCA), shared: “In the process of strong digital transformation, many internal applications have been shifted to mobile trends, so phones have also become devices participating in the systems of companies and organizations. Phones often store internal accounts, emails and company and organization data... so they also become the target of hacker attacks to turn them into a springboard for attacks on organizational and business systems”.
This is something that personal device users should pay close attention to. Phone protection software is very important, so users can choose commercial software from reputable manufacturers. In addition, there is free software from non-profit organizations such as the National Cyber Security Association, such as nTrust to help scan, detect malware, and support anti-fraud utilities.
Cybersecurity experts also note that cybercriminals often take advantage of personal devices to spread malware, attack internal systems (email, internal apps, VPN), and take advantage of unmanaged devices to bypass corporate security... "Users should not install applications from unknown sources, enable 2-factor authentication (2FA), update operating systems and applications periodically, and not access internal systems from unprotected devices. For system administrators, it is necessary to apply clear personal device security policies, deploy a mobile device management system, install mandatory security software on devices accessing corporate data, and control network access as well as encrypt data," added Mr. Nguyen Van Thu, General Director of Cyber Security of BKAV Technology Group.
Many technological solutions on Resolution 57 Portal
The Ministry of Science and Technology has built and put into operation the Resolution 57 Portal (NQ57), thereby announcing many products, solutions of science and technology, innovation and digital transformation. The NQ57 Portal contributes to realizing the content of Resolution No. 57-NQ/TW dated December 22, 2024 of the Politburo on breakthroughs in science and technology development, innovation and national digital transformation.
As of mid-May 2025, the NQ57 Portal has received 161 product and solution proposals and 14 ideas and initiatives and announced 103 products and solutions from many units and enterprises. In particular, the products and solutions are divided into many fields such as: solutions to promote digital access; digital technology, agriculture , resources and environment; education, health, culture, society, cloud computing; transportation, post and logistics... From there, the Ministry of Science and Technology receives and evaluates potential science and technology, innovation and digital transformation products and solutions with the consultation of the National Advisory Council, in order to select highly applicable initiatives for implementation in practice.
Proposal to expand the scope of sandbox applications
The Center for the Fourth Industrial Revolution in Ho Chi Minh City (HCMC C4IR) has just organized a consultation session to collect opinions from business and association representatives to serve the development of breakthrough policy proposals in the fields of science and technology, innovation and digital transformation.
Many associations and enterprises have pointed out barriers in research and technology application and proposed practical solutions and policies. Many opinions also emphasized the need to implement breakthrough policies in the sandbox field. Mr. Le Truong Duy, Director of HCMC C4IR, informed that HCMC C4IR will continue to accompany enterprises, research institutes, associations and authorities in forming an open, sustainable and highly adaptable innovation ecosystem, contributing to the development of the knowledge economy of HCMC and the whole country.
BINH LAM
Source: https://www.sggp.org.vn/de-phong-tan-cong-mang-qua-smartphone-post796275.html
![[Photo] Top players gather at the 2025 Nhan Dan Newspaper National Table Tennis Championship](https://vphoto.vietnam.vn/thumb/1200x675/vietnam/resource/IMAGE/2025/5/23/9ad5f6f4faf146b08335e5c446edb107)
Comment (0)