Hackers can still take control of the phone without the user having to click on the malware installation link - Photo: QUANG DINH
Many people believe that if they don't click on dangerous links, open suspicious files, or install programs from untrusted sources, they won't have to worry about getting infected with malware (many resources also recommend not clicking on strange links). Unfortunately, this isn't entirely true.
Sophisticated "zero click"
There is actually something called zero-click exploitation, or clicking on messages that doesn't require any action from the target user.
Most recently, we learned about the concept of "zero-click" when high-tech scammers took advantage of message vulnerabilities to take control of devices without the victim having to click on the link sent.
That means that users only need to receive the message and open it to be infected with malware. Of course, this technique is very difficult and complicated, hackers who use it need to invest a lot and research zero-click security holes.
These vulnerabilities are often sold on the black market for prices that can even reach millions of dollars because of their danger and effectiveness in financial fraud attacks.
Leading security companies also regularly publish information about security vulnerabilities (including those suitable for creating zero-click exploits).
This means that after a while, any cybercriminal who follows the news of the security world can use this vulnerability in their malware.
Don't skip patches
Any software developer tries to fix those vulnerabilities as soon as possible, but in reality not everyone installs the security vulnerability fixes updates in time...
So the danger is doubled, meaning that bad guys don't need to be professional hackers to create malicious code based on zero-click vulnerabilities to directly attack a series of users who do not update the patches.
This is extremely dangerous in Vietnam, when many users rarely update patches. Not long ago, Kaspersky security staff discovered an unknown group attacking using a zero-click exploit.
After discovering it, Kaspersky dubbed the espionage campaign Operation Triangulation. Using Apple's iMessage service, the attackers sent a message to the victim's iPhone with a specially crafted attachment containing the vulnerability.
Thanks to a previously unknown vulnerability in iOS, this exploit, which required no user intervention, triggered the execution of malicious code that connected to a remote server and gradually downloaded more malicious code.
It first escalates its privileges using additional exploits and then launches a full-blown APT (targeted attack) platform. To bypass the iPhone's internal security mechanisms, the platform operates only in the device's RAM.
It allows attackers to collect information about the owner and launch additional components downloaded from a remote server. The infection was only detected by Kaspersky's network event monitoring and analysis system.
Of course, Apple quickly patched the vulnerability, but this isn't the first time an iMessage exploit has allowed attackers to infect iPhones with invisible malware.
And attackers are actively researching this service so there is no guarantee that they won't find some alternative method and use it (maybe even for mass attacks) in the near future.
Warning: Mustang Panda APT group is launching cyber attacks in Vietnam
The Mustang Panda APT group is currently using "bait" to intentionally attack corporate and organizational websites - Photo: HAI QUYNH
On June 17, the National Cyber Security Monitoring Center (NCSC), under the Department of Information Security, Ministry of Information and Communications , said it had discovered and recorded information related to a cyber attack campaign targeting Vietnam carried out by an APT (targeted attack) group called Mustang Panda.
Accordingly, this attack campaign of Mustang Panda group uses "bait" revolving around the fieldsof education and tax. Targets are government organizations, non-profit organizations, educational organizations...
In order to ensure information security for information systems in Vietnam, the Department of Information Security recommends that businesses and organizations check and review the information systems they are using that may be affected by the above attack campaign. At the same time, proactively monitor information related to the campaign to prevent and avoid the risk of being attacked.
Enterprises and organizations should strengthen monitoring and prepare response plans when detecting signs of exploitation and cyber attacks; at the same time, regularly monitor warning channels of authorities and large information security organizations to promptly detect cyber attack risks.
How to prevent zero-click attacks
First of all, it is difficult to say, because old prevention concepts are often ineffective, but there are some suggestions:
* Always keep your software up to date, especially your operating system and all browsers installed on it.
* For iPhone users, it is recommended to use lock mode. This mode provides some protection against serious attacks, but is not considered a panacea.
* Provide all corporate devices with a reliable protection solution to ensure security during times when new vulnerabilities are being exploited but corresponding patches have not yet been released.
* Stay updated and follow security news as a method of asset protection.
Source: https://tuoitre.vn/khong-nhan-link-la-cung-bi-chiem-quyen-dien-thoai-20240617232054664.htm
![[Photo] The 9th Congress of the Party Committee of the Office of the President, term 2025-2030](https://vphoto.vietnam.vn/thumb/1200x675/vietnam/resource/IMAGE/2025/6/20/78e7f27e8c4b4edc8859f09572409ad3)
![[Maritime News] Wan Hai Lines invests $150 million to buy 48,000 containers](https://vphoto.vietnam.vn/thumb/402x226/vietnam/resource/IMAGE/2025/6/20/c945a62aff624b4bb5c25e67e9bcc1cb)
Comment (0)