Account-stealing viruses have increased by 40%.

On January 18th, Bkav Technology Group announced the results of its "Cybersecurity Assessment for Individual Users," conducted in December 2023. According to the assessment, the damage caused by computer viruses to Vietnamese users amounted to VND 17.3 trillion (equivalent to USD 716 million). This figure represents a decrease compared to previous years.

According to Bkav, the cybersecurity situation in the country remains marked by many pressing issues, with ransomware attacks continuing to increase, targeting critical servers; computers without internet connections can also be vulnerable to APT (Advanced Persistent Threat) espionage attacks; and online financial fraud shows no signs of slowing down.

Online financial fraud

According to a cybersecurity survey report by Bkav, the percentage of users receiving fraudulent messages and calls continues to increase. While this figure was 69.6% in 2022, it rose to 73% in 2023.

In financial fraud cases, the perpetrators ask users to transfer money through bank accounts.

Mr. Nguyen Van Cuong, Director of Cybersecurity at Bkav, stated: "The reason is the ongoing buying and selling of bank accounts." It's too easy. Many people simply assume that selling unused accounts is harmless. However, in reality, criminals have exploited these bank accounts to conduct illegal transactions, concealing their origins and making it difficult for investigators."

Account-stealing viruses are on the rise.

In 2023, Bkav's virus monitoring and alert system recorded 745,000 computers infected with account-stealing viruses (Facebook, banking), a 40% increase compared to 2022. The most prevalent viruses included RedLineStealer, ArkeiStealer, and Fabookie, all of which were among the top 20 most widespread viruses in Vietnam.

While last year these viruses were still in their "primitive" stages, only stealing account data, passwords, cookies, etc., this year they have been "upgraded". To specifically target Facebook Business accounts, they would query additional information about payment methods, balances, etc.

After successfully exploiting the vulnerability, hackers use the victim's account to secretly run ads instead of immediately taking over the account to generate more profit and improve the SEO ranking of the websites distributing the malware.

APT espionage attacks

In 2023, Bkav detected numerous APT (Advanced Persistent Threat) attacks by hacker groups such as Mustang Panda and APT31, using spyware (PlugX, CobaltStrike, njRAT, etc.) to stealthily steal data files stored on computers without internet access. Research showed that the spyware targeted files with formats such as .doc, .docx, .xls, .xlsx, .ppt, .pptx, and .pdf on computers, then hid them on USB drives, waiting for an opportunity to spread to other computers with internet access. At that point, they would send all the stolen data to the hacker's server.

The number of APT espionage attacks in Vietnam in 2023 increased by 55% compared to 2022, targeting more than 280,000 computers.

The server was attacked.

In 2023, Bkav's virus monitoring and alerting system recorded over 19,000 servers attacked by ransomware from 130,000 malicious IP addresses worldwide , a 35% increase compared to 2022. Typical virus strains involved in these attacks include TOP/DJVU, FARGO, LockBit, etc.

According to experts at Bkav's AntiMalware Research Center: "Attacks to servers are very sophisticated, coming from many different paths, such as server vulnerabilities, service vulnerabilities... Administrators need to regularly back up data, assess the security of services before enabling them to access the internet, and install sufficiently powerful antivirus software for real-time protection."