Friday, September 24, 2021

Microsoft links Vietnamese Country hackers to a crypto-mining malware campaign

Must Read

Canada Names China, Russia as Chief cyber-crime Risks; sees Danger to Electricity supply

Canada on Wednesday identified state-sponsored applications in China, Russia, Iran, and North Korea as important cybercrime threats for the...

Hackers demand ransom after a cyber attack on the laboratory in Antwerp

Hoboken's medical laboratory, Het Algemeen Medisch Laboratorium (AML), was the victim of a cyber attack on Monday. The hackers...

Transport for NSW confirms data theft in Accellion breach

Transport for New South Wales (TfNSW) has confirmed it will be affected by the cyberattack on the Accellion-run file...

Vietnamese government-backed hackers have been recently seen deploying cryptocurrency-mining malware along with their routine cyber-espionage toolkits, Microsoft said on Monday.

The report highlights a growing trend in the cyber-security sector where a growing amount of state-backed hacking teams will also be dipping their feet into routine cybercrime operations, which makes it more difficult to differentiate financially-motivated offenses from intelligence-gathering operations.

Developed by Microsoft as Bismuth, this Vietnamese team has been busy since 2012 and has been popular under codenames such as APT32 and OceanLotus.

For the majority of its life, the team has spent its stricter complicated hacking operations, both abroad and within Vietnam, to collect information to assist its authorities to cope with political, economic, and international policy choices.

However, in a report released late Monday night, Microsoft says it’s observed a shift in the group’s strategies in the summertime.”In campaigns from July to August 2020, the team deployed Monero coin miners in attacks that targeted both private industry and government associations in France and Vietnam,” Microsoft explained.

It’s uncertain why the team made this shift, but Microsoft has just two concepts.

The first is that the team is utilizing the crypto-mining malware, normally connected with cybercrime surgeries, to disguise a number of its strikes from episode responders and fool them into thinking their strikes are low-priority arbitrary intrusions.

The next is that the team is currently experimenting with new methods for generating revenue from strategies they infected portion of the routine cyber-espionage-focused operations.

This last concept also fits into an overall trend seen in the cyber-security business, in which, in the past few decades, Chinese, Russian, Iranian, and North Korean state-sponsored hacking groups also have attacked targets for the sole intention of earning money for private gains, instead of cyber-espionage.

The explanations for the strikes are easy, and they need to perform with impunity.

These groups frequently work under the direct defense of the regional authorities, either as contractors or intelligence agents, and also, they operate from within states that do not have extradition treaties with the US, letting them execute any attack they need and know they endure to confront almost none of those impacts.

Together with Vietnam also lacking an extradition treaty with the US, Bismuth’s growth into cybercrime is known as a given for a country that is expected to be”on the border” to develop into a potential cybercrime heart and a significant cyber-espionage participant within the next ten years.

Priyanshu Vijayvargiya
Founder and Editor-in-Chief of 'Virtualattacks Inc' Priyanshu Vijayvargiya is a cybersecurity analyst, Information Security professional, developer, and a white hat hacker.

Leave a reply

Please enter your comment!
Please enter your name here

Latest News

Attackers Using Morse Code in phishing campaign to Evade Detection

Microsoft on Thursday revealed the techniques used by attackers to avoid detection using morse code in the phishing campaign.Microsoft...

Murata Manufacturing suffers data breach of employees and customer

Japanese electronic components manufacturer Murata has released an apology Notice for the data breach of thousands of files in June that contained bank account...

Everything about Signalling System 7(SS7)

Signaling System 7 (SS7) is an international telecommunication protocol standard that controls and regulates the network elements in a public switched telephone network (PSTN)....

Zimbra flaw lets attackers access the mail servers

Researchers discovered a flaw in the open-source Zimbra code. As a result, an attacker would gain unrestricted access to all sent and received emails...

Apple Releases patches for an actively exploited zero-day flaw in ios, macOS

Apple on Monday Release an urgent security patch for iOS,macOS, iPadOS, to address a zero-day flaw that has been actively exploited.Apple has revealed that...

More Articles Like This