Saturday, June 12, 2021

Microsoft links Vietnamese Country hackers to a crypto-mining malware campaign

Must Read

Cybercriminals are Doing Microsoft Exchange Exploitation by installing Cryptojacking

Cybercriminals continue to exploit Microsoft Exchange unpatched servers. Cybersecurity investigators at Sophos report an unknown attack after trying to...

Hack the Army Bug Bounty Program Launched to find US Army Vulnerabilities

The Defense Digital Service (DDS) and HackerOne have announced the launch of a new bug bounty program, in which participants will...

Nine cyber Offenders arrested in a police raid

Throughout the constant action being taken by the authorities to preventing cybercrime, the authorities obtained a major success last...

Vietnamese government-backed hackers have been recently seen deploying cryptocurrency-mining malware along with their routine cyber-espionage toolkits, Microsoft said on Monday.

The report highlights a growing trend in the cyber-security sector where a growing amount of state-backed hacking teams will also be dipping their feet into routine cybercrime operations, which makes it more difficult to differentiate financially-motivated offenses from intelligence-gathering operations.

Developed by Microsoft as Bismuth, this Vietnamese team has been busy since 2012 and has been popular under codenames such as APT32 and OceanLotus.

For the majority of its life, the team has spent its stricter complicated hacking operations, both abroad and within Vietnam, to collect information to assist its authorities to cope with political, economic, and international policy choices.

However, in a report released late Monday night, Microsoft says it’s observed a shift in the group’s strategies in the summertime.”In campaigns from July to August 2020, the team deployed Monero coin miners in attacks that targeted both private industry and government associations in France and Vietnam,” Microsoft explained.

It’s uncertain why the team made this shift, but Microsoft has just two concepts.

The first is that the team is utilizing the crypto-mining malware, normally connected with cybercrime surgeries, to disguise a number of its strikes from episode responders and fool them into thinking their strikes are low-priority arbitrary intrusions.

The next is that the team is currently experimenting with new methods for generating revenue from strategies they infected portion of the routine cyber-espionage-focused operations.

This last concept also fits into an overall trend seen in the cyber-security business, in which, in the past few decades, Chinese, Russian, Iranian, and North Korean state-sponsored hacking groups also have attacked targets for the sole intention of earning money for private gains, instead of cyber-espionage.

The explanations for the strikes are easy, and they need to perform with impunity.

These groups frequently work under the direct defense of the regional authorities, either as contractors or intelligence agents, and also, they operate from within states that do not have extradition treaties with the US, letting them execute any attack they need and know they endure to confront almost none of those impacts.

Together with Vietnam also lacking an extradition treaty with the US, Bismuth’s growth into cybercrime is known as a given for a country that is expected to be”on the border” to develop into a potential cybercrime heart and a significant cyber-espionage participant within the next ten years.

Priyanshu Vijayvargiya
Founder and Editor-in-Chief of 'Virtualattacks Inc' Priyanshu Vijayvargiya is a cybersecurity analyst, Information Security professional, developer, and a white hat hacker.


Please enter your comment!
Please enter your name here

Latest News

An error of coding results attacker will delete a live video of Facebook

Facebook has solved the problem of Programming errors on live video services that allow attackers to successfully remove video...

What is a Cyber Attack or Virtual Attack

Firstly We Wil Discuss About Cyberattack or we will also say virtual attack. A Cyberattack is a type of attack that will be done...

Firefox 88 start disabling FTP with removal set for Firefox 90

Firefox 88 update has disabled File Transfer Protocol (FTP) support completely from the browser. The handling of clicking on FTP links from within Firefox...

Google Project Zero giving The 30-day grace period for user patch adoption

Google Project Zero will be shifting from a fairly hard 90-day deadline to a new model that incorporates a new 30-day grace period to...

Parking app ParkMobile experiences data breach of 21M Users

The popular mobile app that drivers use to pay and find available public parking in Pittsburgh and in other cities experienced a data breach...

More Articles Like This