IoT devices such as Wi-Fi Router, IP Camera and so on used by Vietnamese families being targeted by Mirai malware, 15 million computers being infected by virus in the last 3 months are the highlights of cyber security in 3rd quarter of 2017.

New variant of Mirai malware targeting IoT devices in Vietnam

Analyzing a new variant of Mirai malware, Bkav discovers hacker is targeting Vietnam. Mirai is a malware that has attacked a series of IoT devices around the world, infecting through searching for default passwords set by manufacturers. Inside this new variant, the list of passwords used by the malware includes the default account information one network operator in Vietnam.

The booming of IoT has made security on devices such as Wi-Fi routers, IP cameras and so on become a hot topic in recent times. Bkav research finding in 2016 also showed that more than 5.6 million routers around the world are vulnerable, especially the number in Vietnam was 300 thousands, equivalent to 300 thousand networks left unclosed. After successful hacking and getting control of IoT devices, hackers can mobilize these devices to form botnets in DDoS attacks, or take full control of users’ access to the network, start MitM, Phishing attacks to steal bank accounts, social network accounts, email and so on.

Mr. Ngo Tuan Anh, Vice President of Internet Security of Bkav said: "In order to avoid the risk of unauthorized access, the user needs to check and change the administrative password of the IoT devices and turn off the feature that allows device access from the Internet if he does not need to use such feature. The service and device providers need to request users to change the default password after installing the devices.”

15 million computers are infected with virus in 3rd quarter of 2017, USB is the main cause

According to Bkav statistics, the number of computers infected with virus in Vietnam in 3rd quarter of 2017 is still very high, up to 15 millions. In particular, the main route of infection is via USB, accounting for more than 50%.

The explanation for USB still being the main infecting source of virus, Bkav expert says that USB is a popular mean of backing up and exchanging data between computers; however, the awareness of safe use of USB has not improved much. Also according to Bkav statistics in 2016, up to 83% of USB were infected by the virus in the year.

To limit the spread of the virus through USB as well as to protect data, individual users need to equip regular antivirus software to scan USB before using, restricting the use of USB on strange machines. For enterprises and agencies, there should be a comprehensive security policy control solution, which controls and assigns the use of USB according to the needs and importance of each machine.

In mid-October, a 9-year-old serious flaw on the kernel of Linux operating system was discovered. Named Dirty COW, the flaw affects all Linux system from version 2.6.22. According to Bkav, Vietnam now has 5,058 affected systems including important services such as FTP Server and Webserver.

Dirty COW is cataloged a privilege escalation vulnerabilitiy. Exploiting successfully Dirty COW, a hacker with an user account (limited right) can escalate to admin on the system. There are two reasons that make the vulnerability the most serious privilege escalation ever. First, it's not hard to develop exploits that work reliably. For another, the flaw is located in a section of the Linux kernel that's a part of virtually every distribution of the open-source OS released for almost a decade. Bkav has recorded many sources publishing COW Dirty exploit.

Mr. Bui Tien Dung – Bkav System Security expert said: "In the actual attacks, Dirty COW can be combined with several common errors such as SQL injection, Buffer Overflow... to take full control of the victim system with the highest authority (root, system ...)".

Bkav provides testing tool combined patch update at link:

Users and system administrators should download the tool and run the command [python DirtyCOW] to fix the problem as soon as possible. The tool will automatically check whether the system has vulnerabilities or not and patch it (system required Python installation).

Bkav Corporation has just announced the analysis which showed that malware attacking Vietnam Airlines – the nation’s flag air carrier also appeared in many other organizations and businesses.

Not offcially launched in Vietnam as well as many other countries, the wildly popular new game Pokémon GO can still be downloaded from unofficial sources on the Internet, from which fake apps appear and some cases have put user’s smartphone at risk. Taking a deep look into several of such apps, Bkav identified the malware capable of taking full control of Android devices.

Early March, researchers discovered deadly DROWN vulnerability in OpenSSL that affects more than 11 million modern websites and e-mail services protected by SSLv2 protocol. Bkav took a deep look into Viet Nam’s situation, and learned that hundreds of important websites were affected, putting users’ data as passwords, private information, credit card details at risk of being stolen.

Showing 1 - 5 of 136 results.
Items per Page 5
of 28

Popup Date Time Portlet

Blogs Aggregator

Recent Posts

Blog Category Portlet


Store Portlet


Vote Baby Portlet