Bkav has released a warning that more than 139,000 computers in Viet Nam have been infected with new cryptocurrency mining virus named W32.AdCoinMiner. The virus spreads through online advertising service Adf.ly and through software vulnerabilities in order to take control of victim's computer to mine cryptocurrency.
Adf.ly allows shortening links when sharing on social networks or YouTube. However, clicking these shortened links, users will have to see a page of ads before reaching the destination contents. Abusing that, hacker inserts malware into advertisement pages to infect virus onto user's computer. It is difficult for victims to prevent because they still see the contents from shortened links. After the infection, virus will take control of and use victim's computer to mine cryptocurrency.
More dangerously, once taking control of the computer, the virus can download more malware from the hacker's control server to perform the act of spying, stealing personal information or even deleting data.
In addition to Adf.ly, hacker leverages the SMB vulnerability to spread virus on a large scale. The SMB was once exploited by WannaCry, infecting more than 300,000 computers in just a few hours. According to Bkav statistics, more than half of computers in Vietnam are vulnerable to this flaw.
"As Bkav predicted at the end of 2017, virus mining cryptocurrency has exploded since the beginning of 2018. The attractive profit from cryptocurrency is the engine to spread virus of hacker. This situation will continue increasingly in the coming time", said Mr. Vu Ngoc Son, Bkav's vice president of anti-malware.
Bkav experts recommend users update the latest patches for their operating system and permanently install antivirus software with built-in personal firewall on their PCs for automatic protection.
According to statistics from Bkav, in the first three months of 2018, there were 1,095 Vietnamese websites attacked by hackers, of which are 56 important websites of government agencies, educational organizations, etc.