VietNamNet Bridge - Many Vietnamese businesses have agreed to pay ransom to get back data stolen by hackers, thus inadvertently lending a hand to cybercrimes.



{keywords}

 

 


The hackers, after penetrating their information systems, encrypted the data and locked the files in the systems. The hackers left a message that they would provide the key to unlock the files if the victims paid a ransom.

In many cases, the victims have decided to compromise, accepting to pay ransom in exchange for their data, because they fear the news about hacking would negatively affect their business.

According to Kaspersky Vietnam, malware was sent mostly from a member of Ransomware - Trojan-Ransom. 

The malware, Win32.Onion, is created by hackers by utilizing Public-key, a reliable solution to protect important data. 

Security firms at times cannot find the codes used by hackers to create the malware, but in many cases, they can track down the hackers because the Ransomware did not leave any information. 

Nguyen Minh Duc, a security expert from FPT, said the Vietnamese information technology group included several large commercial banks in Vietnam.

The new malware, after breaking into the banks’ systems, scanned the entire drive and started the process of encrypting files (.doc, pdf, xls, jpg, zip…).

The workers of the banks received emails under the mode of document file with malicious code. 

However, the malware was not CTB Locker, but downloaded under the mode of “.scr” (Screen Saver) which had the same name with the attached file.

The downloaded file then activated WordPad to display a document file matching the email’s content, making it appear that the file contained a document file.

When users opened the file, 24967891.exe file will run and then create two other files - dvnoijl.job and qechhwi.exe.

Of these, qechhwi.exe was a real CTB Locker, which encoded all the files with suffixes doc, pdf, xls, jpg, and zip in victims’ computers. In the final step, a notice for the required ransom would be displayed.

Vu Ngoc Son from the Bach Khoa Anti-virus Center (BKAV) said the firm has found 1,300 similar cases in Vietnam, while the number is still on the rise. In some cases, the ransom is as high as $3,000-5,000.

Security experts fear that the victims’ behavior of paying ransom for stolen information will make the situation more serious.

According to Ngo Tran Vu, director of Nam Truong Son Security, there are 40 million internet users in Vietnam, but only 10 percent of them use copyrighted Windows and anti-virus software. The other 90 percent use unlocked and free software which often contain malware.

NLD