.jpg "Reading culture in the digital age")
.jpg "What to see in Hai Duong newspaper on April 21?")
-a9f705f0fc2bb442b889e7ca8cfb4e9f.jpg "Prime Minister directs early payment of pensions in May")
.jpg "Parishioners joyfully celebrate Easter at Hai Duong Church")
Submit a comment
Large-scale cyberattacks targeting small businesses, organizations and government agencies are becoming increasingly sophisticated around the world.
Security software company Kaspersky has tracked and detected more than 10,000 cyber attacks against organizations and businesses in different regions, part of a campaign using various types of malware, with financial motives.
Kaspersky researchers discovered that attackers are not only using backdoors, keyloggers, and exploits, but also leveraging new malicious task scripts that disable security features and make it easier to download malware.
The attack campaign was carried out by hackers between May and October 2023. According to Kaspersky data, the organizations targeted were mainly government agencies, businesses and commercial organizations in Russia, Saudi Arabia, Vietnam, Brazil and Romania. Similar incidents were also detected in the US, India, Morocco and Greece.
Hackers exploited vulnerabilities on servers and workstations to gain access to systems. They then launched malicious scripts that bypassed Microsoft Defender firewalls, added permissions, and disabled antivirus software. If successful, hackers downloaded backdoors, keyloggers, and generators from inaccessible websites.
Through the generator, hackers will exploit the resources of the compromised systems to mine various cryptocurrencies, such as Monero (XMR). Meanwhile, the keylogger will record the keys that the user presses on the keyboard and mouse, and the backdoor will establish a connection with the command and control (C2) server to receive and transmit data. This allows hackers to gain control of the compromised system remotely.
Kaspersky experts note that this attack campaign is dangerous because hackers are using a combination of different malware at the same time, and are also constantly developing new versions of cyber attack tools.
It is clear that hackers are trying to profit by any means possible. In addition to mining cryptocurrency, they can steal user credentials and sell them on the Darknet, or carry out more serious attacks by exploiting the backdoors that have been created.
According to Vietnamnet