Many new malware targeting smartphone users will appear in 2024

Cybercriminals will attack smartphones and IoT devices

In the network information security warning for the week from November 27 to December 3, the National Cyber ​​Security Monitoring Center - NCSC under the Department of Information Security (Ministry of Information and Communications) warned about a malware code named "FjordPhantom" on the Android platform that appeared since early September 2023 in cyber attack campaigns targeting users in Southeast Asia such as Indonesia, Thailand and Vietnam.

The "FjordPhantom" malware is distributed through applications and messaging services using a combination of application malware and "social engineering" techniques to scam users. Specifically, users will be approached by the subject via email, SMS and messaging applications and then tricked into downloading fake banking applications. The subject will then use "social engineering" techniques similar to a phone-based attack - this is a technique that makes users call fake call centers to get instructions on how to execute the downloaded banking application.

Also during the week from November 27 to December 3, information about groups of people tricking people into downloading and installing applications containing malware impersonating the VNeID app to steal information and assets was one of the prominent warnings in the "Weekly News" conducted by the Information Security Department.

Previously, in July 2023, a representative of the Department of Information Security (Ministry of Information and Communications) informed about a campaign to trick people into installing fake apps of the Government and the General Department of Taxation. These fake apps contain malicious code that allows the subjects to remotely control and execute money transfer orders on the victim's phone.

The above warning information partly shows that users are still the weak link in the information security chain. Statistics from NCS experts have shown that, in the top 3 weaknesses of systems in Vietnam that were exploited the most in 2023, human weaknesses accounted for the highest percentage, nearly 33% of attacks.

Making a forecast for cybersecurity in 2024, NCS experts said that cyber attacks, APT attacks on critical systems, and data encryption attacks will continue to occur.

In particular, experts say that the strong digital transformation has made smartphones extremely important in the lives and work of many people; however, smartphones have also become attractive 'prey' for cybercriminal groups.

“In 2024, mobile users will face more new types of malware that can penetrate, exploit vulnerabilities, and take control of phones, including phones running Android and iOS operating systems.”, NCS expert predicts.

Also next year, there will be large-scale attacks targeting IoT devices in Vietnam, especially devices capable of collecting information and images such as security cameras and public advertising screens.

Hackers increasingly use AI to write attack and fraud scenarios

One notable point is that experts all agree that cybercriminals are increasingly using AI technology to support cyber attacks, and this trend will continue to flourish in 2024.

According to Mr. Le Quang Ha, Deputy Director of Viettel Cyber ​​Security Company, with the explosion of AI generation and the popular application of ChatGPT, cyber attacks have clearly changed. This expert analyzed that in the past, if the phishing emails sent to users were not targeted attacks, the content in the email was quite silly; now, with the use of AI, the amount of phishing emails automatically sent to users is "tailored", designed with reasonable words, making it easier for users to be lured into phishing traps.

Sharing the same view, expert Vu Ngoc Son, Technical Director of NCS Company, emphasized that artificial intelligence technology has made miraculous developments in 2023 and will continue to explode in application in 2024. This will lead to tools serving bad purposes such as fraud and cyber attacks.

“Generative AI like ChatGPT and Deepfake will be used to self-generate fraudulent scripts to steal money from victims. Malware and exploit tools will be equipped with artificial intelligence to increase the ability to exploit vulnerabilities as well as help bypass cybersecurity solutions.”, Mr. Vu Ngoc Son analyzed.

Mr. Nguyen Gia Duc, Country Director of Fortinet Vietnam, also said that the 2024 cybersecurity threat forecast report by the FortiGuard research group emphasized the risk of escalation of advanced cyber threats due to the popularity of cybercrime services and the impact of artificial intelligence.

“With threat actors now equipped with advanced tools, using more sophisticated techniques and knowing how to diversify their targets, the cybersecurity community needs to agree on how to respond.”, Mr. Nguyen Gia Duc made recommendations.