A new virus attack campaign named SPECTRALVIPER has just been discovered targeting computers of a series of large enterprises and users in Vietnam through the SMB vulnerability.
According to Bkav statistics, 1 out of 10 computers has an SMB vulnerability and is at risk of being infected with SPECTRALVIPER.
Through a vulnerability in the SMB protocol on Microsoft Windows, hackers penetrate the system and deploy SPECTRALVIPER as a backdoor to maintain a connection to the infected device. On the victim's computer, they continue malicious actions such as executing malicious code , accessing and stealing data...
Mr. Nguyen Tien Dat, General Director of Bkav's Malware Research Center, said: "The SMB vulnerability was exploited by the WannaCry virus to infect more than 300,000 computers worldwide in a few hours. In 2018, up to 735,000 computers in Vietnam were attacked by the W32.CoinMiner cryptocurrency mining malware by exploiting SMB. Despite being warned many times, up to now, up to 10% of computers in Vietnam still have this vulnerability."
Bkav recommends that users update the patch as soon as possible by going to Windows Update → Check for updates to check for the latest patches. Back up important data immediately. Computers with Bkav Pro installed will automatically block similar exploit scenarios.
For organizations and businesses, it is necessary to deploy additional network security monitoring solutions such as firewalls, SOC (network security monitoring center), to immediately detect abnormalities for timely response and handling. At the same time, contact specialized network security units for support in reviewing the entire system including servers, workstations and cloud systems, to thoroughly isolate malware.
(VTV)
Source link
![[6pm News] Is HMPV virus as dangerous as Covid-19?](https://vstatic.vietnam.vn/vietnam/resource/IMAGE/2025/1/23/4c049f3d06af413fab3d0c6bbba2e3e1)
Comment (0)