The Covid-19 situation has accelerated digital transformation processes and formalized teleworking, resulting in an increase in cyberthreats to levels never seen before and never predicted. Let\u2019s remember that Malware is a combination of two words \u2013 \u201cmalicious\u201d and \u201csoftware\u201d. This term refers to any type of malicious code, regardless of how it affects victims, behaves, or causes damage. Malware encompasses all forms of malicious software, including Trojan Horses, Ransomware, Viruses, Worms, and Banking Malware. It is difficult for a normal user to tell which files are malware and which are not. That is why security solutions exist, such as vast databases of previously seen malicious samples and the use of multiple protection technologies to detect the most recent ones.<\/p>\n\n\n\n
Malware authors today are extremely inventive. To avoid detection, their \u201ccreations\u201d spread through vulnerabilities in unpatched systems, bypass security measures, hide in memory, or mimic legitimate applications. Even today, however, one of the most potent vectors of infection is the weakest link in the chain: humans. Emails with malicious attachments have proven to be an effective and low-cost way to compromise a system. And it only takes one click to do so.<\/p>\n\n\n\n
B\u01b0\u1edbc \u0111\u1ea7u ti\u00ean l\u00e0 gi\u1eef cho t\u1ea5t c\u1ea3 ph\u1ea7n m\u1ec1m, bao g\u1ed3m h\u1ec7 \u0111i\u1ec1u h\u00e0nh v\u00e0 t\u1ea5t c\u1ea3 \u1ee9ng d\u1ee5ng, lu\u00f4n \u0111\u01b0\u1ee3c c\u1eadp nh\u1eadt. Kh\u00f4ng ch\u1ec9 \u0111\u1ec3 th\u00eam t\u00ednh n\u0103ng v\u00e0 c\u1ea3i ti\u1ebfn, m\u00e0 c\u00f2n \u0111\u1ec3 s\u1eeda l\u1ed7i v\u00e0 gi\u1ea3i quy\u1ebft c\u00e1c l\u1ed7 h\u1ed5ng m\u00e0 t\u1ed9i ph\u1ea1m m\u1ea1ng v\u00e0 m\u00e3 \u0111\u1ed9c c\u00f3 th\u1ec3 khai th\u00e1c. Tuy nhi\u00ean, \u0111i\u1ec1u n\u00e0y kh\u00f4ng bao g\u1ed3m t\u1ea5t c\u1ea3 c\u00e1c m\u1ed1i \u0111e d\u1ecda hi\u1ec7n t\u1ea1i. H\u01a1n n\u1eefa, m\u1ed9t gi\u1ea3i ph\u00e1p b\u1ea3o m\u1eadt \u0111\u00e1ng tin c\u1eady v\u00e0 c\u1eadp nh\u1eadt l\u00e0 c\u1ea7n thi\u1ebft \u0111\u1ec3 ng\u0103n ch\u1eb7n c\u00e1c n\u1ed7 l\u1ef1c t\u1ea5n c\u00f4ng ti\u1ec1m n\u0103ng. Sao l\u01b0u \u0111\u01b0\u1ee3c th\u1ef1c hi\u1ec7n th\u01b0\u1eddng xuy\u00ean v\u00e0 l\u01b0u tr\u1eef tr\u00ean \u1ed5 c\u1ee9ng ngo\u1ea1i tuy\u1ebfn l\u00e0 m\u1ed9t c\u00e1ch kh\u00e1c \u0111\u1ec3 ch\u1ed1ng l\u1ea1i ph\u1ea7n m\u1ec1m \u0111\u1ed9c h\u1ea1i, cho ph\u00e9p ng\u01b0\u1eddi d\u00f9ng d\u1ec5 d\u00e0ng thay th\u1ebf b\u1ea5t k\u1ef3 d\u1eef li\u1ec7u n\u00e0o \u0111\u00e3 b\u1ecb h\u1ecfng ho\u1eb7c m\u00e3 h\u00f3a b\u1edfi k\u1ebb t\u1ea5n c\u00f4ng m\u1ea1ng.<\/p>\n\n\n\n
H\u00e3y c\u00f9ng nh\u1edb l\u1ea1i v\u00e0 ghi nh\u1edb m\u1ed9t ch\u00fat l\u1ecbch s\u1eed. B\u1ed9 n\u00e3o Pakistan<\/a> was the first virus to be identified in early 1986. Its goal was to be as inconspicuous as possible. It infected the boot system of 5.25\u2033 floppy disks and spread globally in a matter of weeks, which is remarkable given that it was only distributed via 5.25\u2033 floppy disks. Since then, malware has evolved in a variety of ways, and its creators are constantly coming up with new ways to infect victims. They have a powerful distribution network with the Internet, which allows them to affect potential victims much more easily. This will always be the fundamental logic of a hacker, and it is up to us to practice intelligence and counterintelligence to counteract them. Some malware families, such as WannaCryptor, spread indiscriminately by encrypting files and causing global damage. Others affect smaller groups of victims, such as companies from a specific country in the case of Diskcoder. Petya aka C. Industroyer was a recent example of targeted malware. This malware, discovered by ESET, attacks industrial control systems used in the power grid and has caused blackouts in Ukraine by abusing legitimate but unsecured protocols. It is one of the few malware families that can be compared to Stuxnet, the first cyber weapon ever used.<\/p>\n\n\n\n Since the pandemic was declared, cyberattacks have increased, such as those against the Remote Desktop Protocol (RDP) and Ransomware. The world will have one billion malicious codes by 2022. However, cyberthreats have not only increased in number, but they have also become more sophisticated. For example, today we discuss \u201cFileless Malware,\u201d which does not require the user to enter any files into the system in order to run the Malware: it can be stored in the system\u2019s volatile memory. That is why monitoring and prevention technologies are critical.<\/p>\n\n\n\n 1) Torrent \u0111\u1ed9c h\u1ea1i<\/strong>: t\u1eeb gia \u0111\u00ecnh ph\u1ea7n m\u1ec1m \u0111\u1ed9c h\u1ea1i Kryptocibule ch\u01b0a \u0111\u01b0\u1ee3c bi\u1ebft \u0111\u1ebfn tr\u01b0\u1edbc \u0111\u00e2y. N\u00f3 \u0111\u00e1nh c\u1eafp ti\u1ec1n \u0111i\u1ec7n t\u1eed v\u00e0 tr\u00edch xu\u1ea5t c\u00e1c t\u1ec7p li\u00ean quan \u0111\u1ebfn ti\u1ec1n \u0111i\u1ec7n t\u1eed b\u1eb1ng c\u00e1ch s\u1eed d\u1ee5ng cryptominers v\u00e0 chi\u1ebfm \u0111o\u1ea1t clipboard.<\/p>\n\n\n\n 2) M\u1ed1i \u0111e d\u1ecda Android<\/strong>: Malware in the \u2018Hidden Apps\u2019 category has dominated for three consecutive quarters in 2022. This cyberthreat consists of deceptive apps that masquerade as games or utility apps, but after installation, they hide their icons and display full-screen ads.<\/p>\n\n\n\n 3) M\u1ed1i \u0111e d\u1ecda m\u1ea1ng IoT<\/strong>: V\u00ec c\u00e1c thi\u1ebft b\u1ecb IoT \u0111\u01b0\u1ee3c thi\u1ebft k\u1ebf v\u1edbi r\u1ea5t \u00edt ho\u1eb7c kh\u00f4ng c\u00f3 b\u1ea3o m\u1eadt, ch\u00fang l\u00e0 m\u1ee5c ti\u00eau d\u1ec5 d\u00e0ng cho k\u1ebb t\u1ea5n c\u00f4ng m\u1ea1ng. K\u1ebb t\u1ea5n c\u00f4ng c\u00f3 th\u1ec3 l\u00e2y nhi\u1ec5m c\u00e1c thi\u1ebft b\u1ecb n\u00e0y b\u1eb1ng bot \u0111\u1ed9c h\u1ea1i v\u00e0 s\u1eed d\u1ee5ng ch\u00fang trong m\u1ea1ng botnet cho c\u00e1c cu\u1ed9c t\u1ea5n c\u00f4ng quy m\u00f4 l\u1edbn.<\/p>\n\n\n\n 4) Ph\u1ea7n m\u1ec1m \u0111\u1ed9c h\u1ea1i cho Mac<\/strong>: N\u0103m 2021, \u1ee9ng d\u1ee5ng giao d\u1ecbch Kattana cho m\u00e1y t\u00ednh Mac \u0111\u00e3 b\u1ecb sao ch\u00e9p v\u00e0 trojan h\u00f3a. K\u1ebb t\u1ea5n c\u00f4ng \u0111\u00e3 s\u1eed d\u1ee5ng ph\u1ea7n m\u1ec1m \u0111\u1ed9c h\u1ea1i \u0111\u1ec3 \u0111\u00e1nh c\u1eafp th\u00f4ng tin nh\u01b0 cookie tr\u00ecnh duy\u1ec7t, v\u00ed ti\u1ec1n \u0111i\u1ec7n t\u1eed v\u00e0 \u1ea3nh ch\u1ee5p m\u00e0n h\u00ecnh; \u0111\u1ebfn n\u0103m 2022, lo\u1ea1i m\u1ed1i \u0111e d\u1ecda m\u1ea1ng n\u00e0y \u0111\u00e3 b\u1ecb lo\u1ea1i b\u1ecf ho\u00e0n to\u00e0n.<\/p>\n\n\n\n 5) Email \u0111\u1ed9c h\u1ea1i<\/strong>: Vi\u1ec7c ph\u00e2n ph\u1ed1i ph\u1ea7n m\u1ec1m \u0111\u1ed9c h\u1ea1i qua email s\u1ebd t\u0103ng v\u00e0o n\u0103m 2022. M\u1ed9t khai th\u00e1c Microsoft Office l\u00e0 ph\u00e1t hi\u1ec7n ph\u1ed5 bi\u1ebfn nh\u1ea5t v\u00e0o n\u0103m 2022.<\/p>\n\n\n\n Ransomware l\u00e0 m\u1ed9t m\u1ed1i \u0111e d\u1ecda m\u1ea1ng dai d\u1eb3ng \u0111\u00e3 li\u00ean t\u1ee5c t\u1ea5n c\u00f4ng c\u00e1c t\u1ed5 ch\u1ee9c, l\u00e0m t\u1ed5n h\u1ea1i c\u01a1 s\u1edf h\u1ea1 t\u1ea7ng quan tr\u1ecdng nh\u01b0 ch\u00ednh ph\u1ee7, y t\u1ebf v\u00e0 c\u00e1c t\u1ed5 ch\u1ee9c n\u0103ng l\u01b0\u1ee3ng, v\u00e0 ng\u00e0y c\u00e0ng tr\u1edf n\u00ean ph\u1ee9c t\u1ea1p. Vi\u1ec7c ph\u00e1t hi\u1ec7n v\u00e0 lo\u1ea1i b\u1ecf n\u00f3. N\u0103m 2020, ransomware v\u00e0 r\u00f2 r\u1ec9 d\u1eef li\u1ec7u \u0111\u00e3 \u0111\u01b0\u1ee3c h\u1ee3p nh\u1ea5t. Trong b\u00e0i vi\u1ebft n\u00e0y<\/a>, \u00f4ng ch\u1ec9 ra r\u1eb1ng c\u00e1c nh\u00e0 \u0111i\u1ec1u h\u00e0nh c\u1ee7a c\u00e1c gia \u0111\u00ecnh Ransomware kh\u00e1c nhau \u0111\u00e3 th\u00eam m\u1ed9t r\u1ee7i ro kh\u00e1c v\u00e0o lo\u1ea1i t\u1ea5n c\u00f4ng n\u00e0y, v\u00ec ngo\u00e0i vi\u1ec7c chi\u1ebfm \u0111o\u1ea1t t\u1ec7p, h\u1ecd c\u00f2n th\u1ef1c h\u00e0nh t\u1ed1ng ti\u1ec1n, v\u1edbi m\u1ed1i \u0111e d\u1ecda m\u1ea1ng v\u1ec1 vi\u1ec7c r\u00f2 r\u1ec9 th\u00f4ng tin b\u1ecb x\u00e2m ph\u1ea1m. Ph\u01b0\u01a1ng th\u1ee9c n\u00e0y s\u1eed d\u1ee5ng k\u1ef9 thu\u1eadt Doxing, bao g\u1ed3m vi\u1ec7c l\u1ea5y d\u1eef li\u1ec7u b\u00ed m\u1eadt t\u1eeb n\u1ea1n nh\u00e2n v\u00e0 \u0111e d\u1ecda c\u00f4ng khai tr\u1eeb khi ti\u1ec1n t\u1ed1ng ti\u1ec1n \u0111\u01b0\u1ee3c tr\u1ea3. Kh\u00f4ng nghi ng\u1edd g\u00ec, \u0111i\u1ec1u n\u00e0y l\u00e0m t\u0103ng \u00e1p l\u1ef1c l\u00ean nh\u1eefng ng\u01b0\u1eddi b\u1ecb \u1ea3nh h\u01b0\u1edfng, v\u00ec kh\u00f4ng ch\u1ec9 l\u00e0 vi\u1ec7c kh\u00f4i ph\u1ee5c th\u00f4ng tin b\u1ecb m\u00e3 h\u00f3a, m\u00e0 c\u00f2n l\u00e0 vi\u1ec7c ng\u0103n ch\u1eb7n d\u1eef li\u1ec7u b\u1ecb \u0111\u00e1nh c\u1eafp tr\u1edf th\u00e0nh c\u00f4ng khai.<\/p>\n\n\n\n Trojan ng\u00e2n h\u00e0ng<\/a>, also known as \u201cBankers,\u201d are malicious code that is widely used in the field of cybercrime. Their function is to steal banking information from users of this type of service. These details are available on the black market. Some people acquire them in order to engage in criminal activities such as extortion and fraud. Around the world, eleven banking Trojan families have been identified.<\/p>\n\n\n\n C\u00e1c gia \u0111\u00ecnh n\u00e0y s\u1eed d\u1ee5ng c\u00f4ng c\u1ee5 m\u00e3 h\u00f3a v\u00e0 l\u00e0m m\u1edd \u0111\u1ec3 b\u1ea3o v\u1ec7 m\u00e3 kh\u1ecfi ph\u00e2n t\u00edch v\u00e0 do \u0111\u00f3 b\u1ea3o v\u1ec7 ho\u1ea1t \u0111\u1ed9ng \u0111\u1ed9c h\u1ea1i m\u00e0 ch\u00fang th\u1ef1c hi\u1ec7n trong h\u1ec7 th\u1ed1ng. \u0110\u1ec3 tr\u00e1nh b\u1ecb ph\u00e1t hi\u1ec7n, ch\u00fang bao g\u1ed3m c\u00e1c h\u01b0\u1edbng d\u1eabn trong l\u1eadp tr\u00ecnh c\u1ee7a m\u00ecnh m\u00e0 kh\u00f4ng c\u00f3 h\u00e0nh \u0111\u1ed9ng c\u1ee5 th\u1ec3; ch\u00fang \u0111\u01b0\u1ee3c \u0111i\u1ec1n \u0111\u1ea7y, ch\u00fang l\u00e0 m\u00e3 r\u00e1c. Cho \u0111\u1ebfn nay, h\u01a1n 50 t\u1ed5 ch\u1ee9c t\u00e0i ch\u00ednh \u0111\u00e3 \u0111\u01b0\u1ee3c x\u00e1c \u0111\u1ecbnh l\u00e0 n\u1ea1n nh\u00e2n c\u1ee7a h\u00e0nh vi tr\u1ed9m c\u1eafp danh t\u00ednh \u0111\u1ec3 l\u1eeba d\u1ed1i kh\u00e1ch h\u00e0ng c\u1ee7a h\u1ecd.<\/p>\n\n\n\n Trong ba n\u0103m qua, c\u00e1c m\u1ed1i \u0111e d\u1ecda m\u1ea1ng ph\u1ed5 bi\u1ebfn nh\u1ea5t l\u00e0:<\/strong><\/p>\n\n\n\n 1) Ph\u1ea7n m\u1ec1m t\u1ed1ng ti\u1ec1n<\/strong>: c\u00e1c nh\u00e0 ph\u00e1t tri\u1ec3n c\u1ee7a n\u00f3 h\u00ecnh th\u00e0nh c\u00e1c nh\u00f3m t\u1ed5 ch\u1ee9c v\u00e0 b\u00e1n \u0111\u1ea5u gi\u00e1 d\u1eef li\u1ec7u b\u1ecb \u0111\u00e1nh c\u1eafp t\u1eeb n\u1ea1n nh\u00e2n c\u1ee7a h\u1ecd tr\u00ean Dark Web. \u0110\u00e3 c\u00f3 203 bi\u1ebfn th\u1ec3 Ransomware kh\u00e1c nhau \u0111\u01b0\u1ee3c x\u00e1c \u0111\u1ecbnh.<\/p>\n\n\n\n 2) Khai th\u00e1c<\/strong>: m\u00e3 \u0111\u1ed9c c\u1ed1 g\u1eafng truy c\u1eadp v\u00e0o thi\u1ebft b\u1ecb b\u1eb1ng c\u00e1ch khai th\u00e1c m\u1ed9t l\u1ed7 h\u1ed5ng trong h\u1ec7 th\u1ed1ng. EternalBlue<\/a> (m\u00e0 virus WannaCry thu\u1ed9c v\u1ec1) v\u00e0 BlueKeep l\u00e0 hai gia \u0111\u00ecnh ph\u1ed5 bi\u1ebfn h\u01a1n (l\u1ed7 h\u1ed5ng m\u00e1y t\u00ednh t\u1eeb xa, \u0111i\u1ec1u g\u00ec \u0111\u00f3 tr\u1edf n\u00ean quan tr\u1ecdng v\u00e0o n\u0103m 2022 do xu h\u01b0\u1edbng l\u00e0m vi\u1ec7c t\u1eeb xa).<\/p>\n\n\n\n
Ph\u1ea7n m\u1ec1m \u0111\u1ed9c h\u1ea1i thu\u1ed9c c\u00e1c lo\u1ea1i sau \u0111\u00e3 \u0111\u01b0\u1ee3c ph\u00e1t hi\u1ec7n v\u00e0o n\u0103m 2021 v\u00e0 2022:<\/strong><\/p>\n\n\n\n