Security News
A Vietnamese threat actor has been attributed as behind a "Malverposting" campaign on social media platforms to infect over 500,000 devices worldwide over the past three months to deliver variants of information stealers such as S1deload Stealer and SYS01stealer. Malverposting refers to the use of promoted social media posts on services like Facebook and Twitter to mass propagate malicious software and other security threats.
Security vendor WithSecure, which was spun out in March 2022 as F-Secure's enterprise security arm, claims it's found malware that targets Facebook Business accounts. "The malware is designed to steal browser cookies and take advantage of authenticated Facebook sessions to steal information from the victim's Facebook account and ultimately hijack any Facebook Business account that the victim has sufficient access to."
Facebook on Tuesday revealed it filed two separate legal actions against perpetrators who abused its ad platform to run deceptive advertisements in violation of the company's Terms and Advertising Policies. "In the second case, the defendants are a group of individuals located in Vietnam who got users to self-compromise their Facebook accounts and ran millions of dollars of unauthorized ads."
Facebook this week announced filing two lawsuits - one against an organization and its agents and one against four individuals in Vietnam - over advertising-related schemes. According to Facebook, four individuals residing in Vietnam employed session/cookie theft techniques to compromise the accounts of employees at advertising and marketing agencies, leveraging them to run unauthorized ads.
A hacking group related to a Chinese-speaking threat actor has been linked to an advanced cyberespionage campaign targeting government and military organizations in Vietnam. According to researchers from Kaspersky, the offensive, which was observed between June 2020 and January 2021, leverages a method called DLL side-loading to execute shellcode that decrypts a final payload dubbed "FoundCore."
China-linked cyber-espionage group Cycldek is showing increasing sophistication in a series of recent attacks targeting government and military entities in Vietnam, according to a report from anti-malware vendor Kaspersky. The more recent attacks, Kaspersky says, show further increase in sophistication.
Human-rights activists are being targeted by cyberattacks as part of a wider effort by the Vietnamese state to censor anyone speaking out against the government, Amnesty International's Security Lab alleges. Ocean Lotus, a well-known threat actor dating back to 2013, is behind the spyware campaign against human-rights defenders and has long been identified as having goals "Aligned with the Vietnamese state interests," according to Amnesty International's report on the situation.
Between February 2018 and November 2020, Vietnam-linked hacking group Ocean Lotus targeted Vietnamese human rights activists in the country and abroad with spyware, a new report from Amnesty International reveals. Also referred to as APT32, APT-C-00, SeaLotus, and Cobalt Kitty, Ocean Lotus is a highly sophisticated group that has been active since at least 2012, mainly focused on media, human rights, and civil society organizations, but also targeting Vietnamese political dissidents, foreign governments and companies.
Kaspersky's security researchers have uncovered a long-running spyware campaign targeting Android users that bears the marks of Vietnam-linked hacking group OceanLotus. Multiple variants of the malware were identified by BlackBerry researchers too, who included information on them in a report published in October 2019.
A Vietnam-linked threat actor tracked as APT32 is believed to have carried out intrusion campaigns against Chinese entities in an effort to collect intelligence on the COVID-19 crisis, FireEye reports. A state-sponsored hacking group also known as OceanLotus and APT-C-00, APT32 is believed to be well-resourced and determined, and was previously observed targeting corporate and government organizations in Southeast Asia.