APT campaign targeting computers with no detected internet connection

BKAV said computers without an internet connection could be targets for hackers. The computers contain important data and once stolen, there will be serious consequences.

Authorities and organizations set up computers with important data within the local network and cut off the Internet connections of these computers to avoid risks from cyber attacks. However, this is not enough to protect data.

Ngo Minh Hieu, a security expert, said it’s a mistake to think that only internet-connected computers can be victims of cyberattacks and data theft.

In fact, hackers can attack computers without an internet connection by exploiting the principle that all electronic devices generate electronic waves to steal information.

In many cases, hackers conduct attack campaigns using malware distributed via USBs and CDs in the form of gifts or promotional programs to steal information.

BKAV’s Nguyen Tien Dat told VietNamNet on February 21 that ahead of Tet, BKAV’s malware monitoring and warning system had detected a sharp increase in the number of malware samples targeting computers without an internet connection.

The stolen data includes files with the extensions .doc, .docx, .xls, .xlsx, .ppt, .pptx and .pdf.

At present, the number of malicious codes targeting computers without an Internet connection seems to be decreasing, but has not completely disappeared.

This isn’t the first time malware has appeared in Vietnam. PlugX has been used in many other campaigns around the world.

In Vietnam, BKAV’s system first detected malware at the end of January 2020. Dat said that this perilous malware uses very sophisticated and difficult to detect methods.

READ :  Why anti-trans web forum Kiwi Farms was erased from the internet

Meanwhile, spreading malware inside the internal system by spreading via USB causes the malware to spread quickly.

BKAV’s experts said that malware steals information from computers without an internet connection by copying data to a folder faking the recycle bin in USB.

In order to proliferate malware to other computers, malware creates fake shortcut with executable codes to trick user into clicking. When users insert USB into computers without internet connection and click on shortcut, malware gets activated and steals information and inserts it into USB.

When the malware runs on internet-connected computers, it sends stolen data to the server. Also, malware has the function of receiving and executing commands from servers to steal other information like names of computers and configuration.

strong date