Warning: The GandCrab 5.2 ransomware is impersonating the Ministry of Public Security of Vietnam

15:32, 19/03/2019

Recently, the Vietnam Computer Emergency Response Team (VNCERT) issued Official Dispatch No. 81/VNCERT-DPUC to warn about monitoring and blocking connections to the command and control servers of the GandCrab 5.2 malware.

In Vietnam, GandCrab 5.2 is distributed through spoofed emails claiming to be from the Ministry of Public Security, with the subject "Goi trong Cong an Nhan dan Viet Nam" and an attached file named documents.rar. When users extract and open the file, their data is encrypted, and a ransom demand file is generated, asking for a ransom of USD 400 - 1,000.

To help users prevent this malware, Official Dispatch No. 81/VNCERT-DPUC provides the following measures:

- Monitor and block connections to the command and control servers of the GandCrab ransomware, and update protection systems such as IDS/IPS, Firewall, etc.;

- If detected, promptly isolate the affected area/machine;

- Do not open or click on links or attachments in emails from unknown sources that contain files in formats such as .doc, .pdf, .zip, rar, etc.

More details can be found in Official Dispatch No. 81/VNCERT-DPUC issued on March 15, 2019.

>> CLICK HERE TO READ THIS ARTICLE IN VIETNAMESE

1 lượt xem

- The legal regulations in this article are according to Vietnamese Law;
- This English translation is for reference purposes only and not a definitive translation of the original Vietnamese texts;
- Articles may be compiled from a variety of sources;
- Applicable Terms may have expired at the time you are reading;
- If you have any questions about the copyright of the article, please contact us via email [email protected]