Hackers Target Vietnam In Complex Supply Chain Attack

Vietnam appears to have been the target of a complex supply chain attack by unknown hackers utilizing malware. Targets were Vietnamese private companies and government agencies by inserting malware inside an official government software toolkit. This is according to a report from ESET:

ESET researchers uncovered this new supply-chain attack in early December 2020 and notified the compromised organization and the VNCERT. We believe that the website has not been delivering compromised software installers as of the end of August 2020 and ESET telemetry data does not indicate the compromised installers being distributed anywhere else. The Vietnam Government Certification Authority confirmed that they were aware of the attack before our notification and that they notified the users who downloaded the trojanized software.

I find it difficult to believe that the Vietnam Government Certification Authority or VGCA was aware of this seeing as the day that ESET released their report the VGCA admitted to the security breach and published a tutorial on how users could remove the malware from their systems. So read into that what you will. I read it as “or crap we got caught out and we now have to make it look like we were on top of things.”

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: