Hackers have been using malicious IP addresses/domains as command and control servers to launch their attacks. — Image courtesy of Appota

HÀ NỘI — A total of 85 cases of cyber attacks on Việt Nam’s websites and information portals were reported in the past week, according to the Authority of Information Security (under the Ministry of Information and Communications).

Seventy four were phishing attacks and eleven were malware installations.

According to the information security authority, attackers have been using malicious IP addresses/domains as command and control (C&C) servers within a botnet, which is a network of private computers infected with malicious software and controlled as a group without the owners' knowledge.

Through the C&C servers, the attackers can launch distributed denial-of-service (DDoS) attacks, spreading malware and spam and accessing and stealing data.

The Authority of Information Security has identified 20 IP addresses/domains belonging to botnets that are affecting Vietnamese internet users.

They are differentia.ru; restless.su; disorderstatus.ru; andall.servicesql.info; atomictrivia.ru; griefcube.cc; amnsreiuojy.ru; uyhgqunqkxnx.pw; hzmksreiuojy.ru; xiaoe.com; xjpakmdcfuqe.biz; vqelhmqyuphr.info; restlesz.su; rikip.com; xjpakmdcfuqe.com; mildwave.com; xjpakmdcfuqe.in; maxisurf.net; xjpakmdcfuqe.ru; ljjskttqximu.in.

Therefore, the department recommends reviewing and opening service portals that could be exploited for cyber attacks, with regular server inspection to promptly detect and handle possible risks.

For IP addresses/domains with multiple connections, it is necessary to inspect and review all devices in the network system if there are signs of links to malicious domains. — VNS