{"id":7099,"date":"2023-07-25T11:16:29","date_gmt":"2023-07-25T04:16:29","guid":{"rendered":"https:\/\/vacif.com\/?p=7099"},"modified":"2023-07-25T11:16:29","modified_gmt":"2023-07-25T04:16:29","slug":"hieu-ve-ransomware-co-che-va-hoat-dong","status":"publish","type":"post","link":"https:\/\/vacif.com\/en\/hieu-ve-ransomware-co-che-va-hoat-dong\/","title":{"rendered":"HI\u1ec2U V\u1ec0 RANSOMWARE: C\u01a0 CH\u1ebe V\u00c0 HO\u1ea0T \u0110\u1ed8NG (P1)"},"content":{"rendered":"\n

T\u1ed5ng quan :<\/strong><\/p>\n\n\n\n

Ransomware, m\u1ed9t trong nh\u1eefng m\u1ed1i \u0111e d\u1ecda m\u1ea1ng ph\u1ee9c t\u1ea1p v\u00e0 nguy hi\u1ec3m nh\u1ea5t c\u1ee7a th\u1ebf gi\u1edbi k\u1ef9 thu\u1eadt s\u1ed1, \u0111\u00e3 ng\u00e0y c\u00e0ng tr\u1edf n\u00ean ph\u1ed5 bi\u1ebfn v\u00e0 g\u00e2y ra nh\u1eefng thi\u1ec7t h\u1ea1i nghi\u00eam tr\u1ecdng cho c\u00e1c t\u1ed5 ch\u1ee9c v\u00e0 c\u00e1 nh\u00e2n tr\u00ean kh\u1eafp th\u1ebf gi\u1edbi. V\u1edbi t\u00ednh ch\u1ea5t \u0111\u1ed9c h\u1ea1i v\u00e0 tinh vi c\u1ee7a m\u00ecnh, ransomware \u0111\u00e3 kh\u00f4ng ng\u1eebng ti\u1ebfn h\u00f3a v\u00e0 l\u00e0m kh\u00f3 kh\u0103n cho c\u1ea3 nh\u1eefng h\u1ec7 th\u1ed1ng b\u1ea3o m\u1eadt ch\u1eb7t ch\u1ebd nh\u1ea5t.<\/p>\n\n\n\n

Trong b\u1ed1i c\u1ea3nh n\u00e0y, hi\u1ec3u r\u00f5 v\u1ec1 c\u01a1 ch\u1ebf v\u00e0 ho\u1ea1t \u0111\u1ed9ng c\u1ee7a ransomware l\u00e0 v\u00f4 c\u00f9ng c\u1ea7n thi\u1ebft \u0111\u1ec3 b\u1ea3o v\u1ec7 ch\u00ednh m\u00ecnh kh\u1ecfi nh\u1eefng cu\u1ed9c t\u1ea5n c\u00f4ng nguy hi\u1ec3m n\u00e0y. Trong b\u00e0i vi\u1ebft n\u00e0y, ch\u00fang ta s\u1ebd c\u00f9ng nhau kh\u00e1m ph\u00e1 c\u00e1ch ransomware ho\u1ea1t \u0111\u1ed9ng v\u00e0 c\u01a1 ch\u1ebf ho\u1ea1t \u0111\u1ed9ng ph\u00eda sau nh\u1eefng v\u1ee5 t\u1ea5n c\u00f4ng \u0111\u00e1ng s\u1ee3 n\u00e0y. B\u1eb1ng c\u00e1ch n\u1eafm v\u1eefng nh\u1eefng th\u00f4ng tin n\u00e0y, ch\u00fang ta s\u1ebd c\u00f3 c\u01a1 h\u1ed9i t\u0103ng c\u01b0\u1eddng s\u1ef1 t\u1ef1 b\u1ea3o v\u1ec7 v\u00e0 \u0111\u1ed1i ph\u00f3 m\u1ed9t c\u00e1ch hi\u1ec7u qu\u1ea3 v\u1edbi m\u1ed1i \u0111e d\u1ecda n\u00e0y.<\/p>\n\n\n\n

Trong b\u00e0i vi\u1ebft n\u00e0y, ch\u00fang ta s\u1ebd t\u00ecm hi\u1ec3u s\u00e2u h\u01a1n v\u1ec1 c\u01a1 ch\u1ebf ho\u1ea1t \u0111\u1ed9ng c\u1ee7a ransomware v\u00e0 t\u00e1c \u0111\u1ed9ng g\u00e2y ra b\u1edfi c\u00e1c cu\u1ed9c t\u1ea5n c\u00f4ng n\u00e0y, nh\u1eb1m t\u0103ng c\u01b0\u1eddng hi\u1ec3u bi\u1ebft v\u00e0 ph\u00f2ng ng\u1eeba hi\u1ec7u qu\u1ea3 tr\u01b0\u1edbc m\u1ed1i \u0111e d\u1ecda \u0111\u00e1ng s\u1ee3 n\u00e0y.<\/p>\n\n\n\n

M\u1ee5c l\u1ee5c :<\/strong><\/p>\n\n\n\n

I. Ransomware l\u00e0 g\u00ec ?<\/strong><\/p>\n\n\n\n

II. M\u1ed9t s\u1ed1 cu\u1ed9c t\u1ea5n c\u00f4ng Ransomware \u0111i\u1ec3n h\u00ecnh g\u1ea7n \u0111\u00e2y<\/strong><\/p>\n\n\n\n

III. M\u1ed9t s\u1ed1 bi\u1ebfn th\u1ec3 c\u1ee7a Ransomeware ph\u1ed5 bi\u1ebfn<\/strong><\/p>\n\n\n\n

IV. C\u00e1ch th\u1ee9c ho\u1ea1t \u0111\u1ed9ng c\u1ee7a Ransomeware<\/strong><\/p>\n\n\n\n

N\u1ed9i dung b\u00e0i vi\u1ebft :<\/strong><\/p>\n\n\n\n

I. Ransomware l\u00e0 g\u00ec ?<\/strong><\/p>\n\n\n

\n
\"\"<\/figure>\n<\/div>\n\n\n

Ransomware l\u00e0 m\u1ed9t lo\u1ea1i ph\u1ea7n m\u1ec1m \u0111\u1ed9c h\u1ea1i \u0111\u01b0\u1ee3c thi\u1ebft k\u1ebf nh\u1eb1m t\u1eeb ch\u1ed1i ng\u01b0\u1eddi d\u00f9ng ho\u1eb7c t\u1ed5 ch\u1ee9c truy c\u1eadp v\u00e0o c\u00e1c t\u1eadp tin tr\u00ean m\u00e1y t\u00ednh c\u1ee7a h\u1ecd. Th\u00f4ng qua vi\u1ec7c m\u00e3 h\u00f3a c\u00e1c t\u1eadp tin n\u00e0y v\u00e0 \u0111\u00f2i h\u1ecfi thanh to\u00e1n ti\u1ec1n chu\u1ed9c \u0111\u1ec3 c\u00f3 \u0111\u01b0\u1ee3c ch\u00eca kh\u00f3a gi\u1ea3i m\u00e3, nh\u1eefng k\u1ebb t\u1ea5n c\u00f4ng m\u1ea1ng \u0111\u01b0a c\u00e1c t\u1ed5 ch\u1ee9c v\u00e0o t\u00ecnh th\u1ebf kh\u00f3 kh\u0103n, khi thanh to\u00e1n ti\u1ec1n chu\u1ed9c tr\u1edf th\u00e0nh ph\u01b0\u01a1ng \u00e1n d\u1ec5 d\u00e0ng v\u00e0 ti\u1ebft ki\u1ec7m nh\u1ea5t \u0111\u1ec3 kh\u00f4i ph\u1ee5c quy\u1ec1n truy c\u1eadp v\u00e0o c\u00e1c t\u1eadp tin quan tr\u1ecdng.<\/p>\n\n\n\n

Ngo\u00e0i ra, m\u1ed9t s\u1ed1 bi\u1ebfn th\u1ec3 ransomware \u0111\u00e3 \u0111\u01b0\u1ee3c b\u1ed5 sung ch\u1ee9c n\u0103ng ph\u1ee5, ch\u1eb3ng h\u1ea1n nh\u01b0 \u0111\u00e1nh c\u1eafp d\u1eef li\u1ec7u, nh\u1eb1m t\u1ea1o th\u00eam \u0111\u1ed9ng l\u1ef1c cho c\u00e1c n\u1ea1n nh\u00e2n c\u1ee7a ransomware \u0111\u1ec3 thanh to\u00e1n ti\u1ec1n chu\u1ed9c.<\/p>\n\n\n\n

Kh\u00f4ng ng\u1ea1c nhi\u00ean khi ransomware nhanh ch\u00f3ng tr\u1edf th\u00e0nh m\u1ed9t trong nh\u1eefng lo\u1ea1i ph\u1ea7n m\u1ec1m \u0111\u1ed9c h\u1ea1i n\u1ed5i b\u1eadt v\u00e0 \u0111\u00e1ng ch\u00fa \u00fd nh\u1ea5t. C\u00e1c cu\u1ed9c t\u1ea5n c\u00f4ng ransomware g\u1ea7n \u0111\u00e2y \u0111\u00e3 g\u00e2y \u1ea3nh h\u01b0\u1edfng l\u1edbn \u0111\u1ebfn kh\u1ea3 n\u0103ng cung c\u1ea5p d\u1ecbch v\u1ee5 quan tr\u1ecdng c\u1ee7a c\u00e1c b\u1ec7nh vi\u1ec7n, l\u00e0m \u0111\u1ee9t g\u00e3y c\u00e1c d\u1ecbch v\u1ee5 c\u00f4ng c\u1ed9ng trong c\u00e1c th\u00e0nh ph\u1ed1, v\u00e0 g\u00e2y ra thi\u1ec7t h\u1ea1i nghi\u00eam tr\u1ecdng cho nhi\u1ec1u t\u1ed5 ch\u1ee9c kh\u00e1c nhau.<\/p>\n\n\n\n

II. M\u1ed9t s\u1ed1 cu\u1ed9c t\u1ea5n c\u00f4ng Ransomware \u0111i\u1ec3n h\u00ecnh g\u1ea7n \u0111\u00e2y<\/strong><\/p>\n\n\n

\n
\"\"<\/figure>\n<\/div>\n\n\n

S\u1ef1 xu\u1ea5t hi\u1ec7n c\u1ee7a ph\u1ea7n m\u1ec1m \u0111\u1ed9c h\u1ea1i ransomware hi\u1ec7n \u0111\u1ea1i b\u1eaft \u0111\u1ea7u v\u1edbi cu\u1ed9c l\u00e2y lan c\u1ee7a WannaCry v\u00e0o n\u0103m 2017. Cu\u1ed9c t\u1ea5n c\u00f4ng l\u1edbn quy m\u00f4 n\u00e0y \u0111\u00e3 l\u00e0m r\u00f5 r\u1eb1ng c\u00e1c cu\u1ed9c t\u1ea5n c\u00f4ng ransomware kh\u00f4ng ch\u1ec9 kh\u1ea3 thi m\u00e0 c\u00f2n mang l\u1ea1i ti\u1ec1m n\u0103ng l\u1ee3i nhu\u1eadn. K\u1ec3 t\u1eeb \u0111\u00f3, h\u00e0ng ch\u1ee5c bi\u1ebfn th\u1ec3 ransomware \u0111\u00e3 \u0111\u01b0\u1ee3c ph\u00e1t tri\u1ec3n v\u00e0 s\u1eed d\u1ee5ng trong nhi\u1ec1u cu\u1ed9c t\u1ea5n c\u00f4ng kh\u00e1c nhau.<\/p>\n\n\n\n

B\u00ean c\u1ea1nh \u0111\u00f3, \u0111\u1ea1i d\u1ecbch COVID-19 c\u0169ng \u0111\u00f3ng g\u00f3p v\u00e0o s\u1ef1 b\u00f9ng n\u1ed5 g\u1ea7n \u0111\u00e2y c\u1ee7a ransomware. Khi c\u00e1c t\u1ed5 ch\u1ee9c nhanh ch\u00f3ng chuy\u1ec3n \u0111\u1ed5i sang l\u00e0m vi\u1ec7c t\u1eeb xa, \u0111\u00e3 t\u1ea1o ra nh\u1eefng l\u1ed7 h\u1ed5ng trong h\u1ec7 th\u1ed1ng ph\u00f2ng v\u1ec7 m\u1ea1ng c\u1ee7a h\u1ecd. T\u1ed9i ph\u1ea1m m\u1ea1ng \u0111\u00e3 khai th\u00e1c nh\u1eefng \u0111i\u1ec3m y\u1ebfu n\u00e0y \u0111\u1ec3 ti\u1ebfn h\u00e0nh c\u00e1c cu\u1ed9c t\u1ea5n c\u00f4ng ransomware, d\u1eabn \u0111\u1ebfn m\u1ed9t l\u00e0n s\u00f3ng t\u1ea5n c\u00f4ng ransomware gia t\u0103ng. Trong qu\u00fd 3 n\u0103m 2020, s\u1ed1 l\u01b0\u1ee3ng cu\u1ed9c t\u1ea5n c\u00f4ng ransomware t\u0103ng 50% so v\u1edbi n\u1eeda \u0111\u1ea7u n\u0103m \u0111\u00f3.<\/p>\n\n\n\n

III. M\u1ed9t s\u1ed1 bi\u1ebfn th\u1ec3 c\u1ee7a Ransomeware ph\u1ed5 bi\u1ebfn<\/strong><\/p>\n\n\n\n

Hi\u1ec7n c\u00f3 h\u00e0ng ch\u1ee5c bi\u1ebfn th\u1ec3 ransomware t\u1ed3n t\u1ea1i, m\u1ed7i lo\u1ea1i \u0111\u1ec1u c\u00f3 c\u00e1c \u0111\u1eb7c \u0111i\u1ec3m ri\u00eang bi\u1ec7t. Tuy nhi\u00ean, c\u00f3 m\u1ed9t s\u1ed1 nh\u00f3m ransomware \u0111\u00e3 th\u00e0nh c\u00f4ng v\u00e0 ph\u1ed5 bi\u1ebfn h\u01a1n c\u00e1c nh\u00f3m kh\u00e1c, khi\u1ebfn ch\u00fang n\u1ed5i b\u1eadt h\u01a1n trong c\u1ed9ng \u0111\u1ed3ng hacker.<\/p>\n\n\n\n

1. Ryuk<\/strong><\/p>\n\n\n

\n
\"\"<\/figure>\n<\/div>\n\n\n

Ryuk l\u00e0 m\u1ed9t v\u00ed d\u1ee5 \u0111i\u1ec3n h\u00ecnh v\u1ec1 bi\u1ebfn th\u1ec3 ransomware nh\u1eafm m\u1ee5c ti\u00eau r\u1ea5t ch\u00ednh x\u00e1c. Th\u01b0\u1eddng \u0111\u01b0\u1ee3c ph\u00e2n ph\u1ed1i th\u00f4ng qua email spear phishing ho\u1eb7c s\u1eed d\u1ee5ng th\u00f4ng tin \u0111\u0103ng nh\u1eadp ng\u01b0\u1eddi d\u00f9ng b\u1ecb x\u00e2m ph\u1ea1m \u0111\u1ec3 truy c\u1eadp v\u00e0o h\u1ec7 th\u1ed1ng doanh nghi\u1ec7p qua giao th\u1ee9c Remote Desktop Protocol (RDP). Khi h\u1ec7 th\u1ed1ng b\u1ecb nhi\u1ec5m, Ryuk s\u1ebd m\u00e3 h\u00f3a m\u1ed9t s\u1ed1 lo\u1ea1i t\u1eadp tin (tr\u00e1nh nh\u1eefng t\u1eadp tin quan tr\u1ecdng cho ho\u1ea1t \u0111\u1ed9ng c\u1ee7a m\u00e1y t\u00ednh) v\u00e0 sau \u0111\u00f3 \u0111\u01b0a ra y\u00eau c\u1ea7u chu\u1ed9c ti\u1ec1n.<\/p>\n\n\n\n

Ryuk n\u1ed5i ti\u1ebfng v\u1edbi vi\u1ec7c l\u00e0 m\u1ed9t trong nh\u1eefng lo\u1ea1i ransomware \u0111\u1eaft nh\u1ea5t hi\u1ec7n nay. M\u1ee9c ti\u1ec1n chu\u1ed9c m\u00e0 Ryuk \u0111\u00f2i trung b\u00ecnh v\u01b0\u1ee3t qua con s\u1ed1 1 tri\u1ec7u \u0111\u00f4 la. \u0110i\u1ec1u n\u00e0y l\u00e0m cho c\u00e1c t\u1ed9i ph\u1ea1m m\u1ea1ng \u0111\u1ee9ng sau Ryuk ch\u1ee7 y\u1ebfu t\u1eadp trung v\u00e0o c\u00e1c doanh nghi\u1ec7p c\u00f3 ngu\u1ed3n t\u00e0i nguy\u00ean \u0111\u1ee7 \u0111\u1ec3 \u0111\u00e1p \u1ee9ng y\u00eau c\u1ea7u c\u1ee7a h\u1ecd. Nh\u1eefng t\u1ed5 ch\u1ee9c l\u1edbn v\u00e0 gi\u00e0u c\u00f3 tr\u1edf th\u00e0nh m\u1ee5c ti\u00eau ph\u1ed5 bi\u1ebfn c\u1ee7a nh\u00f3m t\u1ea5n c\u00f4ng n\u00e0y.<\/p>\n\n\n\n

Ryuk kh\u00f4ng ch\u1ec9 n\u1ed5i ti\u1ebfng v\u1edbi vi\u1ec7c \u0111\u00f2i ti\u1ec1n chu\u1ed9c cao \u0111\u1eaft m\u00e0 c\u00f2n v\u1edbi phong c\u00e1ch t\u1ea5n c\u00f4ng tinh vi v\u00e0 th\u1eadn tr\u1ecdng. Khi t\u1ea5n c\u00f4ng, c\u00e1c nh\u00f3m ransomware Ryuk th\u01b0\u1eddng th\u0103m d\u00f2 v\u00e0 theo d\u00f5i m\u00f4i tr\u01b0\u1eddng m\u1ea1ng c\u1ee7a m\u1ee5c ti\u00eau tr\u01b0\u1edbc khi th\u1ef1c hi\u1ec7n h\u00e0nh \u0111\u1ed9ng ti\u1ebfn h\u00e0nh m\u00e3 h\u00f3a. \u0110i\u1ec1u n\u00e0y gi\u00fap h\u1ecd x\u00e1c \u0111\u1ecbnh c\u00e1c t\u1eadp tin v\u00e0 d\u1eef li\u1ec7u quan tr\u1ecdng, \u0111\u1ed3ng th\u1eddi tr\u00e1nh m\u00e3 h\u00f3a nh\u1eefng t\u1eadp tin c\u00f3 li\u00ean quan \u0111\u1ebfn h\u1ec7 th\u1ed1ng ho\u1ea1t \u0111\u1ed9ng c\u01a1 b\u1ea3n c\u1ee7a doanh nghi\u1ec7p.<\/p>\n\n\n\n

M\u1ed9t l\u1ea7n khi m\u00e1y t\u00ednh hay m\u1ea1ng c\u1ee7a m\u1ee5c ti\u00eau \u0111\u00e3 b\u1ecb nhi\u1ec5m, Ryuk hi\u1ec3n th\u1ecb th\u00f4ng \u0111i\u1ec7p chu\u1ed9c ti\u1ec1n v\u1edbi s\u1ed1 ti\u1ec1n \u0111\u00f2i h\u1ecfi l\u1edbn. Vi\u1ec7c \u0111\u00f2i ti\u1ec1n chu\u1ed9c v\u1edbi m\u1ee9c gi\u00e1 cao c\u0169ng k\u00e8m theo m\u1ed9t h\u1ea1n ch\u1ebf th\u1eddi gian, th\u01b0\u1eddng ch\u1ec9 trong v\u00e0i ng\u00e0y. N\u1ebfu kh\u00f4ng c\u00f3 s\u1ef1 thanh to\u00e1n trong th\u1eddi h\u1ea1n quy \u0111\u1ecbnh, s\u1ed1 ti\u1ec1n \u0111\u00f2i h\u1ecfi s\u1ebd t\u0103ng l\u00ean \u0111\u00e1ng k\u1ec3.<\/p>\n\n\n\n

C\u00e1c nh\u00f3m t\u1ea5n c\u00f4ng Ryuk \u0111\u00e3 ti\u1ebfn h\u00e0nh h\u00e0ng lo\u1ea1t cu\u1ed9c t\u1ea5n c\u00f4ng th\u00e0nh c\u00f4ng v\u00e0o nhi\u1ec1u t\u1ed5 ch\u1ee9c l\u1edbn, bao g\u1ed3m c\u1ea3 c\u00e1c c\u01a1 quan ch\u00ednh ph\u1ee7, t\u1ed5 ch\u1ee9c y t\u1ebf v\u00e0 c\u00e1c c\u00f4ng ty \u0111a qu\u1ed1c gia. H\u1ecd \u0111\u00e3 thu \u0111\u01b0\u1ee3c nh\u1eefng kho\u1ea3n ti\u1ec1n chu\u1ed9c kh\u1ed5ng l\u1ed3 t\u1eeb nh\u1eefng cu\u1ed9c t\u1ea5n c\u00f4ng n\u00e0y, l\u00e0m cho Ryuk tr\u1edf th\u00e0nh m\u1ed1i \u0111e d\u1ecda nguy hi\u1ec3m v\u00e0 \u0111\u00e1ng s\u1ee3 trong th\u1ebf gi\u1edbi an ninh m\u1ea1ng. Vi\u1ec7c \u0111\u1ed1i m\u1eb7t v\u1edbi Ryuk \u0111\u00f2i h\u1ecfi c\u00e1c t\u1ed5 ch\u1ee9c ph\u1ea3i th\u1ef1c hi\u1ec7n c\u00e1c bi\u1ec7n ph\u00e1p b\u1ea3o m\u1eadt m\u1ea1nh m\u1ebd v\u00e0 \u0111\u1ea7y \u0111\u1ee7 \u0111\u1ec3 b\u1ea3o v\u1ec7 h\u1ec7 th\u1ed1ng v\u00e0 d\u1eef li\u1ec7u c\u1ee7a h\u1ecd tr\u01b0\u1edbc m\u1ed1i \u0111e d\u1ecda ti\u1ec1m \u1ea9n n\u00e0y.<\/p>\n\n\n\n

2. Maze<\/strong><\/p>\n\n\n

\n
\"\"<\/figure>\n<\/div>\n\n\n

Ransomware Maze \u0111\u00e3 g\u00e2y ti\u1ebfng vang l\u1edbn v\u00ec l\u00e0 m\u1ed9t bi\u1ebfn th\u1ec3 ransomware \u0111\u1ea7u ti\u00ean k\u1ebft h\u1ee3p gi\u1eefa m\u00e3 h\u00f3a t\u1eadp tin v\u00e0 \u0111\u00e1nh c\u1eafp d\u1eef li\u1ec7u. Khi c\u00e1c m\u1ee5c ti\u00eau t\u1eeb ch\u1ed1i thanh to\u00e1n ti\u1ec1n chu\u1ed9c, Maze \u0111\u00e3 b\u1eaft \u0111\u1ea7u thu th\u1eadp d\u1eef li\u1ec7u nh\u1ea1y c\u1ea3m t\u1eeb m\u00e1y t\u00ednh c\u1ee7a n\u1ea1n nh\u00e2n tr\u01b0\u1edbc khi m\u00e3 h\u00f3a n\u00f3. Trong tr\u01b0\u1eddng h\u1ee3p kh\u00f4ng \u0111\u00e1p \u1ee9ng y\u00eau c\u1ea7u ti\u1ec1n chu\u1ed9c, nh\u00f3m t\u1ed9i ph\u1ea1m \u0111\u00e3 th\u1ef1c hi\u1ec7n vi\u1ec7c ti\u1ebft l\u1ed9 c\u00f4ng khai d\u1eef li\u1ec7u n\u00e0y ho\u1eb7c b\u00e1n n\u00f3 cho ng\u01b0\u1eddi mua \u0111\u01b0a ra gi\u00e1 cao nh\u1ea5t. Ti\u1ec1m n\u0103ng c\u1ee7a vi\u1ec7c x\u1ea3y ra m\u1ed9t v\u1ee5 vi ph\u1ea1m d\u1eef li\u1ec7u \u0111\u00e1ng gi\u00e1 \u0111\u00e3 \u0111\u01b0\u1ee3c s\u1eed d\u1ee5ng nh\u01b0 m\u1ed9t \u0111\u1ed9ng l\u1ef1c b\u1ed5 sung \u0111\u1ec3 th\u00fac \u0111\u1ea9y qu\u00e1 tr\u00ecnh thanh to\u00e1n ti\u1ec1n chu\u1ed9c.<\/p>\n\n\n\n

Tuy nhi\u00ean, m\u1eb7c d\u00f9 nh\u00f3m \u0111\u1ee9ng sau ransomware Maze \u0111\u00e3 ch\u00ednh th\u1ee9c ch\u1ea5m d\u1ee9t ho\u1ea1t \u0111\u1ed9ng c\u1ee7a m\u00ecnh, \u0111i\u1ec1u n\u00e0y kh\u00f4ng c\u00f3 ngh\u0129a l\u00e0 m\u1ed1i \u0111e d\u1ecda c\u1ee7a ransomware \u0111\u00e3 gi\u1ea3m \u0111i. M\u1ed9t s\u1ed1 th\u00e0nh vi\u00ean li\u00ean quan \u0111\u1ebfn Maze \u0111\u00e3 chuy\u1ec3n sang s\u1eed d\u1ee5ng ransomware Egregor, v\u00e0 c\u00f3 tin r\u1eb1ng Egregor, Maze v\u00e0 c\u00e1c bi\u1ebfn th\u1ec3 Sekhmet c\u00f3 ngu\u1ed3n g\u1ed1c chung. Do \u0111\u00f3, c\u1ea7n ti\u1ebfp t\u1ee5c t\u0103ng c\u01b0\u1eddng bi\u1ec7n ph\u00e1p b\u1ea3o m\u1eadt v\u00e0 \u0111\u1ec1 cao \u00fd th\u1ee9c v\u1ec1 m\u1ed1i nguy hi\u1ec3m c\u1ee7a ransomware \u0111\u1ec3 b\u1ea3o v\u1ec7 hi\u1ec7u qu\u1ea3 h\u1ec7 th\u1ed1ng v\u00e0 d\u1eef li\u1ec7u c\u1ee7a m\u1ecdi t\u1ed5 ch\u1ee9c v\u00e0 c\u00e1 nh\u00e2n.<\/p>\n\n\n\n

Nh\u1eefng s\u1ef1 ki\u1ec7n v\u1ec1 vi\u1ec7c nh\u00f3m ph\u00e1t tri\u1ec3n Maze ch\u1ea5m d\u1ee9t ho\u1ea1t \u0111\u1ed9ng v\u00e0 ti\u1ebfp t\u1ee5c d\u00f9ng c\u00e1c bi\u1ebfn th\u1ec3 ransomware kh\u00e1c nhau nh\u01b0 Egregor, Maze v\u00e0 Sekhmet, ch\u1ee9ng t\u1ecf m\u1ed1i \u0111e d\u1ecda c\u1ee7a ransomware v\u1eabn c\u00f2n nguy hi\u1ec3m v\u00e0 kh\u00f4ng ng\u1eebng ti\u1ebfn h\u00f3a. C\u00e1c t\u1ed9i ph\u1ea1m m\u1ea1ng ng\u00e0y c\u00e0ng th\u00f4ng minh v\u00e0 tinh vi trong c\u00e1ch t\u1ea5n c\u00f4ng, \u0111\u00f2i h\u1ecfi c\u00e1c chuy\u00ean gia b\u1ea3o m\u1eadt ph\u1ea3i duy tr\u00ec tinh th\u1ea7n c\u1ea3nh gi\u00e1c v\u00e0 s\u1eb5n s\u00e0ng \u0111\u1ed1i ph\u00f3 v\u1edbi nh\u1eefng m\u1ed1i nguy hi\u1ec3m m\u1edbi xu\u1ea5t hi\u1ec7n.<\/p>\n\n\n\n

\u0110\u1ec3 \u0111\u1ed1i ph\u00f3 hi\u1ec7u qu\u1ea3 v\u1edbi m\u1ed1i \u0111e d\u1ecda ransomware, c\u00e1c t\u1ed5 ch\u1ee9c n\u00ean t\u0103ng c\u01b0\u1eddng c\u1ea3nh gi\u00e1c v\u00e0 tri\u1ec3n khai c\u00e1c bi\u1ec7n ph\u00e1p b\u1ea3o m\u1eadt c\u01a1 b\u1ea3n nh\u01b0: \u0111\u1ea3m b\u1ea3o h\u1ec7 th\u1ed1ng v\u00e0 ph\u1ea7n m\u1ec1m \u0111\u01b0\u1ee3c c\u1eadp nh\u1eadt \u0111\u1ea7y \u0111\u1ee7 v\u00e0 th\u01b0\u1eddng xuy\u00ean, gi\u00e1o d\u1ee5c nh\u00e2n vi\u00ean v\u1ec1 nguy c\u01a1 t\u1eeb email spear-phishing v\u00e0 c\u00e1c h\u00ecnh th\u1ee9c t\u1ea5n c\u00f4ng m\u1ea1ng kh\u00e1c, tri\u1ec3n khai h\u1ec7 th\u1ed1ng ki\u1ec3m so\u00e1t truy c\u1eadp v\u00e0 \u01b0u ti\u00ean qu\u1ea3n l\u00fd d\u1eef li\u1ec7u quan tr\u1ecdng.<\/p>\n\n\n\n

B\u00ean c\u1ea1nh \u0111\u00f3, vi\u1ec7c sao l\u01b0u d\u1eef li\u1ec7u \u0111\u1ecbnh k\u1ef3 v\u00e0 l\u01b0u tr\u1eef ch\u00fang ngo\u00e0i h\u1ec7 th\u1ed1ng m\u1ea1ng n\u1ed9i b\u1ed9 c\u0169ng r\u1ea5t quan tr\u1ecdng, \u0111\u1ec3 c\u00f3 kh\u1ea3 n\u0103ng kh\u00f4i ph\u1ee5c h\u1ec7 th\u1ed1ng nhanh ch\u00f3ng khi g\u1eb7p s\u1ef1 c\u1ed1 ransomware. H\u01a1n n\u1eefa, c\u00e1c chuy\u00ean gia an ninh m\u1ea1ng c\u1ea7n li\u00ean t\u1ee5c nghi\u00ean c\u1ee9u, theo d\u00f5i v\u00e0 \u0111\u00e1nh gi\u00e1 c\u00e1c bi\u1ebfn th\u1ec3 ransomware m\u1edbi nh\u1ea5t \u0111\u1ec3 ph\u00e1t hi\u1ec7n v\u00e0 \u0111\u1ed1i ph\u00f3 k\u1ecbp th\u1eddi v\u1edbi m\u1ecdi lo\u1ea1i t\u1ea5n c\u00f4ng c\u00f3 th\u1ec3 x\u1ea3y ra.<\/p>\n\n\n\n

B\u1eb1ng vi\u1ec7c c\u1ea9n tr\u1ecdng v\u00e0 n\u00e2ng cao \u00fd th\u1ee9c v\u1ec1 m\u1ed1i \u0111e d\u1ecda ransomware, ch\u00fang ta c\u00f3 th\u1ec3 t\u1ea1o ra m\u00f4i tr\u01b0\u1eddng an to\u00e0n h\u01a1n v\u00e0 gi\u1ea3m thi\u1ec3u kh\u1ea3 n\u0103ng b\u1ecb t\u1ea5n c\u00f4ng v\u00e0 t\u1ed5n th\u1ea5t v\u1ec1 d\u1eef li\u1ec7u, \u0111\u1ed3ng th\u1eddi gi\u1eef cho h\u1ec7 th\u1ed1ng v\u00e0 doanh nghi\u1ec7p ho\u1ea1t \u0111\u1ed9ng m\u1ed9t c\u00e1ch b\u00ecnh th\u01b0\u1eddng.<\/p>\n\n\n\n

3.REvil (Sodinokibi)<\/strong><\/p>\n\n\n

\n
\"\"<\/figure>\n<\/div>\n\n\n

Nh\u00f3m REvil (c\u00f2n \u0111\u01b0\u1ee3c bi\u1ebft \u0111\u1ebfn v\u1edbi t\u00ean Sodinokibi) l\u00e0 m\u1ed9t bi\u1ebfn th\u1ec3 ransomware \u0111\u00e1ng ch\u00fa \u00fd v\u00e0 nh\u1eafm v\u00e0o c\u00e1c t\u1ed5 ch\u1ee9c l\u1edbn.<\/p>\n\n\n\n

REvil l\u00e0 m\u1ed9t trong nh\u1eefng gia \u0111\u00ecnh ransomware n\u1ed5i ti\u1ebfng nh\u1ea5t tr\u00ean m\u1ea1ng. Nh\u00f3m ransomware n\u00e0y, \u0111\u01b0\u1ee3c \u0111i\u1ec1u h\u00e0nh b\u1edfi nh\u00f3m REvil n\u00f3i ti\u1ebfng Nga k\u1ec3 t\u1eeb n\u0103m 2019, \u0111\u00e3 g\u00e2y ra nhi\u1ec1u v\u1ee5 vi ph\u1ea1m l\u1edbn, \u0111\u00e1ng ch\u00fa \u00fd l\u00e0 c\u00e1c v\u1ee5 t\u1ea5n c\u00f4ng ‘Kaseya’ v\u00e0 ‘JBS’.<\/p>\n\n\n\n

REvil \u0111\u00e3 c\u1ea1nh tranh v\u1edbi Ryuk trong su\u1ed1t v\u00e0i n\u0103m qua \u0111\u1ec3 tranh gi\u00e0nh danh hi\u1ec7u bi\u1ebfn th\u1ec3 ransomware \u0111\u1eaft gi\u00e1 nh\u1ea5t. \u0110\u1ed9i ng\u0169 t\u1ea5n c\u00f4ng REvil \u0111\u01b0\u1ee3c bi\u1ebft \u0111\u00f2i ti\u1ec1n chu\u1ed9c l\u00ean \u0111\u1ebfn 800.000 \u0111\u00f4 la cho m\u1ed7i v\u1ee5 t\u1ea5n c\u00f4ng th\u00e0nh c\u00f4ng.<\/p>\n\n\n\n

M\u1eb7c d\u00f9 REvil ban \u0111\u1ea7u xu\u1ea5t hi\u1ec7n nh\u01b0 m\u1ed9t bi\u1ebfn th\u1ec3 ransomware truy\u1ec1n th\u1ed1ng, nh\u01b0ng nh\u00f3m n\u00e0y \u0111\u00e3 ti\u1ebfn h\u00f3a qua th\u1eddi gian. H\u1ecd \u0111\u00e3 s\u1eed d\u1ee5ng k\u1ef9 thu\u1eadt Double Extortion \u0111\u1ec3 \u0111\u00e1nh c\u1eafp d\u1eef li\u1ec7u t\u1eeb c\u00e1c doanh nghi\u1ec7p trong qu\u00e1 tr\u00ecnh m\u00e3 h\u00f3a c\u00e1c t\u1eadp tin. \u0110i\u1ec1u n\u00e0y c\u00f3 ngh\u0129a l\u00e0 ngo\u00e0i vi\u1ec7c \u0111\u00f2i ti\u1ec1n chu\u1ed9c \u0111\u1ec3 gi\u1ea3i m\u00e3 d\u1eef li\u1ec7u, c\u00e1c t\u1ea5n c\u00f4ng vi\u00ean c\u00f2n c\u00f3 th\u1ec3 \u0111e d\u1ecda ti\u1ebft l\u1ed9 d\u1eef li\u1ec7u \u0111\u00e3 b\u1ecb \u0111\u00e1nh c\u1eafp n\u1ebfu kh\u00f4ng thanh to\u00e1n th\u00eam m\u1ed9t l\u1ea7n n\u1eefa. K\u1ef9 thu\u1eadt n\u00e0y \u0111\u00e3 t\u1ea1o th\u00eam \u0111\u1ed9ng l\u1ef1c cho c\u00e1c n\u1ea1n nh\u00e2n c\u1ee7a REvil \u0111\u1ec3 \u0111\u00e1p \u1ee9ng y\u00eau c\u1ea7u ti\u1ec1n chu\u1ed9c c\u1ee7a nh\u00f3m t\u1ea5n c\u00f4ng.<\/p>\n\n\n\n

M\u1ed9t trong nh\u1eefng \u0111\u1eb7c \u0111i\u1ec3m n\u1ed5i b\u1eadt c\u1ee7a REvil l\u00e0 c\u00e1ch h\u1ecd ti\u1ebfn h\u00e0nh c\u00e1c cu\u1ed9c t\u1ea5n c\u00f4ng m\u1ee5c ti\u00eau. Thay v\u00ec t\u1ea5n c\u00f4ng m\u1ed9t lo\u1ea1t ng\u01b0\u1eddi d\u00f9ng ng\u1eabu nhi\u00ean, nh\u00f3m REvil h\u01b0\u1edbng \u0111\u1ebfn c\u00e1c t\u1ed5 ch\u1ee9c l\u1edbn c\u00f3 ngu\u1ed3n t\u00e0i nguy\u00ean v\u00e0 d\u1eef li\u1ec7u quan tr\u1ecdng. \u0110i\u1ec1u n\u00e0y cho ph\u00e9p h\u1ecd t\u1ed1i \u01b0u h\u00f3a vi\u1ec7c \u0111\u00f2i ti\u1ec1n chu\u1ed9c v\u00e0 t\u0103ng kh\u1ea3 n\u0103ng thu \u0111\u01b0\u1ee3c s\u1ed1 ti\u1ec1n l\u1edbn t\u1eeb c\u00e1c m\u1ee5c ti\u00eau.<\/p>\n\n\n\n

M\u1eb7c d\u00f9 REvil \u0111\u00e3 g\u00e2y ra nhi\u1ec1u thi\u1ec7t h\u1ea1i v\u00e0 lo ng\u1ea1i trong c\u1ed9ng \u0111\u1ed3ng an ninh m\u1ea1ng, \u0111\u00e1ng ch\u00fa \u00fd l\u00e0 nh\u00f3m n\u00e0y c\u0169ng \u0111\u00e3 g\u00e2y ra m\u1ed9t s\u1ed1 tranh c\u00e3i v\u1edbi c\u00e1c ho\u1ea1t \u0111\u1ed9ng c\u1ee7a m\u00ecnh. Th\u00f4ng tin v\u1ec1 vi\u1ec7c tr\u1ea3 ti\u1ec1n chu\u1ed9c th\u01b0\u1eddng g\u1eafn li\u1ec1n v\u1edbi vi\u1ec7c t\u00e0i tr\u1ee3 c\u00e1c ho\u1ea1t \u0111\u1ed9ng ph\u1ea1m t\u1ed9i v\u00e0 vi ph\u1ea1m lu\u1eadt ph\u00e1p qu\u1ed1c t\u1ebf. Tuy nhi\u00ean, m\u1ed9t s\u1ed1 doanh nghi\u1ec7p \u0111\u00e3 t\u00ecm c\u00e1ch th\u01b0\u01a1ng l\u01b0\u1ee3ng v\u1edbi nh\u00f3m t\u1ea5n c\u00f4ng \u0111\u1ec3 kh\u00f4i ph\u1ee5c d\u1eef li\u1ec7u quan tr\u1ecdng v\u00e0 ng\u0103n ch\u1eb7n vi\u1ec7c ti\u1ebft l\u1ed9 th\u00f4ng tin nh\u1ea1y c\u1ea3m.<\/p>\n\n\n\n

V\u1edbi s\u1ef1 ti\u1ebfn h\u00f3a v\u00e0 tinh vi c\u1ee7a REvil c\u0169ng nh\u01b0 c\u00e1c bi\u1ebfn th\u1ec3 ransomware kh\u00e1c, vi\u1ec7c duy tr\u00ec m\u1ed9t m\u00f4i tr\u01b0\u1eddng an to\u00e0n v\u00e0 b\u1ea3o m\u1eadt trong m\u1ea1ng v\u00e0 h\u1ec7 th\u1ed1ng c\u1ee7a t\u1ed5 ch\u1ee9c ng\u00e0y c\u00e0ng tr\u1edf n\u00ean c\u1ea5p b\u00e1ch. C\u00e1c chuy\u00ean gia b\u1ea3o m\u1eadt c\u1ea7n th\u01b0\u1eddng xuy\u00ean nghi\u00ean c\u1ee9u v\u00e0 theo d\u00f5i c\u00e1c h\u00ecnh th\u1ee9c t\u1ea5n c\u00f4ng m\u1edbi v\u00e0 ph\u00e1t tri\u1ec3n c\u00e1c bi\u1ec7n ph\u00e1p b\u1ea3o m\u1eadt ti\u00ean ti\u1ebfn \u0111\u1ec3 \u0111\u1ed1i ph\u00f3 v\u1edbi m\u1ed1i \u0111e d\u1ecda ng\u00e0y c\u00e0ng ph\u1ee9c t\u1ea1p c\u1ee7a ransomware v\u00e0 c\u00e1c nh\u00f3m t\u1ea5n c\u00f4ng x\u00e2m nh\u1eadp m\u1ea1ng.<\/p>\n\n\n\n

4. Lockbit<\/strong><\/p>\n\n\n

\n
\"\"<\/figure>\n<\/div>\n\n\n

LockBit l\u00e0 m\u1ed9t d\u1ea1ng ph\u1ea7n m\u1ec1m \u0111\u1ed9c h\u1ea1i m\u00e3 h\u00f3a d\u1eef li\u1ec7u ho\u1ea1t \u0111\u1ed9ng t\u1eeb th\u00e1ng 9 n\u0103m 2019 v\u00e0 g\u1ea7n \u0111\u00e2y \u0111\u00e3 tr\u1edf th\u00e0nh m\u1ed9t d\u1ecbch v\u1ee5 Ransomware-as-a-Service (RaaS). Ransomware n\u00e0y \u0111\u01b0\u1ee3c ph\u00e1t tri\u1ec3n v\u1edbi m\u1ee5c ti\u00eau m\u00e3 h\u00f3a d\u1eef li\u1ec7u c\u1ee7a c\u00e1c t\u1ed5 ch\u1ee9c l\u1edbn m\u1ed9t c\u00e1ch nhanh ch\u00f3ng, nh\u1eb1m tr\u00e1nh vi\u1ec7c b\u1ecb ph\u00e1t hi\u1ec7n m\u1ed9t c\u00e1ch nhanh ch\u00f3ng b\u1edfi c\u00e1c thi\u1ebft b\u1ecb b\u1ea3o m\u1eadt v\u00e0 \u0111\u1ed9i ng\u0169 IT\/SOC. \u0110i\u1ec1u n\u00e0y gi\u00fap cho c\u00e1c t\u1ea5n c\u00f4ng LockBit c\u00f3 th\u1ec3 th\u1ef1c hi\u1ec7n m\u1ed9t c\u00e1ch tinh vi v\u00e0 g\u00e2y ra nh\u1eefng t\u1ed5n th\u1ea5t n\u1eb7ng n\u1ec1 cho c\u00e1c t\u1ed5 ch\u1ee9c m\u1ee5c ti\u00eau.<\/p>\n\n\n\n

LockBit l\u00e0 m\u1ed9t d\u1ea1ng ransomware m\u00e0 nh\u00f3m t\u1ed9i ph\u1ea1m \u0111i\u1ec7n t\u1eed \u0111\u00e3 ph\u00e1t tri\u1ec3n t\u1eeb th\u00e1ng 9 n\u0103m 2019, v\u00e0 g\u1ea7n \u0111\u00e2y n\u00f3 \u0111\u00e3 tr\u1edf th\u00e0nh m\u1ed9t d\u1ecbch v\u1ee5 Ransomware-as-a-Service (RaaS). \u0110i\u1ec1u \u0111\u00e1ng ch\u00fa \u00fd v\u1ec1 LockBit l\u00e0 c\u00e1ch n\u00f3 \u0111\u01b0\u1ee3c t\u1ed1i \u01b0u h\u00f3a \u0111\u1ec3 t\u1ea5n c\u00f4ng c\u00e1c t\u1ed5 ch\u1ee9c l\u1edbn m\u1ed9t c\u00e1ch nhanh ch\u00f3ng v\u00e0 hi\u1ec7u qu\u1ea3.<\/p>\n\n\n\n

Nh\u00f3m ph\u00e1t tri\u1ec3n LockBit ch\u1ee7 y\u1ebfu nh\u1eafm v\u00e0o c\u00e1c t\u1ed5 ch\u1ee9c l\u1edbn v\u1edbi s\u1ed1 l\u01b0\u1ee3ng d\u1eef li\u1ec7u l\u1edbn v\u00e0 h\u1ec7 th\u1ed1ng m\u1ea1ng ph\u1ee9c t\u1ea1p. B\u1eb1ng c\u00e1ch t\u1eadp trung v\u00e0o c\u00e1c m\u1ee5c ti\u00eau n\u00e0y, LockBit c\u00f3 th\u1ec3 g\u00e2y ra thi\u1ec7t h\u1ea1i l\u1edbn v\u00e0 thu \u0111\u01b0\u1ee3c s\u1ed1 ti\u1ec1n chu\u1ed9c cao h\u01a1n t\u1eeb c\u00e1c t\u1ed5 ch\u1ee9c m\u1ee5c ti\u00eau. H\u01a1n n\u1eefa, n\u00f3 c\u0169ng c\u1ea3i ti\u1ebfn \u0111\u1ec3 tr\u00e1nh ph\u00e1t hi\u1ec7n t\u1eeb c\u00e1c thi\u1ebft b\u1ecb b\u1ea3o m\u1eadt v\u00e0 \u0111\u1ed9i ng\u0169 qu\u1ea3n l\u00fd h\u1ec7 th\u1ed1ng (IT\/SOC). Th\u00e0nh c\u00f4ng c\u1ee7a LockBit ch\u1ee7 y\u1ebfu \u0111\u1ebfn t\u1eeb kh\u1ea3 n\u0103ng th\u00e2m nh\u1eadp v\u00e0o h\u1ec7 th\u1ed1ng m\u1ea1ng m\u1ee5c ti\u00eau m\u1ed9t c\u00e1ch nhanh ch\u00f3ng v\u00e0 m\u00e3 h\u00f3a c\u00e1c t\u1eadp tin quan tr\u1ecdng, \u0111\u00f2i ti\u1ec1n chu\u1ed9c \u0111\u1ec3 gi\u1ea3i m\u00e3.<\/p>\n\n\n\n

D\u01b0\u1edbi d\u1ea1ng d\u1ecbch v\u1ee5 RaaS, LockBit cung c\u1ea5p m\u1ed9t n\u1ec1n t\u1ea3ng cho c\u00e1c nh\u00f3m t\u1ed9i ph\u1ea1m kh\u00e1c \u0111\u1ec3 s\u1eed d\u1ee5ng v\u00e0 th\u1ef1c hi\u1ec7n c\u00e1c cu\u1ed9c t\u1ea5n c\u00f4ng ransomware m\u1ee5c ti\u00eau. \u0110i\u1ec1u n\u00e0y l\u00e0m t\u0103ng s\u1ef1 ph\u1ed5 bi\u1ebfn v\u00e0 lan r\u1ed9ng c\u1ee7a LockBit, khi\u1ebfn n\u00f3 tr\u1edf th\u00e0nh m\u1ed9t m\u1ed1i \u0111e d\u1ecda \u0111\u00e1ng k\u1ec3 trong th\u1ebf gi\u1edbi an ninh m\u1ea1ng hi\u1ec7n \u0111\u1ea1i. \u0110\u1ed1i m\u1eb7t v\u1edbi LockBit v\u00e0 c\u00e1c bi\u1ebfn th\u1ec3 ransomware kh\u00e1c, c\u00e1c t\u1ed5 ch\u1ee9c ph\u1ea3i t\u0103ng c\u01b0\u1eddng bi\u1ec7n ph\u00e1p b\u1ea3o m\u1eadt v\u00e0 chu\u1ea9n b\u1ecb cho kh\u1ea3 n\u0103ng \u1ee9ng ph\u00f3 nhanh ch\u00f3ng khi m\u1ed9t cu\u1ed9c t\u1ea5n c\u00f4ng x\u1ea3y ra \u0111\u1ec3 b\u1ea3o v\u1ec7 d\u1eef li\u1ec7u v\u00e0 h\u1ec7 th\u1ed1ng c\u1ee7a h\u1ecd kh\u1ecfi t\u1ed5n th\u1ea5t l\u1edbn.<\/p>\n\n\n\n

5. DearCry<\/strong><\/p>\n\n\n

\n
\"\"<\/figure>\n<\/div>\n\n\n

V\u00e0o th\u00e1ng 3 n\u0103m 2021, Microsoft \u0111\u00e3 ph\u00e1t h\u00e0nh c\u00e1c b\u1ea3n v\u00e1 b\u1ea3o m\u1eadt \u0111\u1ec3 v\u00e1 l\u1ed7 h\u1ed5ng cho b\u1ed1n m\u00e1y ch\u1ee7 trong h\u1ec7 th\u1ed1ng Microsoft Exchange. Tuy nhi\u00ean, sau \u0111\u00f3 \u0111\u00e3 xu\u1ea5t hi\u1ec7n m\u1ed9t bi\u1ebfn th\u1ec3 ransomware m\u1edbi mang t\u00ean DearCry, \u0111\u01b0\u1ee3c thi\u1ebft k\u1ebf \u0111\u1eb7c bi\u1ec7t \u0111\u1ec3 l\u1ee3i d\u1ee5ng ch\u00ednh nh\u1eefng l\u1ed7 h\u1ed5ng n\u00e0y trong Microsoft Exchange.<\/p>\n\n\n\n

Ransomware DearCry l\u00e0 m\u1ed9t lo\u1ea1i ph\u1ea7n m\u1ec1m \u0111\u1ed9c h\u1ea1i c\u00f3 kh\u1ea3 n\u0103ng m\u00e3 h\u00f3a m\u1ed9t s\u1ed1 lo\u1ea1i t\u1eadp tin tr\u00ean h\u1ec7 th\u1ed1ng b\u1ecb nhi\u1ec5m. Sau khi qu\u00e1 tr\u00ecnh m\u00e3 h\u00f3a ho\u00e0n t\u1ea5t, DearCry s\u1ebd hi\u1ec3n th\u1ecb m\u1ed9t th\u00f4ng \u0111i\u1ec7p y\u00eau c\u1ea7u \u0111\u00f2i ti\u1ec1n chu\u1ed9c v\u00e0 h\u01b0\u1edbng d\u1eabn ng\u01b0\u1eddi d\u00f9ng li\u00ean h\u1ec7 qua email v\u1edbi nh\u00f3m t\u1ea5n c\u00f4ng ransomware \u0111\u1ec3 bi\u1ebft c\u00e1ch gi\u1ea3i m\u00e3 t\u1eadp tin c\u1ee7a h\u1ecd. Vi\u1ec7c th\u1ef1c hi\u1ec7n c\u00e1c b\u1ea3n v\u00e1 b\u1ea3o m\u1eadt t\u1eeb Microsoft l\u00e0 r\u1ea5t quan tr\u1ecdng \u0111\u1ec3 ng\u0103n ch\u1eb7n c\u00e1c cu\u1ed9c t\u1ea5n c\u00f4ng c\u1ee7a DearCry v\u00e0 b\u1ea3o v\u1ec7 h\u1ec7 th\u1ed1ng Exchange kh\u1ecfi m\u1ed1i nguy hi\u1ec3m n\u00e0y.<\/p>\n\n\n\n

C\u00e1c ph\u1ea7n m\u1ec1m \u0111\u1ed9c h\u1ea1i nh\u01b0 DearCry th\u01b0\u1eddng \u0111\u01b0\u1ee3c ph\u00e2n ph\u1ed1i qua c\u00e1c ph\u01b0\u01a1ng ti\u1ec7n x\u00e2m nh\u1eadp ph\u1ed5 bi\u1ebfn nh\u01b0 email spear-phishing ho\u1eb7c c\u00e1c t\u1ec7p \u0111\u00ednh k\u00e8m \u0111\u1ed9c h\u1ea1i. M\u1ed9t khi m\u00e1y t\u00ednh b\u1ecb nhi\u1ec5m DearCry, n\u00f3 s\u1ebd m\u00e3 h\u00f3a c\u00e1c lo\u1ea1i t\u1eadp tin quan tr\u1ecdng nh\u01b0 h\u00ecnh \u1ea3nh, t\u00e0i li\u1ec7u v\u0103n b\u1ea3n, video v\u00e0 d\u1eef li\u1ec7u kh\u00e1c tr\u00ean h\u1ec7 th\u1ed1ng b\u1ecb nhi\u1ec5m, l\u00e0m cho ch\u00fang kh\u00f4ng th\u1ec3 truy c\u1eadp \u0111\u01b0\u1ee3c.<\/p>\n\n\n\n

Sau khi m\u00e3 h\u00f3a xong, DearCry s\u1ebd hi\u1ec3n th\u1ecb m\u1ed9t th\u00f4ng \u0111i\u1ec7p y\u00eau c\u1ea7u ng\u01b0\u1eddi d\u00f9ng thanh to\u00e1n m\u1ed9t kho\u1ea3n ti\u1ec1n chu\u1ed9c th\u00f4ng qua c\u00e1c ph\u01b0\u01a1ng ti\u1ec7n thanh to\u00e1n \u1ea9n danh nh\u01b0 Bitcoin. N\u1ebfu kh\u00f4ng tr\u1ea3 ti\u1ec1n chu\u1ed9c theo y\u00eau c\u1ea7u, ng\u01b0\u1eddi t\u1ea5n c\u00f4ng c\u00f3 th\u1ec3 \u0111e d\u1ecda ti\u1ebft l\u1ed9 ho\u1eb7c b\u00e1n d\u1eef li\u1ec7u \u0111\u00e3 b\u1ecb m\u00e3 h\u00f3a.<\/p>\n\n\n\n

6. Lapsus$<\/strong><\/p>\n\n\n

\n
\"\"<\/figure>\n<\/div>\n\n\n

Lapsus$ l\u00e0 m\u1ed9t nh\u00f3m t\u1ed9i ph\u1ea1m ransomware c\u00f3 ngu\u1ed3n g\u1ed1c t\u1eeb Nam M\u1ef9 v\u00e0 \u0111\u00e3 \u0111\u01b0\u1ee3c li\u00ean k\u1ebft v\u1edbi c\u00e1c cu\u1ed9c t\u1ea5n c\u00f4ng v\u00e0o m\u1ed9t s\u1ed1 m\u1ee5c ti\u00eau n\u1ed5i ti\u1ebfng. Nh\u00f3m t\u1ed9i ph\u1ea1m n\u00e0y n\u1ed5i ti\u1ebfng v\u1edbi vi\u1ec7c th\u1ef1c hi\u1ec7n t\u1ed1ng ti\u1ec1n, \u0111e d\u1ecda ti\u1ebft l\u1ed9 th\u00f4ng tin nh\u1ea1y c\u1ea3m n\u1ebfu n\u1ea1n nh\u00e2n kh\u00f4ng \u0111\u00e1p \u1ee9ng c\u00e1c y\u00eau c\u1ea7u c\u1ee7a h\u1ecd. H\u1ecd \u0111\u00e3 t\u1ef1 h\u00e0o v\u00ec \u0111\u00e3 x\u00e2m nh\u1eadp th\u00e0nh c\u00f4ng v\u00e0o c\u00e1c c\u00f4ng ty n\u1ed5i ti\u1ebfng nh\u01b0 Nvidia, Samsung, Ubisoft v\u00e0 c\u00e1c t\u1ed5 ch\u1ee9c kh\u00e1c.<\/p>\n\n\n\n

M\u1ed9t trong nh\u1eefng chi\u1ebfn thu\u1eadt n\u1ed5i b\u1eadt c\u1ee7a nh\u00f3m l\u00e0 s\u1eed d\u1ee5ng m\u00e3 ngu\u1ed3n \u0111\u00e3 \u0111\u00e1nh c\u1eafp \u0111\u1ec3 gi\u1ea5u gi\u1ebfm c\u00e1c t\u1ec7p malware trong c\u00e1c t\u1eadp tin \u0111\u00e1ng tin c\u1eady. \u0110i\u1ec1u n\u00e0y l\u00e0m cho vi\u1ec7c ph\u00e1t hi\u1ec7n v\u00e0 x\u00f3a b\u1ecf malware tr\u1edf n\u00ean kh\u00f3 kh\u0103n h\u01a1n v\u00e0 gi\u00fap h\u1ecd ti\u1ebfp t\u1ee5c th\u1ef1c hi\u1ec7n c\u00e1c cu\u1ed9c t\u1ea5n c\u00f4ng hi\u1ec7u qu\u1ea3.<\/p>\n\n\n\n

Lapsus$ l\u00e0 m\u1ed9t trong nh\u1eefng nh\u00f3m t\u1ed9i ph\u1ea1m ransomware nguy hi\u1ec3m v\u00e0 tinh vi, v\u00e0 \u0111\u1ec3 b\u1ea3o v\u1ec7 h\u1ec7 th\u1ed1ng kh\u1ecfi c\u00e1c cu\u1ed9c t\u1ea5n c\u00f4ng c\u1ee7a h\u1ecd, c\u00e1c t\u1ed5 ch\u1ee9c c\u1ea7n tri\u1ec3n khai c\u00e1c bi\u1ec7n ph\u00e1p b\u1ea3o m\u1eadt m\u1ea1nh m\u1ebd v\u00e0 c\u1eadp nh\u1eadt th\u01b0\u1eddng xuy\u00ean \u0111\u1ec3 \u0111\u1ed1i ph\u00f3 v\u1edbi nh\u1eefng m\u1ed1i \u0111e d\u1ecda ng\u00e0y c\u00e0ng ph\u1ee9c t\u1ea1p t\u1eeb nh\u00f3m t\u1ea5n c\u00f4ng n\u00e0y v\u00e0 c\u00e1c lo\u1ea1i m\u00e3 \u0111\u1ed9c t\u01b0\u01a1ng t\u1ef1.<\/p>\n\n\n\n

Lapsus$ \u0111\u00e3 th\u1ef1c hi\u1ec7n c\u00e1c cu\u1ed9c t\u1ea5n c\u00f4ng th\u00e0nh c\u00f4ng v\u00e0o c\u00e1c c\u00f4ng ty h\u00e0ng \u0111\u1ea7u th\u1ebf gi\u1edbi nh\u01b0 Nvidia, Samsung, Ubisoft v\u00e0 nhi\u1ec1u t\u1ed5 ch\u1ee9c kh\u00e1c. \u0110i\u1ec3m \u0111\u00e1ng ch\u00fa \u00fd c\u1ee7a nh\u00f3m l\u00e0 vi\u1ec7c s\u1eed d\u1ee5ng m\u00e3 ngu\u1ed3n \u0111\u00e3 \u0111\u00e1nh c\u1eafp \u0111\u1ec3 gi\u1ea5u gi\u1ebfm t\u1ec7p malware trong c\u00e1c t\u1eadp tin \u0111\u00e1ng tin c\u1eady. Nh\u1edd v\u1eady, h\u1ecd c\u00f3 kh\u1ea3 n\u0103ng t\u1ed3n t\u1ea1i v\u00e0 ho\u1ea1t \u0111\u1ed9ng trong m\u00f4i tr\u01b0\u1eddng m\u00e1y ch\u1ee7 v\u00e0 h\u1ec7 th\u1ed1ng c\u1ee7a n\u1ea1n nh\u00e2n m\u1ed9t c\u00e1ch b\u00ed m\u1eadt, g\u00e2y kh\u00f3 kh\u0103n trong vi\u1ec7c ph\u00e1t hi\u1ec7n v\u00e0 lo\u1ea1i b\u1ecf m\u00e3 \u0111\u1ed9c.<\/p>\n\n\n\n

Nh\u00f3m Lapsus$ c\u00f2n s\u1eed d\u1ee5ng chi\u1ebfn thu\u1eadt “Double Extortion” hay c\u00f2n g\u1ecdi l\u00e0 “ph\u01b0\u01a1ng th\u1ee9c k\u00e9p” \u0111\u1ec3 gia t\u0103ng \u00e1p l\u1ef1c t\u1edbi n\u1ea1n nh\u00e2n. Ngo\u00e0i vi\u1ec7c m\u00e3 h\u00f3a d\u1eef li\u1ec7u, h\u1ecd c\u00f2n \u0111e d\u1ecda ti\u1ebft l\u1ed9 d\u1eef li\u1ec7u \u0111\u00e3 \u0111\u00e1nh c\u1eafp n\u1ebfu kh\u00f4ng thanh to\u00e1n ti\u1ec1n chu\u1ed9c. \u0110i\u1ec1u n\u00e0y l\u00e0m cho vi\u1ec7c t\u1eeb ch\u1ed1i tr\u1ea3 ti\u1ec1n chu\u1ed9c tr\u1edf n\u00ean kh\u00f3 kh\u0103n h\u01a1n, v\u00ec n\u1ea1n nh\u00e2n c\u00f3 th\u1ec3 \u0111\u1ed1i di\u1ec7n v\u1edbi nguy c\u01a1 m\u1ea5t d\u1eef li\u1ec7u v\u00e0 h\u1eadu qu\u1ea3 ti\u00eau c\u1ef1c cho s\u1ef1 tin t\u01b0\u1edfng v\u00e0 danh ti\u1ebfng c\u1ee7a h\u1ecd.<\/p>\n\n\n\n

IV. C\u00e1ch th\u1ee9c ho\u1ea1t \u0111\u1ed9ng c\u1ee7a Ransomeware<\/strong><\/p>\n\n\n\n

\u0110\u1ec3 ransomware th\u00e0nh c\u00f4ng, n\u00f3 c\u1ea7n th\u1ef1c hi\u1ec7n ba giai \u0111o\u1ea1n c\u1ed1t l\u00f5i sau \u0111\u00e2y:<\/p>\n\n\n\n

B\u01b0\u1edbc 1: L\u00e2y nhi\u1ec5m v\u00e0 ph\u00e1t t\u00e1n<\/strong><\/p>\n\n\n

\n
\"\"<\/figure>\n<\/div>\n\n\n

Ransomware c\u00f3 th\u1ec3 x\u00e2m nh\u1eadp v\u00e0o h\u1ec7 th\u1ed1ng m\u1ee5c ti\u00eau qua nhi\u1ec1u c\u00e1ch kh\u00e1c nhau, gi\u1ed1ng nh\u01b0 c\u00e1c lo\u1ea1i ph\u1ea7n m\u1ec1m \u0111\u1ed9c h\u1ea1i kh\u00e1c. Nh\u01b0ng th\u00f4ng th\u01b0\u1eddng, nh\u00f3m \u0111i\u1ec1u h\u00e0nh ransomware \u01b0a th\u00edch m\u1ed9t s\u1ed1 vector nhi\u1ec5m c\u1ee5 th\u1ec3.<\/p>\n\n\n\n

Phishing email l\u00e0 m\u1ed9t trong nh\u1eefng ph\u01b0\u01a1ng th\u1ee9c ph\u1ed5 bi\u1ebfn. M\u1ed9t email \u0111\u1ed9c h\u1ea1i c\u00f3 th\u1ec3 ch\u1ee9a li\u00ean k\u1ebft d\u1eabn \u0111\u1ebfn trang web ch\u1ee9a t\u1ea3i xu\u1ed1ng \u0111\u1ed9c h\u1ea1i ho\u1eb7c t\u1ec7p \u0111\u00ednh k\u00e8m v\u1edbi ch\u1ee9c n\u0103ng t\u1ea3i xu\u1ed1ng. N\u1ebfu ng\u01b0\u1eddi nh\u1eadn email b\u1ecb l\u1eeba, ransomware s\u1ebd \u0111\u01b0\u1ee3c t\u1ea3i xu\u1ed1ng v\u00e0 ch\u1ea1y tr\u00ean m\u00e1y t\u00ednh c\u1ee7a h\u1ecd.<\/p>\n\n\n\n

M\u1ed9t ph\u01b0\u01a1ng th\u1ee9c nhi\u1ec5m ransomware kh\u00e1c ph\u1ed5 bi\u1ebfn l\u00e0 l\u1ee3i d\u1ee5ng d\u1ecbch v\u1ee5 nh\u01b0 Remote Desktop Protocol (RDP). K\u1ebb t\u1ea5n c\u00f4ng c\u00f3 th\u1ec3 s\u1eed d\u1ee5ng th\u00f4ng tin \u0111\u0103ng nh\u1eadp \u0111\u00e3 \u0103n c\u1eafp ho\u1eb7c \u0111o\u00e1n \u0111\u01b0\u1ee3c c\u1ee7a nh\u00e2n vi\u00ean \u0111\u1ec3 x\u00e1c th\u1ef1c v\u00e0 t\u1eeb xa truy c\u1eadp v\u00e0o m\u00e1y t\u00ednh trong m\u1ea1ng doanh nghi\u1ec7p. Nh\u1edd quy\u1ec1n truy c\u1eadp n\u00e0y, k\u1ebb t\u1ea5n c\u00f4ng c\u00f3 th\u1ec3 t\u1ea3i xu\u1ed1ng ph\u1ea7n m\u1ec1m \u0111\u1ed9c h\u1ea1i v\u00e0 ch\u1ea1y n\u00f3 tr\u00ean m\u00e1y t\u00ednh \u0111\u01b0\u1ee3c ki\u1ec3m so\u00e1t.<\/p>\n\n\n\n

M\u1ed9t s\u1ed1 t\u1ea5n c\u00f4ng c\u00f3 th\u1ec3 t\u1ea5n c\u00f4ng tr\u1ef1c ti\u1ebfp v\u00e0o h\u1ec7 th\u1ed1ng, gi\u1ed1ng nh\u01b0 WannaCry khai th\u00e1c l\u1ed7 h\u1ed5ng EternalBlue. H\u1ea7u h\u1ebft c\u00e1c bi\u1ebfn th\u1ec3 ransomware c\u00f3 nhi\u1ec1u c\u00e1ch ti\u1ebfp c\u1eadn.<\/p>\n\n\n\n

B\u01b0\u1edbc 2: M\u00e3 h\u00f3a d\u1eef li\u1ec7u <\/strong><\/p>\n\n\n

\n
\"\"<\/figure>\n<\/div>\n\n\n

Sau khi ransomware \u0111\u00e3 truy c\u1eadp v\u00e0o h\u1ec7 th\u1ed1ng, n\u00f3 s\u1ebd ti\u1ebfn h\u00e0nh m\u00e3 h\u00f3a c\u00e1c t\u1ec7p. Vi\u1ec7c n\u00e0y \u0111\u01a1n gi\u1ea3n l\u00e0 s\u1eed d\u1ee5ng ch\u1ee9c n\u0103ng m\u00e3 h\u00f3a c\u00f3 s\u1eb5n trong h\u1ec7 \u0111i\u1ec1u h\u00e0nh, m\u00e3 h\u00f3a t\u1ec7p v\u1edbi kh\u00f3a \u0111\u01b0\u1ee3c ki\u1ec3m so\u00e1t b\u1edfi k\u1ebb t\u1ea5n c\u00f4ng v\u00e0 thay th\u1ebf c\u00e1c t\u1ec7p g\u1ed1c b\u1eb1ng c\u00e1c b\u1ea3n m\u00e3 h\u00f3a. H\u1ea7u h\u1ebft c\u00e1c bi\u1ebfn th\u1ec3 ransomware \u0111\u1ec1u c\u1ea9n th\u1eadn ch\u1ecdn t\u1ec7p \u0111\u1ec3 m\u00e3 h\u00f3a nh\u1eb1m \u0111\u1ea3m b\u1ea3o s\u1ef1 \u1ed5n \u0111\u1ecbnh c\u1ee7a h\u1ec7 th\u1ed1ng. M\u1ed9t s\u1ed1 bi\u1ebfn th\u1ec3 c\u0169ng c\u00f3 th\u1ec3 x\u00f3a b\u1ea3n sao l\u01b0u v\u00e0 b\u1ea3n sao b\u00f3ng c\u1ee7a c\u00e1c t\u1ec7p \u0111\u1ec3 l\u00e0m cho vi\u1ec7c kh\u00f4i ph\u1ee5c m\u00e0 kh\u00f4ng c\u00f3 kh\u00f3a gi\u1ea3i m\u00e3 kh\u00f3 h\u01a1n.<\/p>\n\n\n\n

B\u01b0\u1edbc 3: \u0110\u00f2i ti\u1ec1n chu\u1ed9c khi ho\u00e0n th\u00e0nh vi\u1ec7c m\u00e3 h\u00f3a t\u1ec7p, ransomware s\u1ebd \u0111\u00f2i ti\u1ec1n chu\u1ed9c. <\/strong><\/p>\n\n\n

\n
\"\"<\/figure>\n<\/div>\n\n\n

C\u00e1c bi\u1ebfn th\u1ec3 ransomware kh\u00e1c nhau tri\u1ec3n khai vi\u1ec7c n\u00e0y qua nhi\u1ec1u c\u00e1ch, nh\u01b0ng th\u00f4ng th\u01b0\u1eddng, h\u1ecd s\u1ebd thay \u0111\u1ed5i n\u1ec1n n\u1ec1n ho\u1eb7c \u0111\u1ec3 l\u1ea1i t\u1ec7p v\u0103n b\u1ea3n trong t\u1eebng th\u01b0 m\u1ee5c b\u1ecb m\u00e3 h\u00f3a ch\u1ee9a th\u00f4ng b\u00e1o chu\u1ed9c ti\u1ec1n. Th\u00f4ng th\u01b0\u1eddng, th\u00f4ng b\u00e1o y\u00eau c\u1ea7u s\u1ed1 ti\u1ec1n ti\u1ec1n m\u00e3 h\u00f3a c\u1ee5 th\u1ec3 \u0111\u1ec3 \u0111\u1ed5i l\u1ea5y quy\u1ec1n truy c\u1eadp v\u00e0o c\u00e1c t\u1ec7p c\u1ee7a n\u1ea1n nh\u00e2n. N\u1ebfu n\u1ea1n nh\u00e2n thanh to\u00e1n ti\u1ec1n chu\u1ed9c, k\u1ebb t\u1ea5n c\u00f4ng ransomware s\u1ebd cung c\u1ea5p b\u1ea3n sao c\u1ee7a kh\u00f3a b\u00ed m\u1eadt \u0111\u01b0\u1ee3c s\u1eed d\u1ee5ng \u0111\u1ec3 b\u1ea3o v\u1ec7 kh\u00f3a m\u00e3 h\u00f3a \u0111\u1ed1i x\u1ee9ng ho\u1eb7c b\u1ea3n sao c\u1ee7a ch\u00ednh kh\u00f3a m\u00e3 h\u00f3a \u0111\u1ed1i x\u1ee9ng. Th\u00f4ng tin n\u00e0y c\u00f3 th\u1ec3 \u0111\u01b0\u1ee3c nh\u1eadp v\u00e0o ch\u01b0\u01a1ng tr\u00ecnh gi\u1ea3i m\u00e3 (c\u0169ng \u0111\u01b0\u1ee3c cung c\u1ea5p b\u1edfi t\u1ed9i ph\u1ea1m m\u1ea1ng) \u0111\u1ec3 \u0111\u1ea3o ng\u01b0\u1ee3c qu\u00e1 tr\u00ecnh m\u00e3 h\u00f3a v\u00e0 kh\u00f4i ph\u1ee5c quy\u1ec1n truy c\u1eadp v\u00e0o t\u1ec7p c\u1ee7a ng\u01b0\u1eddi d\u00f9ng.<\/p>\n\n\n\n

M\u1eb7c d\u00f9 ba giai \u0111o\u1ea1n c\u1ed1t l\u00f5i n\u00e0y t\u1ed3n t\u1ea1i trong t\u1ea5t c\u1ea3 c\u00e1c bi\u1ebfn th\u1ec3 ransomware, c\u00e1c ransomware kh\u00e1c nhau c\u00f3 th\u1ec3 bao g\u1ed3m c\u00e1c tri\u1ec3n khai kh\u00e1c nhau ho\u1eb7c c\u00e1c b\u01b0\u1edbc b\u1ed5 sung. V\u00ed d\u1ee5, c\u00e1c bi\u1ebfn th\u1ec3 ransomware nh\u01b0 Maze th\u1ef1c hi\u1ec7n qu\u00e9t t\u1ec7p, th\u00f4ng tin registry v\u00e0 \u0111\u00e1nh c\u1eafp d\u1eef li\u1ec7u tr\u01b0\u1edbc khi m\u00e3 h\u00f3a d\u1eef li\u1ec7u. Trong khi \u0111\u00f3, ransomware WannaCry qu\u00e9t c\u00e1c thi\u1ebft b\u1ecb d\u1ec5 b\u1ecb t\u1ed5n th\u01b0\u01a1ng kh\u00e1c \u0111\u1ec3 nhi\u1ec5m v\u00e0 m\u00e3 h\u00f3a.<\/p>\n\n\n\n

S\u1ef1 ph\u1ed5 bi\u1ebfn v\u00e0 nguy hi\u1ec3m c\u1ee7a ransomware \u0111\u00e3 t\u0103ng l\u00ean m\u1ea1nh m\u1ebd trong nh\u1eefng n\u0103m g\u1ea7n \u0111\u00e2y. \u0110\u1ed1i v\u1edbi c\u00e1c t\u1ed5 ch\u1ee9c v\u00e0 ng\u01b0\u1eddi d\u00f9ng c\u00e1 nh\u00e2n, vi\u1ec7c duy tr\u00ec c\u00e1c bi\u1ec7n ph\u00e1p b\u1ea3o m\u1eadt m\u1ea1nh m\u1ebd, \u0111\u1ea3m b\u1ea3o sao l\u01b0u th\u01b0\u1eddng xuy\u00ean v\u00e0 c\u1eadp nh\u1eadt c\u00e1c b\u1ea3n v\u00e1 b\u1ea3o m\u1eadt l\u00e0 c\u00e1ch hi\u1ec7u qu\u1ea3 \u0111\u1ec3 gi\u1ea3m nguy c\u01a1 b\u1ecb t\u1ea5n c\u00f4ng ransomware v\u00e0 ph\u00f2ng ng\u1eeba h\u1eadu qu\u1ea3 ti\u00eau c\u1ef1c m\u00e0 n\u00f3 g\u00e2y ra.<\/p>\n\n\n\n

<\/p>\n","protected":false},"excerpt":{"rendered":"

T\u1ed5ng quan : Ransomware, m\u1ed9t trong nh\u1eefng m\u1ed1i \u0111e d\u1ecda m\u1ea1ng ph\u1ee9c t\u1ea1p v\u00e0 nguy hi\u1ec3m nh\u1ea5t c\u1ee7a th\u1ebf gi\u1edbi k\u1ef9 thu\u1eadt s\u1ed1, \u0111\u00e3 ng\u00e0y c\u00e0ng tr\u1edf n\u00ean ph\u1ed5 bi\u1ebfn v\u00e0 g\u00e2y ra nh\u1eefng thi\u1ec7t h\u1ea1i nghi\u00eam tr\u1ecdng cho c\u00e1c t\u1ed5 ch\u1ee9c v\u00e0 c\u00e1 nh\u00e2n tr\u00ean kh\u1eafp th\u1ebf gi\u1edbi. V\u1edbi t\u00ednh ch\u1ea5t \u0111\u1ed9c h\u1ea1i v\u00e0 […]<\/p>\n","protected":false},"author":11,"featured_media":7114,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_eb_attr":"","ocean_post_layout":"","ocean_both_sidebars_style":"","ocean_both_sidebars_content_width":0,"ocean_both_sidebars_sidebars_width":0,"ocean_sidebar":"","ocean_second_sidebar":"","ocean_disable_margins":"enable","ocean_add_body_class":"","ocean_shortcode_before_top_bar":"","ocean_shortcode_after_top_bar":"","ocean_shortcode_before_header":"","ocean_shortcode_after_header":"","ocean_has_shortcode":"","ocean_shortcode_after_title":"","ocean_shortcode_before_footer_widgets":"","ocean_shortcode_after_footer_widgets":"","ocean_shortcode_before_footer_bottom":"","ocean_shortcode_after_footer_bottom":"","ocean_display_top_bar":"default","ocean_display_header":"default","ocean_header_style":"","ocean_center_header_left_menu":"","ocean_custom_header_template":"","ocean_custom_logo":0,"ocean_custom_retina_logo":0,"ocean_custom_logo_max_width":0,"ocean_custom_logo_tablet_max_width":0,"ocean_custom_logo_mobile_max_width":0,"ocean_custom_logo_max_height":0,"ocean_custom_logo_tablet_max_height":0,"ocean_custom_logo_mobile_max_height":0,"ocean_header_custom_menu":"","ocean_menu_typo_font_family":"","ocean_menu_typo_font_subset":"","ocean_menu_typo_font_size":0,"ocean_menu_typo_font_size_tablet":0,"ocean_menu_typo_font_size_mobile":0,"ocean_menu_typo_font_size_unit":"px","ocean_menu_typo_font_weight":"","ocean_menu_typo_font_weight_tablet":"","ocean_menu_typo_font_weight_mobile":"","ocean_menu_typo_transform":"","ocean_menu_typo_transform_tablet":"","ocean_menu_typo_transform_mobile":"","ocean_menu_typo_line_height":0,"ocean_menu_typo_line_height_tablet":0,"ocean_menu_typo_line_height_mobile":0,"ocean_menu_typo_line_height_unit":"","ocean_menu_typo_spacing":0,"ocean_menu_typo_spacing_tablet":0,"ocean_menu_typo_spacing_mobile":0,"ocean_menu_typo_spacing_unit":"","ocean_menu_link_color":"","ocean_menu_link_color_hover":"","ocean_menu_link_color_active":"","ocean_menu_link_background":"","ocean_menu_link_hover_background":"","ocean_menu_link_active_background":"","ocean_menu_social_links_bg":"","ocean_menu_social_hover_links_bg":"","ocean_menu_social_links_color":"","ocean_menu_social_hover_links_color":"","ocean_disable_title":"default","ocean_disable_heading":"default","ocean_post_title":"","ocean_post_subheading":"","ocean_post_title_style":"","ocean_post_title_background_color":"","ocean_post_title_background":0,"ocean_post_title_bg_image_position":"","ocean_post_title_bg_image_attachment":"","ocean_post_title_bg_image_repeat":"","ocean_post_title_bg_image_size":"","ocean_post_title_height":0,"ocean_post_title_bg_overlay":0.5,"ocean_post_title_bg_overlay_color":"","ocean_disable_breadcrumbs":"default","ocean_breadcrumbs_color":"","ocean_breadcrumbs_separator_color":"","ocean_breadcrumbs_links_color":"","ocean_breadcrumbs_links_hover_color":"","ocean_display_footer_widgets":"default","ocean_display_footer_bottom":"default","ocean_custom_footer_template":"","ocean_post_oembed":"","ocean_post_self_hosted_media":"","ocean_post_video_embed":"","ocean_link_format":"","ocean_link_format_target":"self","ocean_quote_format":"","ocean_quote_format_link":"post","ocean_gallery_link_images":"on","ocean_gallery_id":[],"footnotes":""},"categories":[18,17],"tags":[170,171,172,173,174,92,175,176,177],"class_list":["post-7099","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-endpoint","category-bao-mat","tag-cach-thuc-hoat-dong-cua-ransomeware","tag-dearcry","tag-lapsus","tag-lockbit","tag-maze","tag-ransomware","tag-ransomware-la-gi","tag-revil-sodinokibi","tag-ryuk","entry","has-media"],"_links":{"self":[{"href":"https:\/\/vacif.com\/en\/wp-json\/wp\/v2\/posts\/7099","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/vacif.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/vacif.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/vacif.com\/en\/wp-json\/wp\/v2\/users\/11"}],"replies":[{"embeddable":true,"href":"https:\/\/vacif.com\/en\/wp-json\/wp\/v2\/comments?post=7099"}],"version-history":[{"count":0,"href":"https:\/\/vacif.com\/en\/wp-json\/wp\/v2\/posts\/7099\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/vacif.com\/en\/wp-json\/wp\/v2\/media\/7114"}],"wp:attachment":[{"href":"https:\/\/vacif.com\/en\/wp-json\/wp\/v2\/media?parent=7099"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/vacif.com\/en\/wp-json\/wp\/v2\/categories?post=7099"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/vacif.com\/en\/wp-json\/wp\/v2\/tags?post=7099"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}