Microsoft how Vietnamese hackers used crypto-mining software

Spread the love

Microsoft logoSource: Daniel Rubino/Windows Central

Microsoft on Monday highlighted a growing trend of state-sponsored hackers disguising themselves as financially motivated hackers rather than being motivated by espionage. The company illustrated this by sharing from the Vietnamese group BISMUTH (via ZDNet). A group known as BISMUTH recently tried a new tactic that centered around crypto mining, which is different than their normal method of attack.

The Microsoft Defender team explained on Monday:

While this actor’s operational goals remained the same—establish continuous monitoring and espionage, exfiltrating useful information as is it surfaced—their deployment of coin miners in their recent campaigns provided another way for the attackers to monetize compromised networks. Considering some of the group’s traditional targets are human and civil rights organizations, BISMUTH attacks demonstrate how attackers give little regard to services they impact.

In other words, Microsoft says that while BISMUTH remains primarily an espionage outfit, it won’t turn down any money it receives from crypto ransom. It also helps if targets — once they locate BISMUTH-planted malware — write it off as “less alarming” and “commodity” intrusions.

Cyber Monday may be over but these Cyber Week deals are still alive

Microsoft’s security team does have a few takeaways from this little story that users in all walks of life could take heed of. The company reminded users to be careful about what they share on social media, as it could lead to vulnerability to spearphishing attacks. Microsoft also encourages users to make use of Office 365’s spam filtering settings so that emails with malware and spam are blocked.

In the incident that a user is hacked, the company notes that users should be using multi-factor authentication combined with strong passwords. Once again, there are a lot of tips in the post that remain relevant even if you’re not an espionage target from the world governments.

The biggest takeaway here remains that a secure network is as strong as its weakest link. As BISMUTH illustrates, protecting against highly sophisticated attacks alone is inefficient.

We may earn a commission for purchases using our links. Learn more.

Leave a Reply