{"id":45764,"date":"2025-04-15T09:10:55","date_gmt":"2025-04-15T02:10:55","guid":{"rendered":"https:\/\/antoanthongtinhaiphong.gov.vn\/?p=45764"},"modified":"2025-04-21T09:12:57","modified_gmt":"2025-04-21T02:12:57","slug":"svg-cong-cu-lua-dao-moi-cua-tin-tac-trong-cac-cuoc-tan-cong-mang","status":"publish","type":"post","link":"https:\/\/antoanthongtinhaiphong.gov.vn\/svg-cong-cu-lua-dao-moi-cua-tin-tac-trong-cac-cuoc-tan-cong-mang\/","title":{"rendered":"SVG – C\u00f4ng c\u1ee5 l\u1eeba \u0111\u1ea3o m\u1edbi c\u1ee7a tin t\u1eb7c trong c\u00e1c cu\u1ed9c t\u1ea5n c\u00f4ng m\u1ea1ng"},"content":{"rendered":"

Trong th\u1eddi \u0111\u1ea1i s\u1ed1, k\u1ebb x\u1ea5u kh\u00f4ng c\u00f2n ch\u1ec9 g\u1eedi virus hay \u0111\u01b0\u1eddng link \u0111\u1ed9c h\u1ea1i, m\u00e0 m\u1ed9t t\u1ea5m h\u00ecnh t\u01b0\u1edfng ch\u1eebng v\u00f4 h\u1ea1i c\u0169ng c\u00f3 th\u1ec3 l\u00e0 c\u00e1i b\u1eaby. Nh\u1eefng t\u1ec7p h\u00ecnh \u1ea3nh nh\u1eb9, t\u01b0\u1edfng ch\u1eebng v\u00f4 h\u1ea1i n\u00e0y \u0111ang tr\u1edf th\u00e0nh c\u00f4ng c\u1ee5 \u01b0a th\u00edch c\u1ee7a t\u1ed9i ph\u1ea1m m\u1ea1ng \u0111\u1ec3 \u0111\u00e1nh c\u1eafp th\u00f4ng tin \u0111\u0103ng nh\u1eadp, ph\u00e1t t\u00e1n ph\u1ea7n m\u1ec1m \u0111\u1ed9c h\u1ea1i v\u00e0 th\u1eadm ch\u00ed v\u01b0\u1ee3t qua c\u1ea3 c\u00e1c h\u1ec7 th\u1ed1ng x\u00e1c th\u1ef1c \u0111a y\u1ebfu t\u1ed1.<\/b>
\n\"1744614104657.png\"<\/p>\n

M\u1ed9t lo\u1ea1i h\u00ecnh t\u1ea5n c\u00f4ng l\u1eeba \u0111\u1ea3o (phishing) m\u1edbi \u0111ang l\u1ee3i d\u1ee5ng ch\u00ednh nh\u1eefng h\u00ecnh \u1ea3nh \u0111\u00f3 \u0111\u1ec3 \u0111\u00e1nh c\u1eafp th\u00f4ng tin. \u0110\u00f3 ch\u00ednh l\u00e0 l\u1eeba \u0111\u1ea3o qua t\u1ec7p h\u00ecnh \u1ea3nh SVG<\/b>\u00a0\u2013 lo\u1ea1i file th\u01b0\u1eddng d\u00f9ng cho logo ho\u1eb7c bi\u1ec3u t\u01b0\u1ee3ng tr\u00ean web.<\/p>\n

SVG \u0111\u01b0\u1ee3c s\u1eed d\u1ee5ng r\u1ed9ng r\u00e3i tr\u00ean web cho c\u00e1c bi\u1ec3u t\u01b0\u1ee3ng v\u00e0 logo s\u1eafc n\u00e9t. Kh\u00f4ng gi\u1ed1ng nh\u01b0 PNG ho\u1eb7c JPEG, SVG l\u00e0 \u0111\u1ecbnh d\u1ea1ng d\u1ef1a tr\u00ean XML v\u00e0 c\u00f3 th\u1ec3 nh\u00fang m\u00e3 JavaScript, cho ph\u00e9p ch\u00fang ch\u1ee9a m\u00e3 t\u01b0\u01a1ng t\u00e1c ho\u1eb7c trong tr\u01b0\u1eddng h\u1ee3p n\u00e0y l\u00e0 m\u00e3 \u0111\u1ed9c. T\u1ed9i ph\u1ea1m m\u1ea1ng khai th\u00e1c t\u00ednh n\u0103ng n\u00e0y b\u1eb1ng c\u00e1ch nh\u00fang m\u00e3 \u0111\u1ed9c tr\u1ef1c ti\u1ebfp v\u00e0o t\u1ec7p SVG, d\u1eabn \u0111\u1ebfn vi\u1ec7c truy c\u1eadp tr\u00e1i ph\u00e9p, \u0111\u00e1nh c\u1eafp d\u1eef li\u1ec7u v\u00e0 m\u1ea1o danh danh t\u00ednh.<\/p>\n

Tr\u00ecnh duy\u1ec7t c\u00f3 th\u1ec3 hi\u1ec3n th\u1ecb SVG m\u1ed9t c\u00e1ch t\u1ef1 nhi\u00ean, v\u00e0 h\u1ea7u h\u1ebft c\u00e1c \u1ee9ng d\u1ee5ng email hi\u1ec7n nay kh\u00f4ng qu\u00e9t hay ki\u1ec3m tra an to\u00e0n v\u1edbi lo\u1ea1i t\u1ec7p n\u00e0y, khi\u1ebfn n\u00f3 tr\u1edf th\u00e0nh c\u00f4ng c\u1ee5 l\u00fd t\u01b0\u1edfng cho c\u00e1c cu\u1ed9c t\u1ea5n c\u00f4ng l\u1eeba \u0111\u1ea3o.<\/p>\n

\n
\"1744614337999.png\"<\/div>\n<\/div>\n

Trong m\u1ed9t chi\u1ebfn d\u1ecbch, k\u1ebb t\u1ea5n c\u00f4ng gi\u1ea3 m\u1ea1o th\u00f4ng b\u00e1o th\u01b0 tho\u1ea1i t\u1eeb Microsoft Teams. Email l\u1eeba \u0111\u1ea3o tr\u00f4ng r\u1ea5t th\u1eadt, y\u00eau c\u1ea7u ng\u01b0\u1eddi d\u00f9ng t\u1ea3i v\u1ec1 m\u1ed9t t\u1ec7p \u00e2m thanh, nh\u01b0ng th\u1ef1c ch\u1ea5t l\u00e0 m\u1ed9t t\u1ec7p SVG \u0111\u1ed9c h\u1ea1i.<\/p>\n

T\u1ec7p SVG n\u00e0y s\u1eed d\u1ee5ng th\u1ebb <foreignObject> v\u00e0 m\u00e3 h\u00f3a base64 \u0111\u1ec3 v\u01b0\u1ee3t qua c\u00e1c c\u00f4ng c\u1ee5 b\u1ea3o m\u1eadt email. Khi \u0111\u01b0\u1ee3c m\u1edf, h\u00ecnh \u1ea3nh hi\u1ec3n th\u1ecb logo Microsoft gi\u1ea3 v\u00e0 t\u1ef1 \u0111\u1ed9ng chuy\u1ec3n h\u01b0\u1edbng ng\u01b0\u1eddi d\u00f9ng \u0111\u1ebfn m\u1ed9t trang l\u1eeba \u0111\u1ea3o \u0111\u1ec3 thu th\u1eadp th\u00f4ng tin \u0111\u0103ng nh\u1eadp.<\/p>\n

T\u1eadp l\u1ec7nh s\u1eed d\u1ee5ng th\u1ebb SVG <foreignObject> v\u00e0 m\u00e3 h\u00f3a base64, b\u1ecf qua c\u00e1c c\u00f4ng c\u1ee5 b\u1ea3o m\u1eadt email truy\u1ec1n th\u1ed1ng. Khi m\u1edf ra, h\u00ecnh \u1ea3nh s\u1ebd hi\u1ec3n th\u1ecb logo Microsoft gi\u1ea3 v\u00e0 chuy\u1ec3n h\u01b0\u1edbng n\u1ea1n nh\u00e2n \u0111\u1ebfn trang l\u1eeba \u0111\u1ea3o nh\u1eb1m thu th\u1eadp th\u00f4ng tin x\u00e1c th\u1ef1c.<\/p>\n

C\u00e1c n\u1ec1n t\u1ea3ng Phishing-as-a-Service (PhaaS) hi\u1ec7n \u0111ang khai th\u00e1c SVG bao g\u1ed3m:<\/p>\n

    \n
  • Tycoon2FA<\/li>\n
  • Mamba2FA<\/li>\n
  • Sneaky2FA<\/li>\n<\/ul>\n
    \n
    \"1744614745926.png\"<\/div>\n<\/div>\n

    C\u00e1ch th\u1ee9c t\u1ea5n c\u00f4ng c\u1ee7a tin t\u1eb7c:<\/p>\n

      \n
    • Nh\u00fang nhi\u1ec1u l\u1edbp m\u00e3 \u0111\u1ed9c \u0111\u00e3 \u0111\u01b0\u1ee3c l\u00e0m r\u1ed1i (obfuscate) v\u00e0o t\u1ec7p SVG<\/li>\n
    • Th\u1ef1c hi\u1ec7n t\u1ea5n c\u00f4ng gi\u1eefa phi\u00ean (AiTM – Attack-in-the-Middle)<\/li>\n
    • Chuy\u1ec3n h\u01b0\u1edbng ng\u01b0\u1eddi d\u00f9ng \u0111\u1ebfn c\u00e1c trang l\u1eeba \u0111\u1ea3o c\u00f3 kh\u1ea3 n\u0103ng v\u01b0\u1ee3t qua MFA<\/li>\n<\/ul>\n

      \u0110\u1ec3 \u0111\u1ed1i ph\u00f3, ng\u01b0\u1eddi \u0111\u01b0\u1ee3c khuy\u1ebfn ngh\u1ecb c\u1ea7n th\u1ef1c hi\u1ec7n c\u00e1c bi\u1ec7n ph\u00e1p:<\/p>\n

        \n
      • Ch\u1eb7n ho\u1eb7c g\u1eafn c\u1edd t\u1ec7p SVG trong email: C\u00e2n nh\u1eafc vi\u1ec7c ch\u1eb7n ho\u1eb7c g\u1eafn c\u1ea3nh b\u00e1o v\u1edbi email ch\u1ee9a SVG<\/li>\n
      • C\u1ea9n tr\u1ecdng khi xem tin nh\u1eafn, email, \u0111\u01b0\u1eddng link v\u00e0 c\u00e1c file \u0111\u00ednh k\u00e8m trong \u0111\u00f3: Lu\u00f4n nghi ng\u1edd c\u00e1c file ho\u1eb7c link b\u1ea5t ng\u1edd, kh\u00f4ng n\u00ean t\u1ea3i xu\u1ed1ng m\u00e0 ch\u01b0a th\u00f4ng qua ki\u1ec3m tra.<\/li>\n
      • X\u00e1c minh danh t\u00ednh ng\u01b0\u1eddi g\u1eedi: Ki\u1ec3m tra k\u1ef9 th\u00f4ng tin ng\u01b0\u1eddi g\u1eedi v\u00e0 n\u1ed9i dung<\/li>\n
      • \u0110\u00e0o t\u1ea1o nh\u00e2n vi\u00ean: C\u1eadp nh\u1eadt th\u01b0\u1eddng xuy\u00ean v\u1ec1 c\u00e1c k\u1ef9 thu\u1eadt l\u1eeba \u0111\u1ea3o m\u1edbi<\/li>\n
      • S\u1eed d\u1ee5ng h\u1ec7 th\u1ed1ng b\u1ea3o v\u1ec7 n\u00e2ng cao: C\u00e0i \u0111\u1eb7t c\u00e1c c\u00f4ng c\u1ee5 l\u1ecdc v\u00e0 ph\u00e1t hi\u1ec7n m\u1ed1i \u0111e d\u1ecda hi\u1ec7u qu\u1ea3<\/li>\n
      • \u00c1p d\u1ee5ng ph\u01b0\u01a1ng ph\u00e1p MFA v\u1edbi c\u00e1c l\u1edbp b\u1ed5 sung an to\u00e0n h\u01a1n: \u01afu ti\u00ean c\u00e1c ph\u01b0\u01a1ng ph\u00e1p x\u00e1c th\u1ef1c ch\u1ed1ng l\u1eeba \u0111\u1ea3o<\/li>\n<\/ul>\n
        Theo Security Online<\/i><\/b><\/div>\n","protected":false},"excerpt":{"rendered":"

        Trong th\u1eddi \u0111\u1ea1i s\u1ed1, k\u1ebb x\u1ea5u kh\u00f4ng c\u00f2n ch\u1ec9 g\u1eedi virus hay \u0111\u01b0\u1eddng link \u0111\u1ed9c h\u1ea1i, m\u00e0 m\u1ed9t t\u1ea5m h\u00ecnh t\u01b0\u1edfng ch\u1eebng v\u00f4 h\u1ea1i c\u0169ng c\u00f3 th\u1ec3 l\u00e0 c\u00e1i b\u1eaby. Nh\u1eefng t\u1ec7p h\u00ecnh \u1ea3nh nh\u1eb9, t\u01b0\u1edfng ch\u1eebng v\u00f4 h\u1ea1i n\u00e0y \u0111ang tr\u1edf th\u00e0nh c\u00f4ng c\u1ee5 \u01b0a th\u00edch c\u1ee7a t\u1ed9i ph\u1ea1m m\u1ea1ng \u0111\u1ec3 \u0111\u00e1nh c\u1eafp th\u00f4ng […]<\/p>\n","protected":false},"author":20,"featured_media":45765,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"tdm_status":"","tdm_grid_status":"","footnotes":""},"categories":[4,35],"tags":[],"class_list":["post-45764","post","type-post","status-publish","format-standard","has-post-thumbnail","category-kien-thuc-an-toan-thong-tin","category-tin-tuc-su-kien"],"amp_enabled":true,"_links":{"self":[{"href":"https:\/\/antoanthongtinhaiphong.gov.vn\/wp-json\/wp\/v2\/posts\/45764","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/antoanthongtinhaiphong.gov.vn\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/antoanthongtinhaiphong.gov.vn\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/antoanthongtinhaiphong.gov.vn\/wp-json\/wp\/v2\/users\/20"}],"replies":[{"embeddable":true,"href":"https:\/\/antoanthongtinhaiphong.gov.vn\/wp-json\/wp\/v2\/comments?post=45764"}],"version-history":[{"count":1,"href":"https:\/\/antoanthongtinhaiphong.gov.vn\/wp-json\/wp\/v2\/posts\/45764\/revisions"}],"predecessor-version":[{"id":45766,"href":"https:\/\/antoanthongtinhaiphong.gov.vn\/wp-json\/wp\/v2\/posts\/45764\/revisions\/45766"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/antoanthongtinhaiphong.gov.vn\/wp-json\/wp\/v2\/media\/45765"}],"wp:attachment":[{"href":"https:\/\/antoanthongtinhaiphong.gov.vn\/wp-json\/wp\/v2\/media?parent=45764"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/antoanthongtinhaiphong.gov.vn\/wp-json\/wp\/v2\/categories?post=45764"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/antoanthongtinhaiphong.gov.vn\/wp-json\/wp\/v2\/tags?post=45764"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}