{"id":47794,"date":"2026-04-30T22:53:30","date_gmt":"2026-04-30T15:53:30","guid":{"rendered":"https:\/\/antoanthongtinhaiphong.gov.vn\/?p=47794"},"modified":"2026-05-05T22:54:24","modified_gmt":"2026-05-05T15:54:24","slug":"canh-bao-ma-doc-pha-huy-du-lieu-vinh-vien-tren-windows-linux-va-esxi","status":"publish","type":"post","link":"https:\/\/antoanthongtinhaiphong.gov.vn\/canh-bao-ma-doc-pha-huy-du-lieu-vinh-vien-tren-windows-linux-va-esxi\/","title":{"rendered":"C\u1ea3nh b\u00e1o m\u00e3 \u0111\u1ed9c ph\u00e1 h\u1ee7y d\u1eef li\u1ec7u v\u0129nh vi\u1ec5n tr\u00ean Windows, Linux v\u00e0 ESXi"},"content":{"rendered":"<div><b>M\u1ed9t chi\u1ebfn d\u1ecbch t\u1ea5n c\u00f4ng m\u1edbi c\u00f3 t\u00ean VECT 2.0 \u0111ang khi\u1ebfn c\u1ed9ng \u0111\u1ed3ng an ninh m\u1ea1ng to\u00e0n c\u1ea7u &#8220;c\u1ef1c r\u00e9n&#8221; khi ng\u1ee5y trang d\u01b0\u1edbi d\u1ea1ng ransomware nh\u01b0ng th\u1ef1c ch\u1ea5t l\u00e0 data wiper &#8211; lo\u1ea1i m\u00e3 \u0111\u1ed9c ph\u00e1 h\u1ee7y d\u1eef li\u1ec7u kh\u00f4ng th\u1ec3 ph\u1ee5c h\u1ed3i, \u0111\u1eb7c bi\u1ec7t v\u1edbi c\u00e1c t\u1eadp tin c\u00f3 dung l\u01b0\u1ee3ng tr\u00ean 131KB.<\/b><br \/>\n\u200b<\/div>\n<div>\n<div class=\"bbImageWrapper  js-lbImage\" title=\"1777428935605.png\" data-src=\"https:\/\/whitehat.vn\/attachments\/1777428935605-png.18930\/\" data-lb-sidebar-href=\"\" data-lb-caption-extra-html=\"\" data-single-image=\"1\"><img loading=\"lazy\" decoding=\"async\" class=\"bbImage\" title=\"1777428935605.png\" src=\"https:\/\/whitehat.vn\/attachments\/1777428935605-png.18930\/\" alt=\"1777428935605.png\" width=\"903\" height=\"522\" data-url=\"\" data-zoom-target=\"1\" \/><\/div>\n<p>\u200b<\/p><\/div>\n<div>\nTheo ph\u00e2n t\u00edch t\u1eeb c\u00e1c chuy\u00ean gia, VECT 2.0 l\u00e0 m\u1ed9t chi\u1ebfn d\u1ecbch t\u1ea5n c\u00f4ng \u0111a n\u1ec1n t\u1ea3ng, c\u00f3 th\u1ec3 ho\u1ea1t \u0111\u1ed9ng tr\u00ean Windows, Linux v\u00e0 ESXi. D\u00f9 \u0111\u01b0\u1ee3c qu\u1ea3ng b\u00e1 nh\u01b0 ransomware, m\u00e3 \u0111\u1ed9c n\u00e0y l\u1ea1i t\u1ed3n t\u1ea1i l\u1ed7i k\u1ef9 thu\u1eadt nghi\u00eam tr\u1ecdng trong c\u01a1 ch\u1ebf m\u00e3 h\u00f3a, khi\u1ebfn ph\u1ea7n l\u1edbn d\u1eef li\u1ec7u b\u1ecb x\u00f3a v\u0129nh vi\u1ec5n, ngay c\u1ea3 khi n\u1ea1n nh\u00e2n ch\u1ea5p nh\u1eadn tr\u1ea3 ti\u1ec1n chu\u1ed9c. \u0110\u00e1ng lo ng\u1ea1i h\u01a1n, VECT 2.0 c\u00f2n \u0111\u01b0\u1ee3c tri\u1ec3n khai theo m\u00f4 h\u00ecnh Ransomware-as-a-Service (RaaS), cho ph\u00e9p nhi\u1ec1u \u0111\u1ed1i t\u01b0\u1ee3ng kh\u00e1c d\u1ec5 d\u00e0ng tham gia t\u1ea5n c\u00f4ng v\u1edbi chi ph\u00ed th\u1ea5p, t\u1eeb \u0111\u00f3 l\u00e0m gia t\u0103ng nguy c\u01a1 l\u00e2y lan tr\u00ean di\u1ec7n r\u1ed9ng.<\/p>\n<p>C\u1ee5 th\u1ec3, malware n\u00e0y chia m\u1ed7i file l\u1edbn th\u00e0nh 4 ph\u1ea7n (chunk) v\u00e0 m\u00e3 h\u00f3a b\u1eb1ng thu\u1eadt to\u00e1n ChaCha20. Tuy nhi\u00ean, n\u00f3 ch\u1ec9 l\u01b0u l\u1ea1i m\u1ed9t gi\u00e1 tr\u1ecb \u201cnonce\u201d cu\u1ed1i c\u00f9ng, trong khi ba gi\u00e1 tr\u1ecb c\u00f2n l\u1ea1i v\u1ed1n l\u00e0 y\u1ebfu t\u1ed1 b\u1eaft bu\u1ed9c \u0111\u1ec3 gi\u1ea3i m\u00e3 l\u1ea1i b\u1ecb x\u00f3a ho\u00e0n to\u00e0n. \u0110i\u1ec1u n\u00e0y khi\u1ebfn \u00edt nh\u1ea5t 75% n\u1ed9i dung c\u1ee7a file kh\u00f4ng th\u1ec3 ph\u1ee5c h\u1ed3i, \u00e1p d\u1ee5ng v\u1edbi m\u1ecdi file c\u00f3 dung l\u01b0\u1ee3ng l\u1edbn h\u01a1n 131KB, t\u1ee9c g\u1ea7n nh\u01b0 to\u00e0n b\u1ed9 d\u1eef li\u1ec7u doanh nghi\u1ec7p.<\/p>\n<p>\u0110\u00e1ng ch\u00fa \u00fd, nh\u00f3m \u0111\u1ee9ng sau VECT 2.0 tuy\u00ean b\u1ed1 s\u1eed d\u1ee5ng chu\u1ea9n m\u00e3 h\u00f3a m\u1ea1nh ChaCha20-Poly1305, nh\u01b0ng th\u1ef1c t\u1ebf l\u1ea1i tri\u1ec3n khai phi\u00ean b\u1ea3n y\u1ebfu h\u01a1n, kh\u00f4ng c\u00f3 c\u01a1 ch\u1ebf x\u00e1c th\u1ef1c d\u1eef li\u1ec7u. \u0110i\u1ec1u n\u00e0y cho th\u1ea5y s\u1ef1 thi\u1ebfu chuy\u00ean nghi\u1ec7p ho\u1eb7c kh\u1ea3 n\u0103ng s\u1eed d\u1ee5ng code t\u1ef1 \u0111\u1ed9ng (AI) ch\u01b0a ho\u00e0n thi\u1ec7n.<\/p>\n<p>Tr\u00ean Windows, VECT 2.0 c\u00f3 kh\u1ea3 n\u0103ng m\u00e3 h\u00f3a d\u1eef li\u1ec7u tr\u00ean \u1ed5 c\u1ee9ng n\u1ed9i b\u1ed9, thi\u1ebft b\u1ecb l\u01b0u tr\u1eef r\u1eddi v\u00e0 c\u1ea3 h\u1ec7 th\u1ed1ng m\u1ea1ng, \u0111\u1ed3ng th\u1eddi thi\u1ebft l\u1eadp c\u01a1 ch\u1ebf duy tr\u00ec hi\u1ec7n di\u1ec7n b\u1eb1ng c\u00e1ch bu\u1ed9c h\u1ec7 th\u1ed1ng kh\u1edfi \u0111\u1ed9ng l\u1ea1i trong ch\u1ebf \u0111\u1ed9 Safe Mode. Trong khi \u0111\u00f3, c\u00e1c bi\u1ebfn th\u1ec3 tr\u00ean ESXi v\u00e0 Linux c\u00f3 th\u1ec3 l\u00e2y lan qua SSH v\u00e0 n\u00e9 tr\u00e1nh ph\u00e2n t\u00edch th\u00f4ng qua k\u1ef9 thu\u1eadt geofencing, t\u1ee9c l\u00e0 t\u1ef1 \u0111\u1ed9ng tr\u00e1nh ho\u1ea1t \u0111\u1ed9ng t\u1ea1i m\u1ed9t s\u1ed1 qu\u1ed1c gia nh\u1ea5t \u0111\u1ecbnh.<\/p>\n<p>Khi nhi\u1ec1u doanh nghi\u1ec7p t\u1ea1i Vi\u1ec7t Nam v\u1eabn ph\u1ee5 thu\u1ed9c v\u00e0o kh\u1ea3 n\u0103ng gi\u1ea3i m\u00e3 sau khi tr\u1ea3 ti\u1ec1n chu\u1ed9c, s\u1ef1 xu\u1ea5t hi\u1ec7n c\u1ee7a VECT 2.0 l\u00e0 m\u1ed9t b\u00e1o \u0111\u1ed9ng \u0111\u1ecf. V\u1edbi lo\u1ea1i m\u00e3 \u0111\u1ed9c n\u00e0y, vi\u1ec7c tr\u1ea3 ti\u1ec1n chu\u1ed9c kh\u00f4ng mang l\u1ea1i b\u1ea5t k\u1ef3 kh\u1ea3 n\u0103ng kh\u00f4i ph\u1ee5c d\u1eef li\u1ec7u n\u00e0o, \u0111\u1eb7c bi\u1ec7t v\u1edbi c\u00e1c file tr\u00ean 131KB &#8211; nh\u00f3m d\u1eef li\u1ec7u quan tr\u1ecdng nh\u1ea5t trong h\u1ec7 th\u1ed1ng.<\/p>\n<p>C\u00e1c \u0111\u1ed9i k\u1ef9 thu\u1eadt t\u1ea1i Vi\u1ec7t Nam c\u1ea7n chuy\u1ec3n tr\u1ecdng t\u00e2m t\u1eeb \u1ee9ng c\u1ee9u sau t\u1ea5n c\u00f4ng sang ph\u00f2ng th\u1ee7 ch\u1ee7 \u0111\u1ed9ng v\u00e0 kh\u1ea3 n\u0103ng ph\u1ee5c h\u1ed3i:\u200b<\/p><\/div>\n<ul>\n<li data-xf-list-type=\"ul\">\n<div>Tri\u1ec3n khai sao l\u01b0u offline \u0111\u1ecbnh k\u1ef3, \u0111\u1ea3m b\u1ea3o d\u1eef li\u1ec7u kh\u00f4ng b\u1ecb truy c\u1eadp t\u1eeb h\u1ec7 th\u1ed1ng b\u1ecb nhi\u1ec5m m\u00e3 \u0111\u1ed9c\u200b<\/div>\n<\/li>\n<li data-xf-list-type=\"ul\">\n<div>Th\u01b0\u1eddng xuy\u00ean ki\u1ec3m th\u1eed quy tr\u00ecnh kh\u00f4i ph\u1ee5c \u0111\u1ec3 \u0111\u1ea3m b\u1ea3o c\u00f3 th\u1ec3 v\u1eadn h\u00e0nh l\u1ea1i h\u1ec7 th\u1ed1ng trong th\u1eddi gian ng\u1eafn\u200b<\/div>\n<\/li>\n<li data-xf-list-type=\"ul\">\n<div>T\u0103ng c\u01b0\u1eddng gi\u00e1m s\u00e1t an ninh (EDR\/XDR, SIEM) nh\u1eb1m ph\u00e1t hi\u1ec7n s\u1edbm h\u00e0nh vi b\u1ea5t th\u01b0\u1eddng, \u0111\u1eb7c bi\u1ec7t l\u00e0 truy c\u1eadp tr\u00e1i ph\u00e9p qua SSH ho\u1eb7c di chuy\u1ec3n ngang trong m\u1ea1ng\u200b<\/div>\n<\/li>\n<li data-xf-list-type=\"ul\">\n<div>X\u00e2y d\u1ef1ng quy tr\u00ecnh c\u00f4 l\u1eadp nhanh, bao g\u1ed3m ng\u1eaft k\u1ebft n\u1ed1i m\u00e1y nghi nhi\u1ec5m kh\u1ecfi m\u1ea1ng n\u1ed9i b\u1ed9 ngay khi ph\u00e1t hi\u1ec7n d\u1ea5u hi\u1ec7u t\u1ea5n c\u00f4ng\u200b<\/div>\n<\/li>\n<li data-xf-list-type=\"ul\">\n<div>Ki\u1ec3m so\u00e1t ch\u1eb7t quy\u1ec1n truy c\u1eadp v\u00e0 h\u1ea1n ch\u1ebf s\u1eed d\u1ee5ng t\u00e0i kho\u1ea3n \u0111\u1eb7c quy\u1ec1n, gi\u1ea3m thi\u1ec3u nguy c\u01a1 b\u1ecb khai th\u00e1c di\u1ec7n r\u1ed9ng\u200b<\/div>\n<\/li>\n<\/ul>\n<div>kh\u00f4ng ph\u1ea3i m\u1ecdi ransomware \u0111\u1ec1u c\u00f3 th\u1ec3 \u201cgi\u1ea3i m\u00e3 n\u1ebfu tr\u1ea3 ti\u1ec1n\u201d. V\u1edbi c\u00e1c bi\u1ebfn th\u1ec3 nh\u01b0 VECT 2.0, m\u1ea5t d\u1eef li\u1ec7u l\u00e0 v\u0129nh vi\u1ec5n v\u00e0 ch\u1ec9 c\u00f3 chi\u1ebfn l\u01b0\u1ee3c ph\u00f2ng th\u1ee7 nhi\u1ec1u l\u1edbp c\u00f9ng h\u1ec7 th\u1ed1ng sao l\u01b0u an to\u00e0n m\u1edbi l\u00e0 \u201cphao c\u1ee9u sinh\u201d th\u1ef1c s\u1ef1.<br \/>\n\u200b<\/div>\n<div><b><i>The Hacker News<\/i><\/b><\/div>\n","protected":false},"excerpt":{"rendered":"<p>M\u1ed9t chi\u1ebfn d\u1ecbch t\u1ea5n c\u00f4ng m\u1edbi c\u00f3 t\u00ean VECT 2.0 \u0111ang khi\u1ebfn c\u1ed9ng \u0111\u1ed3ng an ninh m\u1ea1ng to\u00e0n c\u1ea7u &#8220;c\u1ef1c r\u00e9n&#8221; khi ng\u1ee5y trang d\u01b0\u1edbi d\u1ea1ng ransomware nh\u01b0ng th\u1ef1c ch\u1ea5t l\u00e0 data wiper &#8211; lo\u1ea1i m\u00e3 \u0111\u1ed9c ph\u00e1 h\u1ee7y d\u1eef li\u1ec7u kh\u00f4ng th\u1ec3 ph\u1ee5c h\u1ed3i, \u0111\u1eb7c bi\u1ec7t v\u1edbi c\u00e1c t\u1eadp tin c\u00f3 dung l\u01b0\u1ee3ng tr\u00ean [&hellip;]<\/p>\n","protected":false},"author":20,"featured_media":47795,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"tdm_status":"","tdm_grid_status":"","footnotes":""},"categories":[3,24,35],"tags":[],"class_list":["post-47794","post","type-post","status-publish","format-standard","has-post-thumbnail","category-canh-bao-khuyen-nghi","category-tin-noi-bat","category-tin-tuc-su-kien"],"amp_enabled":true,"_links":{"self":[{"href":"https:\/\/antoanthongtinhaiphong.gov.vn\/wp-json\/wp\/v2\/posts\/47794","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/antoanthongtinhaiphong.gov.vn\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/antoanthongtinhaiphong.gov.vn\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/antoanthongtinhaiphong.gov.vn\/wp-json\/wp\/v2\/users\/20"}],"replies":[{"embeddable":true,"href":"https:\/\/antoanthongtinhaiphong.gov.vn\/wp-json\/wp\/v2\/comments?post=47794"}],"version-history":[{"count":1,"href":"https:\/\/antoanthongtinhaiphong.gov.vn\/wp-json\/wp\/v2\/posts\/47794\/revisions"}],"predecessor-version":[{"id":47796,"href":"https:\/\/antoanthongtinhaiphong.gov.vn\/wp-json\/wp\/v2\/posts\/47794\/revisions\/47796"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/antoanthongtinhaiphong.gov.vn\/wp-json\/wp\/v2\/media\/47795"}],"wp:attachment":[{"href":"https:\/\/antoanthongtinhaiphong.gov.vn\/wp-json\/wp\/v2\/media?parent=47794"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/antoanthongtinhaiphong.gov.vn\/wp-json\/wp\/v2\/categories?post=47794"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/antoanthongtinhaiphong.gov.vn\/wp-json\/wp\/v2\/tags?post=47794"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}