The hacker group named APT 32 start targeting Vietnamese HRDs by Spyware from February 2018 to November 2020. These hackers group is from Vietnam and targeted almost every non-profit organization located at Vietnam.

The attackers are capable to read and write compromised documents with the help of Spyware that they used. The spyware is also able to initiate various tools and programs which are further used for monitoring the victim’s activities.

According to the researcher, these attacks are conducted over the Vietnamese activists and other peoples who have abroad face while standing up for human rights. This is an unlawful activity that creates a hindrance to privacy and manipulates the freedom of expression.

The expert also added that the Vietnamese government must start an independent investigation to catch the hackers and any suspect captured will reduce the risk of upcoming attacks.

How the Hackers use Spyware?

These types of attacks are ongoing and focused on the Vietnamese HRDs, nonprofit organizations, bloggers, and other peoples. APT 32 is used to trap the pro-democracy activist Bui Thanh Hieu, who is working with VOICE NPO and several unidentified bloggers.

Tips to Protect Yourself From Phishing Attacks

Read these expert tips to protect yourself from Phishing Attacks.

• Employ Security Software : Install security software that updates automatically and deal with all the upcoming phishing threats. Antivirus software is capable to detect phishing activity online or offline.
• Use Mult-Factor Authentication : Apply multi-factor authentication to an account that reduces the risk of a phishing attack. Multi-factor authentication requires two or more credentials to log in to an account.
• Never Share Any Information : Do not disclose your personal information (like birthdays, education, employment, and account-related data) over Facebook or any other social sites.
• Don’t Open Attachments : Beware of the attachments sent through the emails. Scan the attachments with the security software before downloading them.
• Take Regular Backup : Make sure that your data is backup regularly to avoid unwanted phishing attacks. Always backup your data to removal storage and keep it in a safe place.
• Don’t Click on Link : Instead of clicking a link directly, you can hover your mouse cursor and check the link is malicious or not. Never open a link directly without conforming to it and check the link starts with HTTPS.
• Avoid Pop-Ups : Never click on a random pop-up that comes to your screen while surfing over the internet. Instead of clicking on the “cancel” button always choose to hit the “X” button.
• Update Software Regularly : Continually, update your software as required because the updates fixed the patches accordingly and reduce the risk of a phishing attack.
• Conduct User Awareness :The best way to reduce phishing attacks is awareness. Conduct regular programs and aware your employees of this threat.
• Apply Phishing Filter : Install and configure the phishing filter for your email application and also for the web browser. This filer protects you from random phishing attack and also reduce the malicious phishing attempts.

Who Exposed APT32 Real Identity?

In December 2020, the Facebook security team exposed the identity of this group when they were trying to link the Vietnamese IT organization.

Facebook exposed the real identity of the APT32 group, it is a Vietnamese-based advance attacker group used for targeting high-profile foreign companies that are investing in several sectors of Vietnam industries, Vietnamese human rights organizations, and other worldwide research institute and media organizations.

The group is also responsible for breaching the networks of Toyota and Lexus sales subsidiaries, the network of Hyundai and BMW which are linked through Crowdstrike while making the automotive targets.

After that the APT32 also targeted the harvest intelligence department, dealing with the COVID-19 crises through the spear-phishing attacks that targeted the China Ministry of Emergency Management and Wuhan province government group.

Whereas FireEye also identified the group that targeted the operations running against the journalists of Vietnam diaspora members that spoke about threat free speech and other political activism.

Several experts are failed to prove the direct connection between Ocean Lotus and CyberOne. The attacks are discovered through the investigation confirm the pattern of the hackers, that they start targeting individual organizations located in Vietnamese.