Vietnamese cybersecurity corporation Bkav has uncovered spyware being disseminated via a fake website of the Ministry of Public Security with the aim to secretly gather victims' sensitive data.

The spyware can be planted in a victim's smartphone to track and collect their data and then transfer it to the hackers' remote server, Bkav said in a statement on Tuesday,.

Bkav estimated there had been over 300 victims of the spyware, which is named VN84App.

Analysis by the firm’s cybersecurity experts shows that VN84App has been disseminated via many websites under the guise of public authorities, including one that pretends to be the official portal of Vietnam’s Ministry of Public Security.

Hackers trick online users into accessing the fake websites and lure them into downloading the VN84App app as an .apk file.

Once downloaded and installed, the spyware silently gathers sensitive data such as messages, contacts, the device’s IMEI number, and more and sends the stolen information to the hackers’ remote server.

Bkav’s experts also found that one of the hackers’ servers had a Chinese interface and the messages collected by the spyware contained information on bank transactions worth billions of Vietnam dong. (VND1 billion = US$43,000)

“VN84App is dangerous spyware built to gather the victims' messages, including sensitive information such as one-time passwords for bank transactions and personal messages,” said Nguyen Van Cuong, head of the Bkav analysis team.

“The malicious software is also programmed to include other modules capable of conducting potential further attacks later on,” Cuong added.

Bkav said it is working with competent authorities to intercept and deal with the VN84App spyware.

Like us on Facebook or follow us on Twitter to get the latest news about Vietnam!