After more than a month of discovering that many website addresses of Vietnamese management agencies and educational institutions with the domain names ".edu.vn" and ".gov.vn" were inserted with gambling and betting advertisements, there are still hundreds of websites being attacked, continuing to increase compared to statistics in April 2023, according to the latest report published by the Vietnam National Cyber Security Technology Company (NCS).
Security experts have used automated analysis tools, focusing only on scanning the surface of websites provided on the internet. This means that some websites may have been hacked, hidden but have not shown any external signs and will not be included in the above statistics.
Many government agency websites are still infected with malicious code advertising gambling and betting.
According to experts, the set of keywords to guide SEO (Search Engine Optimization) searches inserted on the websites is in Vietnamese, but the new point is that the gambling websites redirected to by this attack campaign mostly have English interfaces, without a menu to switch to the Vietnamese interface.
"Hacker attacks and the insertion of gambling and betting advertisements are not new and have been widely warned about, however, the results of this review show that the reactions in the education sector and state agencies are relatively different," said a representative of the security company.
Specifically, while the state sector has been quite active and has reduced the number of affected websites by more than 50% (only 76 left), the education sector has been the opposite, with a slight increase of 11% (190 websites with malicious code inserted) compared to more than 1 month ago. This partly reflects the current situation of information security personnel in agencies and organizations in Vietnam.
"State agencies have specialized IT departments so they are better able to handle and remove malware, while educational institutions almost do not have such specialized departments so the situation has not improved much after being warned," security expert Vu Ngoc Son assessed.
In addition, some websites show signs of being attacked many times, showing that the way administrators and problem-solving are not really thorough, leading to the system still containing vulnerabilities and hackers can re-infiltrate. NCS recommends that administrators need to review everything, from infrastructure design, security configuration, operating procedures to website source code, fully update vulnerability patches, and build 24/7 monitoring plans to proactively and promptly detect.
Source link
![[Photo] Binh Trieu 1 Bridge has been completed, raised by 1.1m, and will open to traffic at the end of November.](https://vphoto.vietnam.vn/thumb/1200x675/vietnam/resource/IMAGE/2025/10/2/a6549e2a3b5848a1ba76a1ded6141fae)
Comment (0)