VietCredCare cyber threat shakes up Vietnam’s social media scene

1 min read


  • A new cyber threat, VietCredCare, is causing concern in Vietnam, targeting social media business profiles
  • The malware steals session cookies and credentials, with a focus on accounts with positive Meta ad credit balances

A new cyber threat known as VietCredCare is currently posing a significant risk in Vietnam, particularly for those who manage business profiles on popular social media platforms. This advanced malware, detected by Group-IB’s High-Tech Crime Investigation team, has been actively targeting Vietnamese users since August 2022.

VietCredCare is designed to steal session cookies and credentials, with a specific focus on accounts that have positive Meta ad credit balances. However, it is not merely a tool for information theft; it also aims to take control of business accounts on Facebook for political content dissemination or financial misconduct, including phishing and financial crimes.

The malware has caused a widespread impact across Vietnam, affecting 44 different provinces with a strong presence in major urban areas like Hanoi, Ho Chi Minh City, and Da Nang. VietCredCare is promoted as a Stealer-as-a-Service, allowing cybercriminals easy access to exploit stolen data.

Group-IB has taken proactive measures to address this growing threat, alerting affected entities and collaborating with Vietnamese law enforcement agencies. The intricate phishing attacks using VietCredCare highlight the evolving dangers in the cyber landscape, emphasizing the need for increased security awareness among internet users.

The malware is managed through a unique Telegram bot, facilitating the exfiltration and delivery of stolen device credentials. To combat cybercrime and protect organizations in both the public and private sectors, Group-IB stresses the importance of enabling two-factor authentication and avoiding suspicious links.

Previous Story

Cybersecurity startup Dazz names Jared Phipps Chief Revenue Officer

Next Story

Feds confirm: AT&T outage not linked to cyberattack

Latest from News