{"id":10358,"date":"2025-05-14T19:57:47","date_gmt":"2025-05-14T12:57:47","guid":{"rendered":"https:\/\/infosec.new88088.net\/?p=10358"},"modified":"2026-02-03T20:25:50","modified_gmt":"2026-02-03T13:25:50","slug":"hacker-loi-dung-trao-luu-ai-de-cai-ma-doc-chiem-tai-khoan-va-vi-tien-ao","status":"publish","type":"post","link":"https:\/\/infosec.new88088.net\/2025\/05\/14\/hacker-loi-dung-trao-luu-ai-de-cai-ma-doc-chiem-tai-khoan-va-vi-tien-ao\/","title":{"rendered":"Hacker l\u1ee3i d\u1ee5ng tr\u00e0o l\u01b0u AI \u0111\u1ec3 c\u00e0i m\u00e3 \u0111\u1ed9c chi\u1ebfm t\u00e0i kho\u1ea3n v\u00e0 v\u00ed ti\u1ec1n \u1ea3o"},"content":{"rendered":"

M\u1ed9t chi\u1ebfn d\u1ecbch t\u1ea5n c\u00f4ng m\u1ea1ng tinh vi m\u1edbi \u0111ang l\u1ee3i d\u1ee5ng l\u00e0n s\u00f3ng quan t\u00e2m t\u1edbi tr\u00ed tu\u1ec7 nh\u00e2n t\u1ea1o (AI) \u0111\u1ec3 ph\u00e1t t\u00e1n ph\u1ea7n m\u1ec1m \u0111\u1ed9c h\u1ea1i, trong \u0111\u00f3 n\u1ed5i b\u1eadt l\u00e0 m\u00e3 \u0111\u1ed9c \u0111\u00e1nh c\u1eafp th\u00f4ng tin Noodlophile Stealer ch\u01b0a t\u1eebng \u0111\u01b0\u1ee3c ghi nh\u1eadn tr\u01b0\u1edbc \u0111\u00e2y, k\u1ebft h\u1ee3p v\u1edbi trojan truy c\u1eadp t\u1eeb xa XWorm. Tin t\u1eb7c t\u1ea1o ra c\u00e1c trang web gi\u1ea3 m\u1ea1o n\u1ec1n t\u1ea3ng t\u1ea1o video b\u1eb1ng AI, \u0111\u00e1nh v\u00e0o t\u00e2m l\u00fd t\u00f2 m\u00f2 v\u00e0 nhu c\u1ea7u s\u1eed d\u1ee5ng c\u00f4ng c\u1ee5 AI mi\u1ec5n ph\u00ed c\u1ee7a ng\u01b0\u1eddi d\u00f9ng.<\/p>\n

\"\"<\/p>\n

Chi\u1ebfn d\u1ecbch b\u1eaft \u0111\u1ea7u b\u1eb1ng vi\u1ec7c qu\u1ea3ng b\u00e1 c\u00e1c website gi\u1ea3 th\u00f4ng qua c\u00e1c nh\u00f3m Facebook ho\u1eb7c b\u00e0i \u0111\u0103ng lan truy\u1ec1n m\u1ea1nh, thu h\u00fat h\u00e0ng ch\u1ee5c ngh\u00ecn l\u01b0\u1ee3t xem. Ng\u01b0\u1eddi d\u00f9ng \u0111\u01b0\u1ee3c m\u1eddi t\u1ea3i l\u00ean h\u00ecnh \u1ea3nh ho\u1eb7c video \u0111\u1ec3 \u201cAI x\u1eed l\u00fd\u201d, sau \u0111\u00f3 \u0111\u01b0\u1ee3c y\u00eau c\u1ea7u t\u1ea3i v\u1ec1 m\u1ed9t t\u1ec7p n\u00e9n ZIP ch\u1ee9a \u201cvideo do AI t\u1ea1o ra\u201d. Tr\u00ean th\u1ef1c t\u1ebf, b\u00ean trong l\u00e0 m\u1ed9t file th\u1ef1c thi \u0111\u1ed9c h\u1ea1i c\u00f3 t\u00ean g\u00e2y hi\u1ec3u nh\u1ea7m nh\u01b0 Video Dream MachineAI.mp4.exe<\/em>, l\u1ee3i d\u1ee5ng vi\u1ec7c \u1ea9n ph\u1ea7n m\u1edf r\u1ed9ng t\u1ec7p \u0111\u1ec3 \u0111\u00e1nh l\u1eeba ng\u01b0\u1eddi d\u00f9ng. Khi m\u1edf file, m\u00e3 \u0111\u1ed9c s\u1ebd \u0111\u01b0\u1ee3c k\u00edch ho\u1ea1t ngay l\u1eadp t\u1ee9c.<\/p>\n

\"\"

Website gi\u1ea3 m\u1ea1o<\/p><\/div>\n

Noodlophile Stealer l\u00e0 m\u1ed9t lo\u1ea1i malware chuy\u00ean \u0111\u00e1nh c\u1eafp d\u1eef li\u1ec7u nh\u1ea1y c\u1ea3m, bao g\u1ed3m th\u00f4ng tin \u0111\u0103ng nh\u1eadp, cookie tr\u00ecnh duy\u1ec7t, v\u00ed ti\u1ec1n \u0111i\u1ec7n t\u1eed, token phi\u00ean v\u00e0 c\u00e1c t\u1ec7p quan tr\u1ecdng tr\u00ean m\u00e1y n\u1ea1n nh\u00e2n. \u0110i\u1ec3m \u0111\u00e1ng ch\u00fa \u00fd l\u00e0 m\u00e3 \u0111\u1ed9c n\u00e0y s\u1eed d\u1ee5ng bot Telegram l\u00e0m k\u00eanh \u0111i\u1ec1u khi\u1ec3n v\u00e0 thu th\u1eadp d\u1eef li\u1ec7u, gi\u00fap tin t\u1eb7c \u1ea9n danh v\u00e0 n\u00e9 tr\u00e1nh c\u00e1c c\u01a1 ch\u1ebf gi\u00e1m s\u00e1t truy\u1ec1n th\u1ed1ng.<\/p>\n

Trong c\u00e1c bi\u1ebfn th\u1ec3 nguy hi\u1ec3m h\u01a1n, Noodlophile \u0111\u01b0\u1ee3c tri\u1ec3n khai k\u00e8m XWorm \u2013 m\u1ed9t trojan truy c\u1eadp t\u1eeb xa d\u1ea1ng m\u00f4-\u0111un. XWorm c\u00f3 kh\u1ea3 n\u0103ng ti\u00eam m\u00e3 v\u00e0o ti\u1ebfn tr\u00ecnh h\u1ec7 th\u1ed1ng, \u1ea9n ho\u1ea1t \u0111\u1ed9ng b\u1eb1ng k\u1ef9 thu\u1eadt PE hollowing, t\u1ef1 nh\u00e2n b\u1ea3n v\u00e0 di chuy\u1ec3n ngang trong m\u1ea1ng n\u1ed9i b\u1ed9. Chu\u1ed7i l\u00e2y nhi\u1ec5m \u0111\u01b0\u1ee3c thi\u1ebft k\u1ebf nhi\u1ec1u t\u1ea7ng v\u1edbi c\u00e1c t\u1ec7p ng\u1ee5y trang tinh vi, t\u1eeb file gi\u1ea3 m\u1ea1o \u1ee9ng d\u1ee5ng, t\u00e0i li\u1ec7u Office, PDF cho \u0111\u1ebfn script Python \u0111\u01b0\u1ee3c m\u00e3 h\u00f3a v\u00e0 th\u1ef1c thi tr\u1ef1c ti\u1ebfp trong b\u1ed9 nh\u1edb nh\u1eb1m n\u00e9 tr\u00e1nh ph\u00e2n t\u00edch b\u1ea3o m\u1eadt.<\/p>\n

Giai \u0111o\u1ea1n cu\u1ed1i c\u1ee7a cu\u1ed9c t\u1ea5n c\u00f4ng s\u1eed d\u1ee5ng m\u1ed9t tr\u00ecnh t\u1ea3i payload \u0111\u1ec3 ti\u00eam Noodlophile (v\u00e0 t\u00f9y ch\u1ecdn th\u00eam XWorm) tr\u1ef1c ti\u1ebfp v\u00e0o b\u1ed9 nh\u1edb, gi\u00fap m\u00e3 \u0111\u1ed9c ho\u1ea1t \u0111\u1ed9ng \u00e2m th\u1ea7m m\u00e0 kh\u00f4ng \u0111\u1ec3 l\u1ea1i d\u1ea5u v\u1ebft tr\u00ean \u1ed5 \u0111\u0129a. C\u00e1c d\u1ea5u hi\u1ec7u cho th\u1ea5y chi\u1ebfn d\u1ecbch c\u00f3 th\u1ec3 li\u00ean quan t\u1edbi m\u00f4 h\u00ecnh malware-as-a-service, nhi\u1ec1u kh\u1ea3 n\u0103ng xu\u1ea5t ph\u00e1t t\u1eeb m\u1ed9t t\u00e1c nh\u00e2n n\u00f3i ti\u1ebfng Vi\u1ec7t ho\u1ea1t \u0111\u1ed9ng tr\u00ean ch\u1ee3 \u0111en m\u1ea1ng.<\/p>\n

Tr\u01b0\u1edbc m\u1ed1i \u0111e d\u1ecda n\u00e0y, ng\u01b0\u1eddi d\u00f9ng \u0111\u01b0\u1ee3c khuy\u1ebfn c\u00e1o c\u1ea7n h\u1ebft s\u1ee9c c\u1ea3nh gi\u00e1c v\u1edbi c\u00e1c n\u1ec1n t\u1ea3ng AI mi\u1ec5n ph\u00ed kh\u00f4ng r\u00f5 ngu\u1ed3n g\u1ed1c, \u0111\u1eb7c bi\u1ec7t l\u00e0 nh\u1eefng d\u1ecbch v\u1ee5 y\u00eau c\u1ea7u t\u1ea3i v\u1ec1 t\u1ec7p th\u1ef1c thi. Vi\u1ec7c ki\u1ec3m tra k\u1ef9 ngu\u1ed3n g\u1ed1c, \u0111\u1ecbnh d\u1ea1ng t\u1ec7p v\u00e0 tr\u00e1nh ch\u1ea1y file .exe t\u1eeb c\u00e1c trang web kh\u00f4ng \u0111\u00e1ng tin c\u1eady l\u00e0 y\u1ebfu t\u1ed1 then ch\u1ed1t \u0111\u1ec3 gi\u1ea3m nguy c\u01a1 b\u1ecb \u0111\u00e1nh c\u1eafp d\u1eef li\u1ec7u v\u00e0 x\u00e2m nh\u1eadp h\u1ec7 th\u1ed1ng.<\/p>\n","protected":false},"excerpt":{"rendered":"

M\u1ed9t chi\u1ebfn d\u1ecbch t\u1ea5n c\u00f4ng m\u1ea1ng tinh vi m\u1edbi \u0111ang l\u1ee3i d\u1ee5ng l\u00e0n s\u00f3ng quan t\u00e2m t\u1edbi tr\u00ed tu\u1ec7 nh\u00e2n t\u1ea1o (AI) \u0111\u1ec3 ph\u00e1t t\u00e1n ph\u1ea7n m\u1ec1m \u0111\u1ed9c h\u1ea1i, trong \u0111\u00f3 n\u1ed5i b\u1eadt l\u00e0 m\u00e3 \u0111\u1ed9c \u0111\u00e1nh c\u1eafp th\u00f4ng tin Noodlophile Stealer ch\u01b0a t\u1eebng \u0111\u01b0\u1ee3c ghi nh\u1eadn tr\u01b0\u1edbc \u0111\u00e2y, k\u1ebft h\u1ee3p v\u1edbi trojan truy c\u1eadp […]<\/p>\n","protected":false},"author":46,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[33],"tags":[],"class_list":["post-10358","post","type-post","status-publish","format-standard","hentry","category-tin-tuc-cua-vien"],"_links":{"self":[{"href":"https:\/\/infosec.new88088.net\/wp-json\/wp\/v2\/posts\/10358","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/infosec.new88088.net\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/infosec.new88088.net\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/infosec.new88088.net\/wp-json\/wp\/v2\/users\/46"}],"replies":[{"embeddable":true,"href":"https:\/\/infosec.new88088.net\/wp-json\/wp\/v2\/comments?post=10358"}],"version-history":[{"count":0,"href":"https:\/\/infosec.new88088.net\/wp-json\/wp\/v2\/posts\/10358\/revisions"}],"wp:attachment":[{"href":"https:\/\/infosec.new88088.net\/wp-json\/wp\/v2\/media?parent=10358"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/infosec.new88088.net\/wp-json\/wp\/v2\/categories?post=10358"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/infosec.new88088.net\/wp-json\/wp\/v2\/tags?post=10358"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}