{"id":5797,"date":"2026-04-11T17:28:31","date_gmt":"2026-04-11T10:28:31","guid":{"rendered":"https:\/\/chongluadao.vn\/blog\/?p=5797"},"modified":"2026-04-11T17:28:32","modified_gmt":"2026-04-11T10:28:32","slug":"malware-as-a-service-maas-khi-toi-pham-mang-tro-thanh-mot-dich-vu-chuyen-nghiep","status":"publish","type":"post","link":"https:\/\/chongluadao.vn\/blog\/en\/2026\/04\/malware-as-a-service-maas-khi-toi-pham-mang-tro-thanh-mot-dich-vu-chuyen-nghiep\/","title":{"rendered":"Malware-as-a-Service (MaaS): When cybercrime becomes a professional &quot;service&quot;."},"content":{"rendered":"<p>Did you know that today, someone who doesn&#039;t know a single line of code can launch a sophisticated cyberattack targeting a multi-million dollar business? No programming skills required. No security knowledge needed. Just\u2026 money and a link to the dark web.<\/p>\n\n\n<style>.wp-block-kadence-advancedheading.kt-adv-heading5797_38df22-55, .wp-block-kadence-advancedheading.kt-adv-heading5797_38df22-55[data-kb-block=\"kb-adv-heading5797_38df22-55\"]{font-style:normal;}.wp-block-kadence-advancedheading.kt-adv-heading5797_38df22-55 mark.kt-highlight, .wp-block-kadence-advancedheading.kt-adv-heading5797_38df22-55[data-kb-block=\"kb-adv-heading5797_38df22-55\"] mark.kt-highlight{font-style:normal;color:#dc3545;-webkit-box-decoration-break:clone;box-decoration-break:clone;padding-top:0px;padding-right:0px;padding-bottom:0px;padding-left:0px;}.wp-block-kadence-advancedheading.kt-adv-heading5797_38df22-55 img.kb-inline-image, .wp-block-kadence-advancedheading.kt-adv-heading5797_38df22-55[data-kb-block=\"kb-adv-heading5797_38df22-55\"] img.kb-inline-image{width:150px;vertical-align:baseline;}<\/style>\n<p class=\"kt-adv-heading5797_38df22-55 wp-block-kadence-advancedheading\" data-kb-block=\"kb-adv-heading5797_38df22-55\">That&#039;s the terrifying reality that the model <strong><mark true=\"true\" class=\"kt-highlight\">Malware-as-a-Service<\/mark><\/strong> (MaaS) has created, and it is completely changing the face of cybercrime worldwide, including in Vietnam. <a href=\"http:\/\/chongluadao.vn\/blog\/en\/\"><strong>Anti-Phishing<\/strong><\/a> Learn about this model of professional crime.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">What is MaaS? In the simplest terms.<\/h2>\n\n\n\n<p>If you&#039;ve ever used Netflix, Spotify, or Google Workspace, you&#039;re probably familiar with this model. <strong>SaaS (Software-as-a-Service)<\/strong>: Pay a monthly fee and use someone else&#039;s software without having to build or maintain it yourself.<\/p>\n\n\n<style>.wp-block-kadence-advancedheading.kt-adv-heading5797_f7cea9-d4, .wp-block-kadence-advancedheading.kt-adv-heading5797_f7cea9-d4[data-kb-block=\"kb-adv-heading5797_f7cea9-d4\"]{font-style:normal;}.wp-block-kadence-advancedheading.kt-adv-heading5797_f7cea9-d4 mark.kt-highlight, .wp-block-kadence-advancedheading.kt-adv-heading5797_f7cea9-d4[data-kb-block=\"kb-adv-heading5797_f7cea9-d4\"] mark.kt-highlight{font-style:normal;color:#dc3545;-webkit-box-decoration-break:clone;box-decoration-break:clone;padding-top:0px;padding-right:0px;padding-bottom:0px;padding-left:0px;}.wp-block-kadence-advancedheading.kt-adv-heading5797_f7cea9-d4 img.kb-inline-image, .wp-block-kadence-advancedheading.kt-adv-heading5797_f7cea9-d4[data-kb-block=\"kb-adv-heading5797_f7cea9-d4\"] img.kb-inline-image{width:150px;vertical-align:baseline;}<\/style>\n<p class=\"kt-adv-heading5797_f7cea9-d4 wp-block-kadence-advancedheading\" data-kb-block=\"kb-adv-heading5797_f7cea9-d4\"><strong><mark true=\"true\" class=\"kt-highlight\">Malware-as-a-Service (MaaS)<\/mark> <\/strong>It works exactly the same way. But instead of movies or office supplies, what&#039;s being &quot;rented&quot; here is... <strong><mark true=\"true\" class=\"kt-highlight\">malware<\/mark><\/strong><mark true=\"true\" class=\"kt-highlight\"><strong> (malware)<\/strong><\/mark> and the entire infrastructure needed to launch a cyberattack.<\/p>\n\n\n\n<p>To be more specific: MaaS is a business model in the underground world where highly skilled hackers develop, package, and rent out cyberattack tools, along with user manuals, 24\/7 technical support, and sometimes even a &quot;money-back guarantee if you&#039;re not satisfied.&quot;\u201c<\/p>\n\n\n\n<p>In the Maas model, the buyer simply pays a fee, receives the tools, and is free to attack any target they want. <\/p>\n\n\n\n<h2 class=\"wp-block-heading\">MaaS operating model<\/h2>\n\n\n\n<p>To understand how MaaS works, imagine it as a software company\u2026 but operating entirely in the shadows.<\/p>\n\n\n\n<p><strong>MaaS Operators<\/strong> These are organized hacker groups, usually consisting of:<\/p>\n\n\n<style>.wp-block-kadence-iconlist.kt-svg-icon-list-items5797_0f3e37-19:not(.this-stops-third-party-issues){margin-top:0px;margin-bottom:0px;}.wp-block-kadence-iconlist.kt-svg-icon-list-items5797_0f3e37-19 ul.kt-svg-icon-list:not(.this-prevents-issues):not(.this-stops-third-party-issues):not(.tijsloc){margin-top:0px;margin-right:0px;margin-bottom:var(--global-kb-spacing-sm, 1.5rem);margin-left:0px;}.wp-block-kadence-iconlist.kt-svg-icon-list-items5797_0f3e37-19 ul.kt-svg-icon-list{grid-row-gap:5px;}.wp-block-kadence-iconlist.kt-svg-icon-list-items5797_0f3e37-19 ul.kt-svg-icon-list .kt-svg-icon-list-item-wrap .kt-svg-icon-list-single{margin-right:10px;}.kt-svg-icon-list-items5797_0f3e37-19 ul.kt-svg-icon-list .kt-svg-icon-list-level-0 .kt-svg-icon-list-single svg{font-size:20px;}<\/style>\n<div class=\"wp-block-kadence-iconlist kt-svg-icon-list-items kt-svg-icon-list-items5797_0f3e37-19 kt-svg-icon-list-columns-1 alignnone\"><ul class=\"kt-svg-icon-list\"><style>.kt-svg-icon-list-item-5797_cf67d4-95 .kt-svg-icon-list-text mark.kt-highlight{background-color:unset;font-style:normal;color:#f76a0c;-webkit-box-decoration-break:clone;box-decoration-break:clone;padding-top:0px;padding-right:0px;padding-bottom:0px;padding-left:0px;}<\/style>\n<li class=\"wp-block-kadence-listitem kt-svg-icon-list-item-wrap kt-svg-icon-list-item-5797_cf67d4-95 kt-svg-icon-list-level-1\"><span class=\"kb-svg-icon-wrap kb-svg-icon-fe_arrowRight kt-svg-icon-list-single\"><svg viewbox=\"0 0 24 24\"  fill=\"none\" stroke=\"currentColor\" stroke-width=\"2\" stroke-linecap=\"round\" stroke-linejoin=\"round\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\"  aria-hidden=\"true\"><line x1=\"5\" y1=\"12\" x2=\"19\" y2=\"12\"\/><polyline points=\"12 5 19 12 12 19\"\/><\/svg><\/span><span class=\"kt-svg-icon-list-text\"><strong>Malware programmer<\/strong>: writing and maintaining malware<\/span><\/li>\n\n\n<style>.kt-svg-icon-list-item-5797_fe49ae-97 .kt-svg-icon-list-text mark.kt-highlight{background-color:unset;font-style:normal;color:#f76a0c;-webkit-box-decoration-break:clone;box-decoration-break:clone;padding-top:0px;padding-right:0px;padding-bottom:0px;padding-left:0px;}<\/style>\n<li class=\"wp-block-kadence-listitem kt-svg-icon-list-item-wrap kt-svg-icon-list-item-5797_fe49ae-97 kt-svg-icon-list-level-1\"><span class=\"kb-svg-icon-wrap kb-svg-icon-fe_arrowRight kt-svg-icon-list-single\"><svg viewbox=\"0 0 24 24\"  fill=\"none\" stroke=\"currentColor\" stroke-width=\"2\" stroke-linecap=\"round\" stroke-linejoin=\"round\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\"  aria-hidden=\"true\"><line x1=\"5\" y1=\"12\" x2=\"19\" y2=\"12\"\/><polyline points=\"12 5 19 12 12 19\"\/><\/svg><\/span><span class=\"kt-svg-icon-list-text\"><strong>System Management<\/strong>: maintain attack infrastructure<\/span><\/li>\n\n\n<style>.kt-svg-icon-list-item-5797_fc5ec3-95 .kt-svg-icon-list-text mark.kt-highlight{background-color:unset;font-style:normal;color:#f76a0c;-webkit-box-decoration-break:clone;box-decoration-break:clone;padding-top:0px;padding-right:0px;padding-bottom:0px;padding-left:0px;}<\/style>\n<li class=\"wp-block-kadence-listitem kt-svg-icon-list-item-wrap kt-svg-icon-list-item-5797_fc5ec3-95 kt-svg-icon-list-level-1\"><span class=\"kb-svg-icon-wrap kb-svg-icon-fe_arrowRight kt-svg-icon-list-single\"><svg viewbox=\"0 0 24 24\"  fill=\"none\" stroke=\"currentColor\" stroke-width=\"2\" stroke-linecap=\"round\" stroke-linejoin=\"round\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\"  aria-hidden=\"true\"><line x1=\"5\" y1=\"12\" x2=\"19\" y2=\"12\"\/><polyline points=\"12 5 19 12 12 19\"\/><\/svg><\/span><span class=\"kt-svg-icon-list-text\"><strong>Support staff<\/strong>Answering customer questions via Telegram or dark web forums.<\/span><\/li>\n\n\n<style>.kt-svg-icon-list-item-5797_7a3b68-b5 .kt-svg-icon-list-text mark.kt-highlight{background-color:unset;font-style:normal;color:#f76a0c;-webkit-box-decoration-break:clone;box-decoration-break:clone;padding-top:0px;padding-right:0px;padding-bottom:0px;padding-left:0px;}<\/style>\n<li class=\"wp-block-kadence-listitem kt-svg-icon-list-item-wrap kt-svg-icon-list-item-5797_7a3b68-b5 kt-svg-icon-list-level-1\"><span class=\"kb-svg-icon-wrap kb-svg-icon-fe_arrowRight kt-svg-icon-list-single\"><svg viewbox=\"0 0 24 24\"  fill=\"none\" stroke=\"currentColor\" stroke-width=\"2\" stroke-linecap=\"round\" stroke-linejoin=\"round\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\"  aria-hidden=\"true\"><line x1=\"5\" y1=\"12\" x2=\"19\" y2=\"12\"\/><polyline points=\"12 5 19 12 12 19\"\/><\/svg><\/span><span class=\"kt-svg-icon-list-text\"><strong>Manage<\/strong>: coordinating activities and resolving disputes<\/span><\/li>\n<\/ul><\/div>\n\n\n\n<p><strong>Affiliates (Partners\/Customers)<\/strong> They are the ones who hire the service. They don&#039;t need to know how to code; they just need money to buy the &quot;attack kit&quot; and a target in mind.<\/p>\n\n\n\n<p>All transactions took place on <a href=\"https:\/\/en.wikipedia.org\/wiki\/Dark_web\" target=\"_blank\" rel=\"noreferrer noopener\">dark web<\/a>, payment by <a href=\"https:\/\/en.wikipedia.org\/wiki\/Digital_currency\" target=\"_blank\" rel=\"noreferrer noopener\">cryptocurrency<\/a> To conceal their identities, MaaS operators offer a variety of flexible payment options:<\/p>\n\n\n<style>.wp-block-kadence-iconlist.kt-svg-icon-list-items5797_105c45-e4:not(.this-stops-third-party-issues){margin-top:0px;margin-bottom:0px;}.wp-block-kadence-iconlist.kt-svg-icon-list-items5797_105c45-e4 ul.kt-svg-icon-list:not(.this-prevents-issues):not(.this-stops-third-party-issues):not(.tijsloc){margin-top:0px;margin-right:0px;margin-bottom:var(--global-kb-spacing-sm, 1.5rem);margin-left:0px;}.wp-block-kadence-iconlist.kt-svg-icon-list-items5797_105c45-e4 ul.kt-svg-icon-list{grid-row-gap:5px;}.wp-block-kadence-iconlist.kt-svg-icon-list-items5797_105c45-e4 .kb-svg-icon-wrap{color:#dc3545;}.wp-block-kadence-iconlist.kt-svg-icon-list-items5797_105c45-e4 ul.kt-svg-icon-list .kt-svg-icon-list-item-wrap .kt-svg-icon-list-single{margin-right:10px;}.kt-svg-icon-list-items5797_105c45-e4 ul.kt-svg-icon-list .kt-svg-icon-list-level-0 .kt-svg-icon-list-single svg{font-size:20px;}<\/style>\n<div class=\"wp-block-kadence-iconlist kt-svg-icon-list-items kt-svg-icon-list-items5797_105c45-e4 kt-svg-icon-list-columns-1 alignnone kt-list-icon-aligntop\"><ul class=\"kt-svg-icon-list\"><style>.kt-svg-icon-list-item-5797_8a8d17-e0 .kt-svg-icon-list-text mark.kt-highlight{background-color:unset;font-style:normal;color:#f76a0c;-webkit-box-decoration-break:clone;box-decoration-break:clone;padding-top:0px;padding-right:0px;padding-bottom:0px;padding-left:0px;}<\/style>\n<li class=\"wp-block-kadence-listitem kt-svg-icon-list-item-wrap kt-svg-icon-list-item-5797_8a8d17-e0 kt-svg-icon-list-level-1\"><span class=\"kb-svg-icon-wrap kb-svg-icon-fas_money-bill kt-svg-icon-list-single\"><svg viewbox=\"0 0 640 512\"  fill=\"currentColor\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\"  aria-hidden=\"true\"><path d=\"M608 64H32C14.33 64 0 78.33 0 96v320c0 17.67 14.33 32 32 32h576c17.67 0 32-14.33 32-32V96c0-17.67-14.33-32-32-32zM48 400v-64c35.35 0 64 28.65 64 64H48zm0-224v-64h64c0 35.35-28.65 64-64 64zm272 176c-44.19 0-80-42.99-80-96 0-53.02 35.82-96 80-96s80 42.98 80 96c0 53.03-35.83 96-80 96zm272 48h-64c0-35.35 28.65-64 64-64v64zm0-224c-35.35 0-64-28.65-64-64h64v64z\"\/><\/svg><\/span><span class=\"kt-svg-icon-list-text\"><strong>One-off purchase:<\/strong> Pay a fixed amount and own the hacking tool permanently. This is usually applied to lower-tier tools or when a new version is released.<\/span><\/li>\n\n\n<style>.kt-svg-icon-list-item-5797_056f4f-be .kt-svg-icon-list-text mark.kt-highlight{background-color:unset;font-style:normal;color:#f76a0c;-webkit-box-decoration-break:clone;box-decoration-break:clone;padding-top:0px;padding-right:0px;padding-bottom:0px;padding-left:0px;}<\/style>\n<li class=\"wp-block-kadence-listitem kt-svg-icon-list-item-wrap kt-svg-icon-list-item-5797_056f4f-be kt-svg-icon-list-level-1\"><span class=\"kb-svg-icon-wrap kb-svg-icon-fas_money-bill kt-svg-icon-list-single\"><svg viewbox=\"0 0 640 512\"  fill=\"currentColor\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\"  aria-hidden=\"true\"><path d=\"M608 64H32C14.33 64 0 78.33 0 96v320c0 17.67 14.33 32 32 32h576c17.67 0 32-14.33 32-32V96c0-17.67-14.33-32-32-32zM48 400v-64c35.35 0 64 28.65 64 64H48zm0-224v-64h64c0 35.35-28.65 64-64 64zm272 176c-44.19 0-80-42.99-80-96 0-53.02 35.82-96 80-96s80 42.98 80 96c0 53.03-35.83 96-80 96zm272 48h-64c0-35.35 28.65-64 64-64v64zm0-224c-35.35 0-64-28.65-64-64h64v64z\"\/><\/svg><\/span><span class=\"kt-svg-icon-list-text\"><strong>Monthly\/Annual Subscription:<\/strong> The most common types include infostealers, keyloggers, and phishing kits. Fees typically range from $150\u2013$1,000 per month, including the tools, management dashboard, and regular updates.<\/span><\/li>\n\n\n<style>.kt-svg-icon-list-item-5797_a717c9-41 .kt-svg-icon-list-text mark.kt-highlight{background-color:unset;font-style:normal;color:#f76a0c;-webkit-box-decoration-break:clone;box-decoration-break:clone;padding-top:0px;padding-right:0px;padding-bottom:0px;padding-left:0px;}<\/style>\n<li class=\"wp-block-kadence-listitem kt-svg-icon-list-item-wrap kt-svg-icon-list-item-5797_a717c9-41 kt-svg-icon-list-level-1\"><span class=\"kb-svg-icon-wrap kb-svg-icon-fas_money-bill kt-svg-icon-list-single\"><svg viewbox=\"0 0 640 512\"  fill=\"currentColor\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\"  aria-hidden=\"true\"><path d=\"M608 64H32C14.33 64 0 78.33 0 96v320c0 17.67 14.33 32 32 32h576c17.67 0 32-14.33 32-32V96c0-17.67-14.33-32-32-32zM48 400v-64c35.35 0 64 28.65 64 64H48zm0-224v-64h64c0 35.35-28.65 64-64 64zm272 176c-44.19 0-80-42.99-80-96 0-53.02 35.82-96 80-96s80 42.98 80 96c0 53.03-35.83 96-80 96zm272 48h-64c0-35.35 28.65-64 64-64v64zm0-224c-35.35 0-64-28.65-64-64h64v64z\"\/><\/svg><\/span><span class=\"kt-svg-icon-list-text\"><strong>Revenue Share<\/strong>This is a typical model of <strong>Ransomware-as-a-Service (RaaS)<\/strong>. Instead of collecting upfront fees, the operator receives 10\u201330% in ransom from each successful attack. The affiliate retains 70\u201390%, but is only paid upon successful completion of the attack. Therefore, the operator has an incentive to provide the highest quality malware.<\/span><\/li>\n<\/ul><\/div>\n\n\n\n<figure class=\"wp-block-image size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"2752\" height=\"1536\" src=\"https:\/\/chongluadao.vn\/blog\/wp-content\/uploads\/2026\/04\/unnamed-26.png\" alt=\"MaaS: \u0110\u1ebf ch\u1ebf t\u1ed9i ph\u1ea1m 4.0\" class=\"wp-image-5799\"\/><\/figure>\n\n\n\n<h2 class=\"wp-block-heading\">Why are MaaS so dangerous?<\/h2>\n\n\n<style>.wp-block-kadence-iconlist.kt-svg-icon-list-items5797_6c9f24-8a:not(.this-stops-third-party-issues){margin-top:0px;margin-bottom:0px;}.wp-block-kadence-iconlist.kt-svg-icon-list-items5797_6c9f24-8a ul.kt-svg-icon-list:not(.this-prevents-issues):not(.this-stops-third-party-issues):not(.tijsloc){margin-top:0px;margin-right:0px;margin-bottom:var(--global-kb-spacing-sm, 1.5rem);margin-left:0px;}.wp-block-kadence-iconlist.kt-svg-icon-list-items5797_6c9f24-8a ul.kt-svg-icon-list{grid-row-gap:5px;}.wp-block-kadence-iconlist.kt-svg-icon-list-items5797_6c9f24-8a .kb-svg-icon-wrap{color:#dc3545;}.wp-block-kadence-iconlist.kt-svg-icon-list-items5797_6c9f24-8a ul.kt-svg-icon-list .kt-svg-icon-list-item-wrap .kt-svg-icon-list-single{margin-right:10px;}.kt-svg-icon-list-items5797_6c9f24-8a ul.kt-svg-icon-list .kt-svg-icon-list-level-0 .kt-svg-icon-list-single svg{font-size:20px;}<\/style>\n<div class=\"wp-block-kadence-iconlist kt-svg-icon-list-items kt-svg-icon-list-items5797_6c9f24-8a kt-svg-icon-list-columns-1 alignnone\"><ul class=\"kt-svg-icon-list\"><style>.kt-svg-icon-list-item-5797_64695a-42 .kt-svg-icon-list-text mark.kt-highlight{background-color:unset;font-style:normal;color:#dc3545;-webkit-box-decoration-break:clone;box-decoration-break:clone;padding-top:0px;padding-right:0px;padding-bottom:0px;padding-left:0px;}<\/style>\n<li class=\"wp-block-kadence-listitem kt-svg-icon-list-item-wrap kt-svg-icon-list-item-5797_64695a-42\"><span class=\"kb-svg-icon-wrap kb-svg-icon-fe_alertTriangle kt-svg-icon-list-single\"><svg viewbox=\"0 0 24 24\"  fill=\"none\" stroke=\"currentColor\" stroke-width=\"2\" stroke-linecap=\"round\" stroke-linejoin=\"round\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\"  aria-hidden=\"true\"><path d=\"M10.29 3.86L1.82 18a2 2 0 0 0 1.71 3h16.94a2 2 0 0 0 1.71-3L13.71 3.86a2 2 0 0 0-3.42 0z\"\/><line x1=\"12\" y1=\"9\" x2=\"12\" y2=\"13\"\/><line x1=\"12\" y1=\"17\" x2=\"12\" y2=\"17\"\/><\/svg><\/span><span class=\"kt-svg-icon-list-text\"><strong><mark true=\"true\" class=\"kt-highlight\">Democratizing cybercrime<\/mark><\/strong><\/span><\/li>\n\n\n<style>.kt-svg-icon-list-item-5797_e4b792-14 .kt-svg-icon-list-text mark.kt-highlight{background-color:unset;font-style:normal;color:#f76a0c;-webkit-box-decoration-break:clone;box-decoration-break:clone;padding-top:0px;padding-right:0px;padding-bottom:0px;padding-left:0px;}<\/style>\n<li class=\"wp-block-kadence-listitem kt-svg-icon-list-item-wrap kt-svg-icon-list-item-5797_e4b792-14 kt-svg-icon-list-level-1\"><span class=\"kb-svg-icon-wrap kb-svg-icon-fe_arrowRight kt-svg-icon-list-single\"><svg viewbox=\"0 0 24 24\"  fill=\"none\" stroke=\"currentColor\" stroke-width=\"2\" stroke-linecap=\"round\" stroke-linejoin=\"round\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\"  aria-hidden=\"true\"><line x1=\"5\" y1=\"12\" x2=\"19\" y2=\"12\"\/><polyline points=\"12 5 19 12 12 19\"\/><\/svg><\/span><span class=\"kt-svg-icon-list-text\">MaaS has broken down the technical barriers for cybercriminals.<\/span><\/li>\n\n\n<style>.kt-svg-icon-list-item-5797_78785d-de .kt-svg-icon-list-text mark.kt-highlight{background-color:unset;font-style:normal;color:#f76a0c;-webkit-box-decoration-break:clone;box-decoration-break:clone;padding-top:0px;padding-right:0px;padding-bottom:0px;padding-left:0px;}<\/style>\n<li class=\"wp-block-kadence-listitem kt-svg-icon-list-item-wrap kt-svg-icon-list-item-5797_78785d-de kt-svg-icon-list-level-1\"><span class=\"kb-svg-icon-wrap kb-svg-icon-fe_arrowRight kt-svg-icon-list-single\"><svg viewbox=\"0 0 24 24\"  fill=\"none\" stroke=\"currentColor\" stroke-width=\"2\" stroke-linecap=\"round\" stroke-linejoin=\"round\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\"  aria-hidden=\"true\"><line x1=\"5\" y1=\"12\" x2=\"19\" y2=\"12\"\/><polyline points=\"12 5 19 12 12 19\"\/><\/svg><\/span><span class=\"kt-svg-icon-list-text\">Someone with no programming knowledge can now launch an enterprise-level attack in just a few hours, with an initial cost of a few hundred dollars.<\/span><\/li>\n\n\n<style>.kt-svg-icon-list-item-5797_1f4648-80 .kt-svg-icon-list-text mark.kt-highlight{background-color:unset;font-style:normal;color:#dc3545;-webkit-box-decoration-break:clone;box-decoration-break:clone;padding-top:0px;padding-right:0px;padding-bottom:0px;padding-left:0px;}<\/style>\n<li class=\"wp-block-kadence-listitem kt-svg-icon-list-item-wrap kt-svg-icon-list-item-5797_1f4648-80\"><span class=\"kb-svg-icon-wrap kb-svg-icon-fe_alertTriangle kt-svg-icon-list-single\"><svg viewbox=\"0 0 24 24\"  fill=\"none\" stroke=\"currentColor\" stroke-width=\"2\" stroke-linecap=\"round\" stroke-linejoin=\"round\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\"  aria-hidden=\"true\"><path d=\"M10.29 3.86L1.82 18a2 2 0 0 0 1.71 3h16.94a2 2 0 0 0 1.71-3L13.71 3.86a2 2 0 0 0-3.42 0z\"\/><line x1=\"12\" y1=\"9\" x2=\"12\" y2=\"13\"\/><line x1=\"12\" y1=\"17\" x2=\"12\" y2=\"17\"\/><\/svg><\/span><span class=\"kt-svg-icon-list-text\"><strong><mark true=\"true\" class=\"kt-highlight\">Scale and speed of escalation<\/mark><\/strong><\/span><\/li>\n\n\n<style>.kt-svg-icon-list-item-5797_639deb-78 .kt-svg-icon-list-text mark.kt-highlight{background-color:unset;font-style:normal;color:#f76a0c;-webkit-box-decoration-break:clone;box-decoration-break:clone;padding-top:0px;padding-right:0px;padding-bottom:0px;padding-left:0px;}<\/style>\n<li class=\"wp-block-kadence-listitem kt-svg-icon-list-item-wrap kt-svg-icon-list-item-5797_639deb-78 kt-svg-icon-list-level-1\"><span class=\"kb-svg-icon-wrap kb-svg-icon-fe_arrowRight kt-svg-icon-list-single\"><svg viewbox=\"0 0 24 24\"  fill=\"none\" stroke=\"currentColor\" stroke-width=\"2\" stroke-linecap=\"round\" stroke-linejoin=\"round\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\"  aria-hidden=\"true\"><line x1=\"5\" y1=\"12\" x2=\"19\" y2=\"12\"\/><polyline points=\"12 5 19 12 12 19\"\/><\/svg><\/span><span class=\"kt-svg-icon-list-text\">When attack tools are standardized and distributed on a massive scale, the number of attacks increases exponentially.<\/span><\/li>\n\n\n<style>.kt-svg-icon-list-item-5797_482d29-05 .kt-svg-icon-list-text mark.kt-highlight{background-color:unset;font-style:normal;color:#f76a0c;-webkit-box-decoration-break:clone;box-decoration-break:clone;padding-top:0px;padding-right:0px;padding-bottom:0px;padding-left:0px;}<\/style>\n<li class=\"wp-block-kadence-listitem kt-svg-icon-list-item-wrap kt-svg-icon-list-item-5797_482d29-05 kt-svg-icon-list-level-1\"><span class=\"kb-svg-icon-wrap kb-svg-icon-fe_arrowRight kt-svg-icon-list-single\"><svg viewbox=\"0 0 24 24\"  fill=\"none\" stroke=\"currentColor\" stroke-width=\"2\" stroke-linecap=\"round\" stroke-linejoin=\"round\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\"  aria-hidden=\"true\"><line x1=\"5\" y1=\"12\" x2=\"19\" y2=\"12\"\/><polyline points=\"12 5 19 12 12 19\"\/><\/svg><\/span><span class=\"kt-svg-icon-list-text\">The same malware can be used by dozens or hundreds of affiliates simultaneously to attack thousands of targets at the same time.<\/span><\/li>\n\n\n<style>.kt-svg-icon-list-item-5797_272f69-6a .kt-svg-icon-list-text mark.kt-highlight{background-color:unset;font-style:normal;color:#dc3545;-webkit-box-decoration-break:clone;box-decoration-break:clone;padding-top:0px;padding-right:0px;padding-bottom:0px;padding-left:0px;}<\/style>\n<li class=\"wp-block-kadence-listitem kt-svg-icon-list-item-wrap kt-svg-icon-list-item-5797_272f69-6a\"><span class=\"kb-svg-icon-wrap kb-svg-icon-fe_alertTriangle kt-svg-icon-list-single\"><svg viewbox=\"0 0 24 24\"  fill=\"none\" stroke=\"currentColor\" stroke-width=\"2\" stroke-linecap=\"round\" stroke-linejoin=\"round\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\"  aria-hidden=\"true\"><path d=\"M10.29 3.86L1.82 18a2 2 0 0 0 1.71 3h16.94a2 2 0 0 0 1.71-3L13.71 3.86a2 2 0 0 0-3.42 0z\"\/><line x1=\"12\" y1=\"9\" x2=\"12\" y2=\"13\"\/><line x1=\"12\" y1=\"17\" x2=\"12\" y2=\"17\"\/><\/svg><\/span><span class=\"kt-svg-icon-list-text\"><strong><mark true=\"true\" class=\"kt-highlight\">Difficult to trace and assign blame<\/mark><\/strong><\/span><\/li>\n\n\n<style>.kt-svg-icon-list-item-5797_ed464b-bc .kt-svg-icon-list-text mark.kt-highlight{background-color:unset;font-style:normal;color:#f76a0c;-webkit-box-decoration-break:clone;box-decoration-break:clone;padding-top:0px;padding-right:0px;padding-bottom:0px;padding-left:0px;}<\/style>\n<li class=\"wp-block-kadence-listitem kt-svg-icon-list-item-wrap kt-svg-icon-list-item-5797_ed464b-bc kt-svg-icon-list-level-1\"><span class=\"kb-svg-icon-wrap kb-svg-icon-fe_arrowRight kt-svg-icon-list-single\"><svg viewbox=\"0 0 24 24\"  fill=\"none\" stroke=\"currentColor\" stroke-width=\"2\" stroke-linecap=\"round\" stroke-linejoin=\"round\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\"  aria-hidden=\"true\"><line x1=\"5\" y1=\"12\" x2=\"19\" y2=\"12\"\/><polyline points=\"12 5 19 12 12 19\"\/><\/svg><\/span><span class=\"kt-svg-icon-list-text\">MaaS creates a barrier between the malware creator and the attacker. When an affiliate is caught, the operator can continue operating.<\/span><\/li>\n\n\n<style>.kt-svg-icon-list-item-5797_be6bcc-37 .kt-svg-icon-list-text mark.kt-highlight{background-color:unset;font-style:normal;color:#f76a0c;-webkit-box-decoration-break:clone;box-decoration-break:clone;padding-top:0px;padding-right:0px;padding-bottom:0px;padding-left:0px;}<\/style>\n<li class=\"wp-block-kadence-listitem kt-svg-icon-list-item-wrap kt-svg-icon-list-item-5797_be6bcc-37 kt-svg-icon-list-level-1\"><span class=\"kb-svg-icon-wrap kb-svg-icon-fe_arrowRight kt-svg-icon-list-single\"><svg viewbox=\"0 0 24 24\"  fill=\"none\" stroke=\"currentColor\" stroke-width=\"2\" stroke-linecap=\"round\" stroke-linejoin=\"round\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\"  aria-hidden=\"true\"><line x1=\"5\" y1=\"12\" x2=\"19\" y2=\"12\"\/><polyline points=\"12 5 19 12 12 19\"\/><\/svg><\/span><span class=\"kt-svg-icon-list-text\">When the service provider is shut down, hundreds of affiliates can switch to another service immediately.<\/span><\/li>\n\n\n<style>.kt-svg-icon-list-item-5797_bbb03a-b9 .kt-svg-icon-list-text mark.kt-highlight{background-color:unset;font-style:normal;color:#f76a0c;-webkit-box-decoration-break:clone;box-decoration-break:clone;padding-top:0px;padding-right:0px;padding-bottom:0px;padding-left:0px;}<\/style>\n<li class=\"wp-block-kadence-listitem kt-svg-icon-list-item-wrap kt-svg-icon-list-item-5797_bbb03a-b9 kt-svg-icon-list-level-1\"><span class=\"kb-svg-icon-wrap kb-svg-icon-fe_arrowRight kt-svg-icon-list-single\"><svg viewbox=\"0 0 24 24\"  fill=\"none\" stroke=\"currentColor\" stroke-width=\"2\" stroke-linecap=\"round\" stroke-linejoin=\"round\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\"  aria-hidden=\"true\"><line x1=\"5\" y1=\"12\" x2=\"19\" y2=\"12\"\/><polyline points=\"12 5 19 12 12 19\"\/><\/svg><\/span><span class=\"kt-svg-icon-list-text\">This makes prosecution and prevention extremely complicated.<\/span><\/li>\n\n\n<style>.kt-svg-icon-list-item-5797_5ccbe5-ad .kt-svg-icon-list-text mark.kt-highlight{background-color:unset;font-style:normal;color:#dc3545;-webkit-box-decoration-break:clone;box-decoration-break:clone;padding-top:0px;padding-right:0px;padding-bottom:0px;padding-left:0px;}<\/style>\n<li class=\"wp-block-kadence-listitem kt-svg-icon-list-item-wrap kt-svg-icon-list-item-5797_5ccbe5-ad\"><span class=\"kb-svg-icon-wrap kb-svg-icon-fe_alertTriangle kt-svg-icon-list-single\"><svg viewbox=\"0 0 24 24\"  fill=\"none\" stroke=\"currentColor\" stroke-width=\"2\" stroke-linecap=\"round\" stroke-linejoin=\"round\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\"  aria-hidden=\"true\"><path d=\"M10.29 3.86L1.82 18a2 2 0 0 0 1.71 3h16.94a2 2 0 0 0 1.71-3L13.71 3.86a2 2 0 0 0-3.42 0z\"\/><line x1=\"12\" y1=\"9\" x2=\"12\" y2=\"13\"\/><line x1=\"12\" y1=\"17\" x2=\"12\" y2=\"17\"\/><\/svg><\/span><span class=\"kt-svg-icon-list-text\"><strong><mark true=\"true\" class=\"kt-highlight\">Constant innovation<\/mark><\/strong><\/span><\/li>\n\n\n<style>.kt-svg-icon-list-item-5797_b5e761-3d .kt-svg-icon-list-text mark.kt-highlight{background-color:unset;font-style:normal;color:#f76a0c;-webkit-box-decoration-break:clone;box-decoration-break:clone;padding-top:0px;padding-right:0px;padding-bottom:0px;padding-left:0px;}<\/style>\n<li class=\"wp-block-kadence-listitem kt-svg-icon-list-item-wrap kt-svg-icon-list-item-5797_b5e761-3d kt-svg-icon-list-level-1\"><span class=\"kb-svg-icon-wrap kb-svg-icon-fe_arrowRight kt-svg-icon-list-single\"><svg viewbox=\"0 0 24 24\"  fill=\"none\" stroke=\"currentColor\" stroke-width=\"2\" stroke-linecap=\"round\" stroke-linejoin=\"round\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\"  aria-hidden=\"true\"><line x1=\"5\" y1=\"12\" x2=\"19\" y2=\"12\"\/><polyline points=\"12 5 19 12 12 19\"\/><\/svg><\/span><span class=\"kt-svg-icon-list-text\">Competition among MaaS operators forces them to constantly innovate: avoiding antivirus software, integrating AI to create <strong>polymorphic malware<\/strong> (malware that modifies its structure to avoid detection), and expands to new platforms such as mobile and IoT devices.<\/span><\/li>\n\n\n<style>.kt-svg-icon-list-item-5797_1b2470-e5 .kt-svg-icon-list-text mark.kt-highlight{background-color:unset;font-style:normal;color:#dc3545;-webkit-box-decoration-break:clone;box-decoration-break:clone;padding-top:0px;padding-right:0px;padding-bottom:0px;padding-left:0px;}<\/style>\n<li class=\"wp-block-kadence-listitem kt-svg-icon-list-item-wrap kt-svg-icon-list-item-5797_1b2470-e5\"><span class=\"kb-svg-icon-wrap kb-svg-icon-fe_alertTriangle kt-svg-icon-list-single\"><svg viewbox=\"0 0 24 24\"  fill=\"none\" stroke=\"currentColor\" stroke-width=\"2\" stroke-linecap=\"round\" stroke-linejoin=\"round\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\"  aria-hidden=\"true\"><path d=\"M10.29 3.86L1.82 18a2 2 0 0 0 1.71 3h16.94a2 2 0 0 0 1.71-3L13.71 3.86a2 2 0 0 0-3.42 0z\"\/><line x1=\"12\" y1=\"9\" x2=\"12\" y2=\"13\"\/><line x1=\"12\" y1=\"17\" x2=\"12\" y2=\"17\"\/><\/svg><\/span><span class=\"kt-svg-icon-list-text\"><strong><mark true=\"true\" class=\"kt-highlight\">Targeting critical infrastructure<\/mark><\/strong><\/span><\/li>\n\n\n<style>.kt-svg-icon-list-item-5797_5555ea-44 .kt-svg-icon-list-text mark.kt-highlight{background-color:unset;font-style:normal;color:#f76a0c;-webkit-box-decoration-break:clone;box-decoration-break:clone;padding-top:0px;padding-right:0px;padding-bottom:0px;padding-left:0px;}<\/style>\n<li class=\"wp-block-kadence-listitem kt-svg-icon-list-item-wrap kt-svg-icon-list-item-5797_5555ea-44 kt-svg-icon-list-level-1\"><span class=\"kb-svg-icon-wrap kb-svg-icon-fe_arrowRight kt-svg-icon-list-single\"><svg viewbox=\"0 0 24 24\"  fill=\"none\" stroke=\"currentColor\" stroke-width=\"2\" stroke-linecap=\"round\" stroke-linejoin=\"round\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\"  aria-hidden=\"true\"><line x1=\"5\" y1=\"12\" x2=\"19\" y2=\"12\"\/><polyline points=\"12 5 19 12 12 19\"\/><\/svg><\/span><span class=\"kt-svg-icon-list-text\">According to the FBI, in 2024, critical infrastructure (hospitals, electricity, clean water, finance) was the top target of RaaS groups.<\/span><\/li>\n\n\n<style>.kt-svg-icon-list-item-5797_3c8a7a-57 .kt-svg-icon-list-text mark.kt-highlight{background-color:unset;font-style:normal;color:#f76a0c;-webkit-box-decoration-break:clone;box-decoration-break:clone;padding-top:0px;padding-right:0px;padding-bottom:0px;padding-left:0px;}<\/style>\n<li class=\"wp-block-kadence-listitem kt-svg-icon-list-item-wrap kt-svg-icon-list-item-5797_3c8a7a-57 kt-svg-icon-list-level-1\"><span class=\"kb-svg-icon-wrap kb-svg-icon-fe_arrowRight kt-svg-icon-list-single\"><svg viewbox=\"0 0 24 24\"  fill=\"none\" stroke=\"currentColor\" stroke-width=\"2\" stroke-linecap=\"round\" stroke-linejoin=\"round\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\"  aria-hidden=\"true\"><line x1=\"5\" y1=\"12\" x2=\"19\" y2=\"12\"\/><polyline points=\"12 5 19 12 12 19\"\/><\/svg><\/span><span class=\"kt-svg-icon-list-text\">Top groups like Akira, LockBit, RansomHub, FOG, and PLAY are all RaaS operations.<\/span><\/li>\n<\/ul><\/div>\n\n\n\n<h2 class=\"wp-block-heading\">How can we protect ourselves and our organizations?<\/h2>\n\n\n\n<p>With the rise of &quot;malware service&quot; models, users need to be more vigilant:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Use strong and unique passwords for each account.<\/strong>\n<ul class=\"wp-block-list\">\n<li>Infostealer will be useless if the password is stolen in one place and cannot be used elsewhere.<\/li>\n\n\n\n<li>Use a password manager to create and store complex passwords.<\/li>\n<\/ul>\n<\/li>\n\n\n\n<li><strong>Enable multi-factor authentication (MFA), prioritizing physical security keys or authentication apps.<\/strong>\n<ul class=\"wp-block-list\">\n<li>SMS OTP is no longer secure enough against AiTM attacks.<\/li>\n\n\n\n<li>If possible, use a FIDO2\/WebAuthn security key or at least an authentication app (Google Authenticator, Microsoft Authenticator).<\/li>\n<\/ul>\n<\/li>\n\n\n\n<li><strong>Be wary of strange emails and messages.<\/strong>\n<ul class=\"wp-block-list\">\n<li>Phishing remains the leading intrusion method for MaaS.<\/li>\n\n\n\n<li>Do not click on links from unknown sources.<\/li>\n\n\n\n<li>Double-check the sender&#039;s email address.<\/li>\n\n\n\n<li>If in doubt, go directly to the official website instead of clicking a link.<\/li>\n<\/ul>\n<\/li>\n\n\n\n<li><strong>Update your software regularly.<\/strong>\n<ul class=\"wp-block-list\">\n<li>Many types of malware exploit vulnerabilities in outdated software.<\/li>\n\n\n\n<li>Update your operating system, browser, and applications as soon as security patches are available.<\/li>\n<\/ul>\n<\/li>\n\n\n\n<li><strong>Back up important data.<\/strong>\n<ul class=\"wp-block-list\">\n<li>Regularly back up your data to an external hard drive (not connected to the network) or a cloud service.<\/li>\n\n\n\n<li>This is the most effective &quot;insurance&quot; if you are attacked by ransomware.<\/li>\n<\/ul>\n<\/li>\n\n\n\n<li><strong>Implement comprehensive cybersecurity solutions.<\/strong>\n<ul class=\"wp-block-list\">\n<li>For businesses, effective protection against MaaS requires multiple layers of defense, including: Antivirus\/Anti-malware, Endpoint Detection and Response (EDR), Firewall, Intrusion Detection\/Prevention System (IDS\/IPS), SIEM, etc.<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n\n\n<style>.wp-block-kadence-advancedheading.kt-adv-heading5797_5b1c6f-95, .wp-block-kadence-advancedheading.kt-adv-heading5797_5b1c6f-95[data-kb-block=\"kb-adv-heading5797_5b1c6f-95\"]{font-style:normal;}.wp-block-kadence-advancedheading.kt-adv-heading5797_5b1c6f-95 mark.kt-highlight, .wp-block-kadence-advancedheading.kt-adv-heading5797_5b1c6f-95[data-kb-block=\"kb-adv-heading5797_5b1c6f-95\"] mark.kt-highlight{font-style:normal;color:#198754;-webkit-box-decoration-break:clone;box-decoration-break:clone;padding-top:0px;padding-right:0px;padding-bottom:0px;padding-left:0px;}.wp-block-kadence-advancedheading.kt-adv-heading5797_5b1c6f-95 img.kb-inline-image, .wp-block-kadence-advancedheading.kt-adv-heading5797_5b1c6f-95[data-kb-block=\"kb-adv-heading5797_5b1c6f-95\"] img.kb-inline-image{width:150px;vertical-align:baseline;}<\/style>\n<p class=\"kt-adv-heading5797_5b1c6f-95 wp-block-kadence-advancedheading\" data-kb-block=\"kb-adv-heading5797_5b1c6f-95\">And most importantly, humans remain the weakest link in the system. Therefore, each individual needs to be supported. <mark true=\"true\" class=\"kt-highlight\"><strong>Raising awareness about information security<\/strong> <\/mark>This allows us to detect phishing and social engineering before malware can infiltrate our systems.<\/p>","protected":false},"excerpt":{"rendered":"<p>Did you know that today, someone who doesn&#039;t know a single line of code can launch a sophisticated cyberattack targeting a multi-million dollar business? No programming skills needed. No security knowledge required. Just\u2026 money and a link to the dark web. That [\u2026]<span class=\"screen-reader-text\"> From Malware-as-a-Service (MaaS): When cybercrime becomes a professional &quot;service&quot;<\/span><\/a><\/p>","protected":false},"author":3,"featured_media":5800,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"inline_featured_image":false,"footnotes":""},"categories":[7],"tags":[],"class_list":["post-5797","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-canh-bao-pho-bien"],"_links":{"self":[{"href":"https:\/\/chongluadao.vn\/blog\/en\/wp-json\/wp\/v2\/posts\/5797","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/chongluadao.vn\/blog\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/chongluadao.vn\/blog\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/chongluadao.vn\/blog\/en\/wp-json\/wp\/v2\/users\/3"}],"replies":[{"embeddable":true,"href":"https:\/\/chongluadao.vn\/blog\/en\/wp-json\/wp\/v2\/comments?post=5797"}],"version-history":[{"count":1,"href":"https:\/\/chongluadao.vn\/blog\/en\/wp-json\/wp\/v2\/posts\/5797\/revisions"}],"predecessor-version":[{"id":5801,"href":"https:\/\/chongluadao.vn\/blog\/en\/wp-json\/wp\/v2\/posts\/5797\/revisions\/5801"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/chongluadao.vn\/blog\/en\/wp-json\/wp\/v2\/media\/5800"}],"wp:attachment":[{"href":"https:\/\/chongluadao.vn\/blog\/en\/wp-json\/wp\/v2\/media?parent=5797"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/chongluadao.vn\/blog\/en\/wp-json\/wp\/v2\/categories?post=5797"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/chongluadao.vn\/blog\/en\/wp-json\/wp\/v2\/tags?post=5797"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}