The Ministry of Digital Economy has warned of cybercrime attacks by malware designed to steal sensitive information from a wide number of industries including critical infrastructure, entertainment, finance, healthcare and telecommunications.
The Thailand Computer Emergency Response Team (ThaiCERT) reported that the malware is part of a global hacking operation uncovered by cyber security firm McAfee linked to the cyber espionage group Hidden Cobra, deputy permanent secretary Somsak Khaowsuwan said on Friday.
Hidden Cobra is a name the US government uses to describe North Korean state-sponsored hackers.
Known as Operation GhostSecret, the malware attacks had hit wide variety of industries in 17 countries, he said. About 45 servers in Thailand had been infected by the malicious software.
McAfee has also reported that a server system in Thailand had been used in this large-scale hacking operation, and was linked to the control server used in the attacks on Sony Pictures, Mr Somsak said.
Computer users were advised to follow the guidelines provided by ThaiCERT to protect their systems from attack. In case of malware infections, the systems should be disconnected from the network.
Keeping the systems up to date, downloading programmes only from trusted sites and updating security software could help reduce the risk of being infected, he said. Emails from untrusted sources should be blocked.
ThaiCERT is coordinating with agencies concerned to gain access to the infected servers and working with the cyber security firm in further analysis, according to Mr Somsak.
According to the website bankifosecurity.com the government has already seized servers in Thailand used by the hackers, "preserving the servers for review by law enforcement agencies".
McAfee had counted three command-and-control servers in Thailand for Operation GhostSecret, all residing at Thammasat University in Bangkok, the website report said.
McAfee describes Operation GhostSecret as a global data reconnaissance campaign assaulting a wide number of industries.
It leverages multiple implants, tools and malware variants already known to be associated with Hidden Cobra, similar to those used in the Destover variant that infected computer systems in March.