Masu bincike sun gano wani sabon clone na sanannen Mirai botnet, wanda ke nufin na'urorin IoT. A wannan karon, na'urorin da aka haɗa da nufin amfani da su a wuraren kasuwanci suna fuskantar barazana. Babban burin maharan shine sarrafa na'urori tare da bandwidth da aiwatar da manyan hare-haren DDoS.
Bayani:
A lokacin rubuta fassarar, ban san cewa cibiyar tana da ba .
An riga an kama mawallafin Mirai na asali, amma samuwa , wanda aka buga a cikin 2016, yana ba da damar sababbin maharan don ƙirƙirar nasu botnets dangane da shi. Misali, и .
Mirai na asali ya bayyana a cikin 2016. Ya cutar da masu amfani da hanyoyin sadarwa, kyamarar IP, DVRs da sauran na'urori waɗanda galibi suna da kalmar sirri ta tsoho, da kuma na'urori masu amfani da tsoffin juzu'in Linux.
An tsara sabon bambance-bambancen Mirai don na'urorin kasuwanci
Wata ƙungiyar masu bincike ta gano wani sabon botnet daga Palo Alto Network. Ya bambanta da sauran clones saboda an tsara shi don na'urorin kasuwanci, gami da WePresent WiPG-1000 tsarin gabatarwa mara waya da LG Supersign TVs.
An yi amfani da ikon amfani da nesa don LG Supersign TVs (CVE-2018-17173) a cikin Satumbar bara. Kuma don WePresent WiPG-1000, an buga shi a cikin 2017. Gabaɗaya, bot ɗin yana sanye da abubuwan amfani guda 27, waɗanda 11 sababbi ne. Sabuwar bambance-bambancen Mirai kuma yana hari da kayan aikin da aka haɗa daban-daban kamar:
- Linksys Routers
- ZTE Router
- DLink hanyoyin sadarwa
- Na'urorin ajiyar hanyar sadarwa
- NVR da IP kyamarori
"Wadannan sababbin siffofi suna ba da botnet babban hari," in ji masu bincike na Unit 42 a cikin wani shafin yanar gizon. "Musamman, niyya ta hanyoyin sadarwa na kamfanoni yana ba shi damar yin umarni da ƙarin bandwidth, wanda a ƙarshe ya haifar da ƙara ƙarfin wuta ga botnet don aiwatar da hare-haren DDoS."
Wannan lamarin yana nuna buƙatar kamfanoni don saka idanu akan na'urorin IoT akan hanyar sadarwar su, daidaita tsaro yadda yakamata, da kuma buƙatar sabuntawa akai-akai.
.
source: www.habr.com