An karbo daga littafin “Mayewa”. Takaitaccen Tarihin Hackers na Rasha"
A watan Mayu na wannan shekara a cikin gidan bugawa Individuum Dan jarida Daniil Turovsky "Mamakiya. Takaitaccen Tarihin Hackers na Rasha." Ya ƙunshi labarun daga gefen duhu na masana'antar IT na Rasha - game da mutanen da suka yi soyayya da kwamfyuta, sun koyi ba kawai shirye-shirye ba, amma don fashin mutane. Littafin yana tasowa, kamar sabon abu da kansa - daga matasa hooliganism da forum jam'iyyun zuwa tilasta bin doka da kuma kasa da kasa abin kunya.
Daniel ya tattara kayan shekaru da yawa, wasu labarai , don sake bayyana labarin Daniel, Andrew Kramer na New York Times ya sami lambar yabo ta Pulitzer a cikin 2017.
Amma hacking, kamar kowane laifi, an rufe shi da magana. Labari na gaske ana ba da su ta hanyar baki ne kawai tsakanin mutane. Kuma littafin ya bar ra'ayi na rashin cikawa mai ban sha'awa mai ban sha'awa - kamar dai za a iya haɗa kowane ɗayan jarumansa a cikin littafi mai girma uku na "yadda da gaske yake."
Tare da izinin mawallafin, muna buga taƙaitaccen bayani game da ƙungiyar Lurk, wanda ya saci bankunan Rasha a 2015-16.
A lokacin rani na 2015, Babban Bankin Rasha ya kirkiro Fincert, cibiyar kulawa da amsa abubuwan da suka faru na kwamfuta a cikin sassan bashi da kudi. Ta hanyarsa, bankuna suna musayar bayanai game da hare-haren kwamfuta, nazarin su da karɓar shawarwari kan kariya daga hukumomin leken asiri. Akwai da yawa irin wadannan hare-hare: Sberbank a watan Yuni 2016 asarar tattalin arzikin Rasha daga aikata laifukan yanar gizo ya kai biliyan 600 rubles - a lokaci guda bankin ya sami wani kamfani na biyu, Bizon, wanda ke hulɗa da amincin bayanan kasuwancin.
A cikin farko sakamakon aikin Fincert (daga Oktoba 2015 zuwa Maris 2016) ya bayyana hare-haren 21 da aka yi niyya a kan ababen more rayuwa na banki; Sakamakon wadannan abubuwan, an fara shari'o'in laifuka 12. Galibin wadannan hare-haren na wata kungiya ce, wadda aka sanya wa suna Lurk don girmama kwayar cutar mai suna iri daya, da masu satar bayanai suka kirkira: da taimakonta, an sace kudi daga kamfanonin kasuwanci da kuma bankuna.
'Yan sanda da kwararrun jami'an tsaro na yanar gizo sun fara neman mambobin kungiyar tun a shekarar 2011. Na dogon lokaci, binciken bai yi nasara ba - a shekara ta 2016, kungiyar ta sace kimanin rubles biliyan uku daga bankunan Rasha, fiye da kowane hackers.
Kwayar cutar ta Lurk ta bambanta da waɗanda masu binciken suka ci karo da su a baya. Lokacin da aka gudanar da shirin a cikin dakin gwaje-gwaje don gwaji, bai yi kome ba (shi ya sa ake kiransa Lurk - daga Turanci "don ɓoye"). Daga baya An tsara Lurk a matsayin tsarin na'ura: sannu a hankali shirin yana ɗaukar ƙarin tubalan tare da ayyuka daban-daban - daga satar haruffan da aka shigar akan maballin, shiga da kalmomin shiga zuwa ikon yin rikodin rafi na bidiyo daga allon kwamfutar da ta kamu da cutar.
Don yada cutar, ƙungiyar ta yi kutse cikin shafukan yanar gizon da ma'aikatan banki suka ziyarta: daga kafofin watsa labaru na kan layi (misali, RIA Novosti da Gazeta.ru) zuwa dandalin lissafin kuɗi. Hackers sun yi amfani da rauni a cikin tsarin don musayar banners na talla da rarraba malware ta hanyar su. A wasu rukunin yanar gizon, masu satar bayanai sun sanya hanyar haɗi zuwa ƙwayar cuta kawai a taƙaice: a kan dandalin ɗaya daga cikin mujallun lissafin, ya bayyana a ranakun mako a lokacin abincin rana na sa'o'i biyu, amma har ma a wannan lokacin, Lurk ya sami waɗanda suka dace.
Ta hanyar danna banner, an kai mai amfani da shi zuwa wani shafi mai amfani, bayan haka an fara tattara bayanai akan kwamfutar da aka kai harin - masu kutse sun fi sha'awar shirin banki na nesa. An maye gurbin cikakkun bayanai a cikin odar biyan kuɗi na banki tare da waɗanda ake buƙata, kuma an aika da canja wurin ba tare da izini ba zuwa asusun kamfanonin da ke da alaƙa da ƙungiyar. A cewar Sergei Golovanov daga Kaspersky Lab, yawanci a irin waɗannan lokuta, ƙungiyoyi suna amfani da kamfanonin harsashi, "waɗanda suke daidai da canja wuri da kuma fitar da tsabar kudi": kudaden da aka karɓa suna tsabar kudi a can, an saka su a cikin jaka da alamun alamar a wuraren shakatawa na birni, inda masu fashin kwamfuta ke ɗauka. su . Membobin ƙungiyar sun ɓoye ayyukansu a hankali: sun ɓoye duk wasiƙun yau da kullun da wuraren rajista tare da masu amfani da karya. Golovanov ya ce "Masu kai hari suna amfani da VPN sau uku, Tor, tattaunawar sirri, amma matsalar ita ce ko da tsarin aiki mai kyau ya gaza," in ji Golovanov. - Ko dai VPN ɗin ya faɗi, sannan tattaunawar sirri ta zama ba ta zama sirri ba, sannan ɗaya, maimakon yin kira ta Telegram, ana kiranta daga wayar kawai. Wannan shi ne dalilin mutum. Kuma idan kun kasance kuna tattara bayanai tsawon shekaru, kuna buƙatar nemo irin waɗannan hadurran. Bayan haka, jami'an tsaro na iya tuntuɓar masu ba da izini don gano wanda ya ziyarci irin wannan adireshin IP da kuma a wane lokaci. Sannan an gina harka”.
Tsare masu kutse daga Lurk kamar fim din aiki. Ma’aikatan ma’aikatar agajin gaggawa sun datse kulle-kulle a gidaje da gidajen ‘yan dandatsa a sassa daban-daban na birnin Yekaterinburg, inda daga bisani jami’an FSB suka yi ta kururuwa, suka kama masu kutse suka jefar da su kasa, suka kuma yi bincike a harabar. Bayan haka, an sanya wadanda ake zargin a cikin motar bas, aka kai su filin jirgin sama, aka bi ta titin saukar jiragen sama aka dauke su a cikin wani jirgin dakon kaya, wanda ya taso zuwa Moscow.
An gano motoci a cikin garejin na masu kutse - tsadar kayayyaki Audi, Cadillac, da Mercedes. An kuma gano agogon dake lullube da lu'u-lu'u 272. kayan ado masu daraja 12 miliyan rubles da makamai. Gaba daya 'yan sanda sun gudanar da bincike kusan 80 a yankuna 15 tare da tsare mutane kusan 50.
Musamman, an kama duk kwararrun fasaha na kungiyar. Ruslan Stoyanov, ma'aikaci na Kaspersky Lab wanda ke da hannu a binciken laifukan Lurk tare da jami'an leken asiri, ya ce gudanarwar ta nemi da yawa daga cikinsu a wuraren aiki na yau da kullun don daukar ma'aikata don aiki mai nisa. Tallace-tallacen ba su ce komai ba game da cewa aikin zai kasance ba bisa ka'ida ba, kuma ana ba da albashi a Lurk sama da na kasuwa, kuma ana iya yin aiki daga gida.
"Kowace safiya, ban da karshen mako, a sassa daban-daban na Rasha da Ukraine, mutane suna zaune a kwamfutocinsu kuma suka fara aiki," in ji Stoyanov. "Masu shirye-shirye sun canza ayyukan sigar ta gaba [na kwayar cutar], masu gwadawa sun duba ta, sannan wanda ke da alhakin botnet ya loda komai zuwa uwar garken umarni, bayan haka an sabunta ta atomatik akan kwamfutocin bot."
An fara yin la'akari da shari'ar kungiyar a kotu a cikin kaka na 2017 kuma ya ci gaba a farkon 2019 - saboda yawan shari'ar, wanda ya ƙunshi kimanin ɗari shida. Lauyan dan damfara yana boye sunansa cewa babu daya daga cikin wadanda ake zargin da zai yi yarjejeniya da binciken, amma wasu sun amince da wani bangare na tuhumar. "Abokan mu sun yi aikin haɓaka sassa daban-daban na kwayar cutar Lurk, amma da yawa ba su san cewa Trojan ba ce," in ji shi. "Wani ya sanya wani ɓangare na algorithms waɗanda zasu iya aiki cikin nasara a cikin injunan bincike."
An gabatar da shari'ar daya daga cikin masu kutse na kungiyar a cikin shari'a daban-daban, kuma ya karbi shekaru 5, ciki har da yin kutse a tashar jirgin saman Yekaterinburg.
A cikin 'yan shekarun da suka gabata a Rasha, ayyuka na musamman sun yi nasarar kayar da yawancin manyan kungiyoyin hackers da suka keta babban ka'ida - "Kada ku yi aiki a kan ru": Carberp (saci kimanin biliyan daya da rabi daga asusun bankunan Rasha). Anunak (saci fiye da biliyan rubles daga asusun na Rasha bankuna), Paunch (sun kirkiro dandamali don kai hare-hare ta hanyar da kusan rabin kamuwa da cuta a dukan duniya wuce) da sauransu. Kudaden da irin wadannan kungiyoyi ke samu ya yi daidai da abin da dillalan makamai ke samu, kuma sun kunshi mutane da dama baya ga masu kutse da kansu – jami’an tsaro, direbobi, masu karbar kudi, masu gidajen yanar gizo da ake samun sabbin fasa-kwauri, da dai sauransu.
source: www.habr.com