An karbo daga littafin “Mayewa”. Takaitaccen Tarihin Hackers na Rasha"
A watan Mayu na wannan shekara a cikin gidan bugawa Individuum
Daniel ya tattara kayan shekaru da yawa, wasu labarai
Amma hacking, kamar kowane laifi, an rufe shi da magana. Labari na gaske ana ba da su ta hanyar baki ne kawai tsakanin mutane. Kuma littafin ya bar ra'ayi na rashin cikawa mai ban sha'awa mai ban sha'awa - kamar dai za a iya haɗa kowane ɗayan jarumansa a cikin littafi mai girma uku na "yadda da gaske yake."
Tare da izinin mawallafin, muna buga taƙaitaccen bayani game da ƙungiyar Lurk, wanda ya saci bankunan Rasha a 2015-16.
A lokacin rani na 2015, Babban Bankin Rasha ya kirkiro Fincert, cibiyar kulawa da amsa abubuwan da suka faru na kwamfuta a cikin sassan bashi da kudi. Ta hanyarsa, bankuna suna musayar bayanai game da hare-haren kwamfuta, nazarin su da karɓar shawarwari kan kariya daga hukumomin leken asiri. Akwai da yawa irin wadannan hare-hare: Sberbank a watan Yuni 2016
A cikin farko
'Yan sanda da kwararrun jami'an tsaro na yanar gizo sun fara neman mambobin kungiyar tun a shekarar 2011. Na dogon lokaci, binciken bai yi nasara ba - a shekara ta 2016, kungiyar ta sace kimanin rubles biliyan uku daga bankunan Rasha, fiye da kowane hackers.
Kwayar cutar ta Lurk ta bambanta da waɗanda masu binciken suka ci karo da su a baya. Lokacin da aka gudanar da shirin a cikin dakin gwaje-gwaje don gwaji, bai yi kome ba (shi ya sa ake kiransa Lurk - daga Turanci "don ɓoye"). Daga baya
Don yada cutar, ƙungiyar ta yi kutse cikin shafukan yanar gizon da ma'aikatan banki suka ziyarta: daga kafofin watsa labaru na kan layi (misali, RIA Novosti da Gazeta.ru) zuwa dandalin lissafin kuɗi. Hackers sun yi amfani da rauni a cikin tsarin don musayar banners na talla da rarraba malware ta hanyar su. A wasu rukunin yanar gizon, masu satar bayanai sun sanya hanyar haɗi zuwa ƙwayar cuta kawai a taƙaice: a kan dandalin ɗaya daga cikin mujallun lissafin, ya bayyana a ranakun mako a lokacin abincin rana na sa'o'i biyu, amma har ma a wannan lokacin, Lurk ya sami waɗanda suka dace.
Ta hanyar danna banner, an kai mai amfani da shi zuwa wani shafi mai amfani, bayan haka an fara tattara bayanai akan kwamfutar da aka kai harin - masu kutse sun fi sha'awar shirin banki na nesa. An maye gurbin cikakkun bayanai a cikin odar biyan kuɗi na banki tare da waɗanda ake buƙata, kuma an aika da canja wurin ba tare da izini ba zuwa asusun kamfanonin da ke da alaƙa da ƙungiyar. A cewar Sergei Golovanov daga Kaspersky Lab, yawanci a irin waɗannan lokuta, ƙungiyoyi suna amfani da kamfanonin harsashi, "waɗanda suke daidai da canja wuri da kuma fitar da tsabar kudi": kudaden da aka karɓa suna tsabar kudi a can, an saka su a cikin jaka da alamun alamar a wuraren shakatawa na birni, inda masu fashin kwamfuta ke ɗauka. su . Membobin ƙungiyar sun ɓoye ayyukansu a hankali: sun ɓoye duk wasiƙun yau da kullun da wuraren rajista tare da masu amfani da karya. Golovanov ya ce "Masu kai hari suna amfani da VPN sau uku, Tor, tattaunawar sirri, amma matsalar ita ce ko da tsarin aiki mai kyau ya gaza," in ji Golovanov. - Ko dai VPN ɗin ya faɗi, sannan tattaunawar sirri ta zama ba ta zama sirri ba, sannan ɗaya, maimakon yin kira ta Telegram, ana kiranta daga wayar kawai. Wannan shi ne dalilin mutum. Kuma idan kun kasance kuna tattara bayanai tsawon shekaru, kuna buƙatar nemo irin waɗannan hadurran. Bayan haka, jami'an tsaro na iya tuntuɓar masu ba da izini don gano wanda ya ziyarci irin wannan adireshin IP da kuma a wane lokaci. Sannan an gina harka”.
Tsare masu kutse daga Lurk
An gano motoci a cikin garejin na masu kutse - tsadar kayayyaki Audi, Cadillac, da Mercedes. An kuma gano agogon dake lullube da lu'u-lu'u 272.
Musamman, an kama duk kwararrun fasaha na kungiyar. Ruslan Stoyanov, ma'aikaci na Kaspersky Lab wanda ke da hannu a binciken laifukan Lurk tare da jami'an leken asiri, ya ce gudanarwar ta nemi da yawa daga cikinsu a wuraren aiki na yau da kullun don daukar ma'aikata don aiki mai nisa. Tallace-tallacen ba su ce komai ba game da cewa aikin zai kasance ba bisa ka'ida ba, kuma ana ba da albashi a Lurk sama da na kasuwa, kuma ana iya yin aiki daga gida.
"Kowace safiya, ban da karshen mako, a sassa daban-daban na Rasha da Ukraine, mutane suna zaune a kwamfutocinsu kuma suka fara aiki," in ji Stoyanov. "Masu shirye-shirye sun canza ayyukan sigar ta gaba [na kwayar cutar], masu gwadawa sun duba ta, sannan wanda ke da alhakin botnet ya loda komai zuwa uwar garken umarni, bayan haka an sabunta ta atomatik akan kwamfutocin bot."
An fara yin la'akari da shari'ar kungiyar a kotu a cikin kaka na 2017 kuma ya ci gaba a farkon 2019 - saboda yawan shari'ar, wanda ya ƙunshi kimanin ɗari shida. Lauyan dan damfara yana boye sunansa
An gabatar da shari'ar daya daga cikin masu kutse na kungiyar a cikin shari'a daban-daban, kuma ya karbi shekaru 5, ciki har da yin kutse a tashar jirgin saman Yekaterinburg.
A cikin 'yan shekarun da suka gabata a Rasha, ayyuka na musamman sun yi nasarar kayar da yawancin manyan kungiyoyin hackers da suka keta babban ka'ida - "Kada ku yi aiki a kan ru": Carberp (saci kimanin biliyan daya da rabi daga asusun bankunan Rasha). Anunak (saci fiye da biliyan rubles daga asusun na Rasha bankuna), Paunch (sun kirkiro dandamali don kai hare-hare ta hanyar da kusan rabin kamuwa da cuta a dukan duniya wuce) da sauransu. Kudaden da irin wadannan kungiyoyi ke samu ya yi daidai da abin da dillalan makamai ke samu, kuma sun kunshi mutane da dama baya ga masu kutse da kansu – jami’an tsaro, direbobi, masu karbar kudi, masu gidajen yanar gizo da ake samun sabbin fasa-kwauri, da dai sauransu.
source: www.habr.com