Kwararru daga Kaspersky Lab sun gano jerin hare-haren masu kutse da aka kai kan kamfanonin sadarwa da hada-hadar kudi a gabashin Turai da tsakiyar Asiya. A wani bangare na wannan yakin, maharan sun yi kokarin kwace kudade da bayanan kudi daga wadanda abin ya shafa. Rahoton ya bayyana cewa masu satar bayanan sun yi kokarin cire dubunnan daloli daga asusun kamfanonin da aka kai wa harin.
A cikin kowane shari'ar da aka yi rikodin, masu satar bayanai sun yi amfani da dabara ɗaya, suna amfani da rauni a cikin hanyoyin haɗin gwiwar VPN waɗanda aka yi amfani da su a cikin kamfanonin da aka kai hari. Maharan sun yi amfani da raunin CVE-2019-11510, kayan aiki don cin gajiyar abin da ake iya samu akan Intanet. Rashin lahani yana ba da damar samun bayanai game da asusun masu gudanar da cibiyar sadarwar kamfanoni, wanda zai iya ba da dama ga bayanai masu mahimmanci.
Rahoton ya bayyana cewa kungiyoyin yanar gizo ba su yi amfani da wannan raunin ba. Masanan Kaspersky Lab sun yi imanin cewa masu yin kutse masu amfani da harshen Rashanci ne ke kai hare-hare kan kamfanonin kudi da na sadarwa. Sun cimma wannan matsaya ne bayan nazarin fasahar maharan da suke amfani da su wajen kai hare-hare.
"Duk da cewa an gano raunin a cikin bazara na 2019, kamfanoni da yawa ba su shigar da sabuntawar da suka dace ba. Idan aka yi la’akari da samuwar cin zarafi, irin waɗannan hare-hare na iya yaɗuwa. Don haka, muna ba da shawarar sosai cewa kamfanoni su shigar da sabbin nau'ikan hanyoyin magance VPN da suke amfani da su, ”in ji Sergey Golovanov, babban kwararre kan riga-kafi a Kaspersky Lab.
source: 3dnews.ru