Pākē hacker e kāʻalo i ka hōʻoia ʻelua kumu, akā ʻaʻole maopopo kēia. Aia ma lalo iho nā manaʻo o ka hui Dutch ʻo Fox-IT, ka mea loea i nā lawelawe kūkākūkā cybersecurity. Ua manaʻo ʻia, ʻaʻohe mea hōʻike pololei, e hana ana kahi hui o nā mea hackers i kapa ʻia ʻo APT20 no nā keʻena aupuni Kina.
Ua ʻike mua ʻia ka hana hacker i ka hui APT20 ma 2011. Ma 2016-2017, ua nalowale ka hui mai ka nānā ʻana o ka poʻe loea, a ua ʻike koke ʻo Fox-IT i nā ʻāpana o ka APT20 interference i ka pūnaewele o kekahi o kāna mau mea kūʻai aku, nāna i noi e noiʻi i nā hewa cybersecurity.
Wahi a Fox-IT, i nā makahiki ʻelua i hala iho nei, ua hacking ka hui APT20 a loaʻa i ka ʻikepili mai nā keʻena aupuni, nā hui nui a me nā mea lawelawe ma US, Farani, Kelemānia, Italia, Mexico, Pokukala, Sepania, UK a me Brazil. Ua hana pū ʻo APT20 hackers i nā wahi e like me ka mokulele, mālama olakino, kālā, ʻinikua, ikehu, a me nā wahi e like me ka piliwaiwai a me nā laka uila.
ʻO ka maʻamau, ua hoʻohana nā mea hacker APT20 i nā mea palupalu i nā kikowaena pūnaewele a, ʻo ia hoʻi, i ka papa hana noiʻi Jboss e komo i nā ʻōnaehana o ka poʻe pōʻino. Ma hope o ke komo ʻana a me ka hoʻokomo ʻana i nā pūpū, ua komo ka poʻe hackers i nā pūnaewele o nā mea i hōʻeha ʻia i nā ʻōnaehana āpau. ʻO nā moʻolelo i ʻike ʻia ua ʻae ʻia nā mea hoʻouka e ʻaihue i ka ʻikepili me ka hoʻohana ʻana i nā mea hana maʻamau, me ka ʻole o ka hoʻokomo ʻana i ka malware. Akā ʻo ka pilikia nui, ʻo ka hui APT20 i ʻōlelo ʻia ua hiki ke kāpae i ka hōʻoia ʻelua kumu me ka hoʻohana ʻana i nā hōʻailona.
'Ōlelo nā mea noiʻi ua loaʻa iā lākou nā hōʻike e pili ana nā mea hackers i nā moʻokāki VPN i pale ʻia e ka hōʻoia ʻelua kumu. Pehea i hiki ai kēia, hiki i nā loea Fox-IT ke noʻonoʻo wale. ʻO ka mea hiki ke hiki ke ʻaihue i ka hōʻailona polokalamu RSA SecurID mai ka ʻōnaehana hacked. Ke hoʻohana nei i ka polokalamu ʻaihue, hiki i nā mea hackers ke hana i nā code hoʻokahi manawa e kāpae i ka pale ʻelua kumu.
Ma lalo o nā kūlana maʻamau hikiʻole ke hana i kēia. ʻAʻole hiki ke hana ʻia kahi hōʻailona polokalamu me ka ʻole o kahi hōʻailona hāmeʻa i pili i ka ʻōnaehana kūloko. Me ka ʻole o ia, hana ka polokalamu RSA SecurID i kahi hewa. Hoʻokumu ʻia kahi hōʻailona polokalamu no kahi ʻōnaehana kikoʻī a, i ka loaʻa ʻana o ka lako o ka mea i pepehi ʻia, hiki ke loaʻa i kahi helu kikoʻī e holo ai i ka hōʻailona polokalamu.
Wahi a ka poʻe loea Fox-IT i mea e hoʻomaka ai i kahi hōʻailona polokalamu (ʻaihue), ʻaʻole pono ʻoe e komo i ka kamepiula o ka mea i pepehi ʻia. Holo ka paʻakikī holoʻokoʻa o ka hōʻoia mua i ka wā e lawe mai ai i ka vector hanauna mua - kahi helu 128-bit random e pili ana i kahi hōʻailona kikoʻī (). ʻAʻole pili kēia helu i ka hua, a laila pili i ka hana o ka hōʻailona polokalamu maoli. Inā hiki ke hoʻokuʻu ʻia ka SecurID Token Seed check (patched), a laila ʻaʻohe mea e pale iā ʻoe mai ka hana ʻana i nā code no ka ʻae ʻelua kumu i ka wā e hiki mai ana. Ua ʻōlelo ʻo Fox-IT e hiki ke hoʻokō ʻia ke kaʻe ʻana i ka māka ma ka hoʻololi ʻana i hoʻokahi aʻo. Ma hope o kēia, e wehe piha ʻia ka ʻōnaehana o ka mea i pepehi ʻia i ka mea hoʻouka me ka hoʻohana ʻole ʻana i nā pono kūikawā a me nā pūpū.
Source: 3dnews.ru