ProHoster > Π‘Π»ΠΎΠ³ > Kev tswj hwm > Trollesh hauv daim npog tshiab: lwm nthwv dej ntawm kev xa ntawv loj ntawm tus kab mob ransomware

Trollesh hauv daim npog tshiab: lwm nthwv dej ntawm kev xa ntawv loj ntawm tus kab mob ransomware

Txij li thaum pib ntawm hnub no mus txog rau tam sim no, JSOC CERT cov kws tshaj lij tau sau txog kev faib tawm loj heev ntawm Troldesh encrypting tus kab mob. Nws txoj haujlwm yog dav dua li ntawm tus encryptor: ntxiv rau qhov encryption module, nws muaj peev xwm tswj tau lub chaw ua haujlwm thiab rub tawm cov modules ntxiv. Lub Peb Hlis Ntuj xyoo no peb twb qhia Txog tus kab mob Troldesh - tom qab ntawd tus kab mob npog nws txoj kev xa khoom siv IoT. Tam sim no, cov tsis muaj zog versions ntawm WordPress thiab cgi-bin interface yog siv rau qhov no.

Trollesh hauv daim npog tshiab: lwm nthwv dej ntawm kev xa ntawv loj ntawm tus kab mob ransomware

Kev xa ntawv yog xa los ntawm qhov chaw sib txawv thiab muaj nyob rau hauv lub cev ntawm tsab ntawv txuas mus rau kev cuam tshuam lub vev xaib nrog WordPress Cheebtsam. Qhov txuas muaj ib qho archive uas muaj ib tsab ntawv hauv Javascript. Raws li qhov tshwm sim ntawm nws qhov kev ua tiav, Trollesh encryptor tau rub tawm thiab tso tawm.

Cov email phem tsis raug kuaj pom los ntawm cov cuab yeej kev nyab xeeb feem ntau vim tias lawv muaj qhov txuas mus rau lub vev xaib raug cai, tab sis ransomware nws tus kheej tam sim no tau kuaj pom los ntawm feem ntau cov tuam txhab antivirus software. Nco tseg: txij li cov malware sib txuas lus nrog C&C servers nyob rau ntawm Tor network, nws muaj peev xwm rub tawm cov khoom siv sab nraud ntxiv rau lub tshuab muaj kab mob uas tuaj yeem "txhawb" nws.

Qee qhov tshwj xeeb ntawm cov ntawv xov xwm no suav nrog:

(1) piv txwv ntawm cov ntawv xov xwm - "Hais txog kev txiav txim"

(2) tag nrho cov kev sib txuas yog sab nraud zoo sib xws - lawv muaj cov ntsiab lus / wp-cov ntsiab lus / thiab /doc /, piv txwv li:
Horsesmouth [.]org/wp-content/themes/InspiredBits/images/dummy/doc/doc/
www.montessori-academy[.]org/wp-content/themes/campus/mythology-core/core-assets/images/social-icons/long-shadow/doc/
chestnutplacejp[.]com/wp-content/ai1wm-backups/doc/

(3) cov malware nkag mus rau ntau yam tswj servers ntawm Tor

(4) ib cov ntaub ntawv yog tsim Filename: C:ProgramDataWindowscsrss.exe, sau npe nyob rau hauv lub npe nyob rau hauv lub SOFTWAREMicrosoftWindowsCurrentVersionRun ceg (lub npe parameter - Client Server Runtime Subsystem).

Peb pom zoo kom ua kom paub tseeb tias koj cov ntaub ntawv tiv thaiv kab mob software tau hloov kho tshiab, txiav txim siab qhia cov neeg ua haujlwm txog qhov kev hem thawj no, thiab, yog tias ua tau, ntxiv dag zog rau kev tswj hwm cov ntawv tuaj nrog cov tsos mob saum toj no.

Tau qhov twg los: www.hab.com

Ntxiv ib saib