Chinese hackers kulambalala kutsimikizika kwazinthu ziwiri, koma izi sizotsimikizika. Pansipa pali malingaliro a kampani yaku Dutch Fox-IT, yomwe imagwira ntchito zowunikira pa intaneti. Zimaganiziridwa, zomwe palibe umboni wachindunji, kuti gulu la obera lotchedwa APT20 likugwira ntchito ku mabungwe aboma la China.
Zochitika za Hacker zomwe zimatchedwa gulu la APT20 zidapezeka koyamba mu 2011. Mu 2016-2017, gululo lidazimiririka kwa akatswiri, ndipo posachedwa Fox-IT idapeza zosokoneza za APT20 pamaneti a m'modzi mwamakasitomala ake, yemwe adapempha kuti afufuze zophwanya cybersecurity.
Malinga ndi Fox-IT, pazaka ziwiri zapitazi, gulu la APT20 lakhala likubera ndikupeza deta kuchokera ku mabungwe a boma, makampani akuluakulu ndi opereka chithandizo ku US, France, Germany, Italy, Mexico, Portugal, Spain, UK ndi Brazil. Obera a APT20 akhala akugwiranso ntchito m'malo monga ndege, zaumoyo, zachuma, inshuwaransi, mphamvu, ngakhale m'malo monga njuga ndi loko zamagetsi.
Nthawi zambiri, obera a APT20 amagwiritsa ntchito zofooka m'maseva apaintaneti ndipo, makamaka, papulatifomu yofunsira mabizinesi a Jboss kuti alowe m'makina a ozunzidwa. Atalowa ndi kuyika zipolopolo, owononga adalowa mumanetiweki a ozunzidwa m'makina onse otheka. Maakaunti omwe adapezeka amalola oukira kuba data pogwiritsa ntchito zida wamba, osayika pulogalamu yaumbanda. Koma vuto lalikulu ndilakuti gulu la APT20 lidatha kudutsa kutsimikizika kwazinthu ziwiri pogwiritsa ntchito ma tokeni.
Ofufuzawo akuti apeza umboni woti obera amalumikizidwa ndi maakaunti a VPN otetezedwa ndi kutsimikizika kwazinthu ziwiri. Momwe izi zidachitikira, akatswiri a Fox-IT amatha kungolingalira. Kuthekera kwakukulu ndikuti kubera adatha kuba chizindikiro cha pulogalamu ya RSA SecurID kuchokera pamakina omwe adabedwa. Pogwiritsa ntchito pulogalamu yabedwa, obera amatha kupanga ma code anthawi imodzi kuti alambalale chitetezo chazinthu ziwiri.
M'mikhalidwe yabwino izi sizingatheke. Chizindikiro cha mapulogalamu sichigwira ntchito popanda chizindikiro cha hardware cholumikizidwa ndi dongosolo lapafupi. Popanda izo, pulogalamu ya RSA SecurID imapanga cholakwika. Chizindikiro cha mapulogalamu chimapangidwira dongosolo linalake ndipo, pokhala ndi mwayi wopita ku hardware ya wozunzidwayo, n'zotheka kupeza nambala yeniyeni yoyendetsera pulogalamuyo.
Akatswiri a Fox-IT amati kuti mutsegule chizindikiro (chabedwa), simuyenera kukhala ndi kompyuta ndi chizindikiro cha hardware. Chitsimikizo chonse choyambirira chimadutsa pokhapokha mutalowetsa vekitala yoyambirira - nambala yachisawawa ya 128-bit yogwirizana ndi chizindikiro china (). Nambala iyi ilibe mgwirizano ndi mbewu, yomwe imakhudzana ndi kubadwa kwa chizindikiro chenicheni cha mapulogalamu. Ngati cheke cha SecurID Token Seed chitha kudumpha mwanjira ina (chigamba), ndiye kuti palibe chomwe chingakulepheretseni kupanga ma code ovomerezeka azinthu ziwiri mtsogolomo. Fox-IT imanena kuti kupalambalala cheke kutha kutheka mwa kusintha lamulo limodzi lokha. Pambuyo pake, dongosolo la wozunzidwayo lidzakhala lotseguka kwathunthu ndi mwalamulo kwa wowukirayo popanda kugwiritsa ntchito zida zapadera ndi zipolopolo.
Source: 3dnews.ru