Kuchokera m'buku la "Invasion. Mbiri Yachidule ya Ma Hackers aku Russia"
Mu May chaka chino mu nyumba yosindikizira Individum mtolankhani Daniil Turovsky "Kuukira. Mbiri Yachidule ya Ma Hackers aku Russia." Lili ndi nkhani zochokera kumbali yamdima ya makampani a ku Russia a IT - za anyamata omwe, atayamba kukonda makompyuta, adaphunzira osati kupanga pulogalamu, koma kuba anthu. Bukuli likukula, monga momwe zimachitikiranso - kuchokera ku zigawenga zachinyamata ndi magulu a mabwalo amilandu kupita kuchitetezo chazamalamulo ndi zonyansa zapadziko lonse lapansi.
Daniel anasonkhanitsa zipangizo kwa zaka zingapo, nkhani zina , chifukwa chofotokozeranso zolemba za Daniel, Andrew Kramer wa New York Times adalandira Mphotho ya Pulitzer mu 2017.
Koma kubera - monga umbanda uliwonse - ndi mutu wotsekedwa kwambiri. Nkhani zenizeni zimaperekedwa pakamwa kokha pakati pa anthu. Ndipo bukhuli limapereka chithunzithunzi chosakwanira mwamisala - ngati kuti ngwazi zake zonse zitha kupangidwa kukhala buku la magawo atatu la "momwe zidaliri."
Ndi chilolezo cha wofalitsa, tikufalitsa nkhani yaifupi yokhudza gulu la Lurk, lomwe linabera mabanki aku Russia mu 2015-16.
M'chilimwe cha 2015, Banki Yaikulu yaku Russia idapanga Fincert, malo owunikira ndikuyankha zochitika zamakompyuta pazachuma ndi ngongole. Kupyolera mu izi, mabanki amasinthana zambiri zokhudzana ndi makompyuta, kuwasanthula ndi kulandira malingaliro otetezedwa kuchokera ku mabungwe azamalamulo. Pali kuukira kotereku: Sberbank mu June 2016 Kuwonongeka kwachuma cha Russia kuchokera ku cybercrime kudafika ma ruble 600 biliyoni - nthawi yomweyo banki idapeza kampani yocheperako, Bizon, yomwe imakhudzana ndi chitetezo chazidziwitso chabizinesi.
Poyamba zotsatira za ntchito ya Fincert (kuyambira October 2015 mpaka March 2016) akufotokozera 21 kuukira kwachindunji pa zomangamanga banki; Chifukwa cha zochitikazi, milandu 12 yaupandu idayambitsidwa. Zambiri mwa ziwonetserozi zinali ntchito ya gulu limodzi, lomwe linatchedwa Lurk polemekeza kachilombo ka dzina lomwelo, lopangidwa ndi owononga: ndi chithandizo chake, ndalama zinabedwa kuchokera kumabizinesi amalonda ndi mabanki.
Apolisi ndi akatswiri odziwa zachitetezo cha pa intaneti akhala akuyang'ana mamembala agululi kuyambira 2011. Kwa nthawi yayitali, kufufuzako sikunapambane - pofika chaka cha 2016, gululo linaba ma ruble pafupifupi mabiliyoni atatu kuchokera ku mabanki aku Russia, kuposa owononga ena onse.
Vuto la Lurk linali losiyana ndi ofufuza omwe adakumana nawo m'mbuyomu. Pulogalamuyi itayendetsedwa mu labotale kuti iyesedwe, sinachite kalikonse (ndicho chifukwa chake idatchedwa Lurk - kuchokera ku Chingerezi "kubisala"). Kenako kuti Lurk lapangidwa monga modular dongosolo: pulogalamu pang'onopang'ono katundu midadada zina ndi magwiridwe osiyanasiyana - kuchokera intercepting zilembo analowa pa kiyibodi, logins ndi mapasiwedi kuti athe kulemba kanema mtsinje kuchokera chophimba kompyuta kachilombo.
Kuti afalitse kachilomboka, gululi lidalowa m'mawebusayiti omwe ogwira ntchito ku banki adayendera: kuchokera pa intaneti (mwachitsanzo, RIA Novosti ndi Gazeta.ru) kupita kumabwalo owerengera ndalama. Ma Hackers adapezerapo mwayi pachiwopsezo cha makinawa posinthanitsa zikwangwani zotsatsa ndikugawa pulogalamu yaumbanda kudzera mwa iwo. Pamasamba ena, achiwembu adatumiza ulalo wa kachilomboka mwachidule: pabwalo la magazini yowerengera ndalama, amawonekera mkati mwa sabata nthawi yachakudya chamasana kwa maola awiri, koma ngakhale panthawiyi, Lurk adapeza anthu angapo oyenera.
Mwa kuwonekera pa banner, wogwiritsa ntchitoyo adatengedwera ku tsamba lomwe lili ndi zochitika, pambuyo pake chidziwitso chinayamba kusonkhanitsidwa pa kompyuta yomwe inawukiridwa - owononga ankakonda kwambiri pulogalamu ya banki yakutali. Tsatanetsatane m'malamulo olipira mabanki adasinthidwa ndi zofunika, ndipo kusamutsidwa kosaloledwa kunatumizidwa ku maakaunti amakampani omwe amagwirizana ndi gululo. Malinga ndi Sergei Golovanov wochokera ku Kaspersky Lab, nthawi zambiri, magulu amagwiritsa ntchito makampani a zipolopolo, "omwe ali ofanana ndi kusamutsa ndi kutulutsa ndalama": ndalama zomwe zimalandiridwa zimachotsedwa kumeneko, zimayikidwa m'matumba ndikusiya zizindikiro m'mapaki a mumzinda, kumene owononga amatenga. iwo. Mamembala agululo adabisala zochita zawo mwachangu: adalemba makalata onse atsiku ndi tsiku ndi madambwe olembetsedwa ndi ogwiritsa ntchito zabodza. "Owononga amagwiritsa ntchito VPN katatu, Tor, macheza achinsinsi, koma vuto ndiloti ngakhale makina oyendetsa bwino amalephera," akufotokoza Golovanov. - VPN ikagwa, ndiye kuti macheza achinsinsi sakhala obisika, ndiye, m'malo moyimba kudzera pa Telegalamu, yomwe imatchedwa pafoni. Ichi ndiye chinthu chaumunthu. Ndipo pamene mwakhala mukusonkhanitsa deta kwa zaka zambiri, muyenera kuyang'ana ngozi zoterezi. Zitatha izi, ogwira ntchito zamalamulo amatha kulumikizana ndi othandizira kuti adziwe omwe adayendera ma adilesi awa ndi awa komanso nthawi yanji. Kenako mlanduwo unamangidwa. "
Kumangidwa kwa obera kuchokera ku Lurk ngati filimu yochitapo kanthu. Ogwira ntchito ku Unduna wa Zadzidzidzi adadula maloko m'nyumba zakumidzi ndi m'nyumba za achiwembu m'madera osiyanasiyana a Yekaterinburg, pambuyo pake apolisi a FSB adayamba kukuwa, adagwira akuba ndikuwagwetsera pansi, ndikufufuza malowo. Zitatha izi, okayikirawo adakwera basi, adatengedwa kupita ku bwalo la ndege, adayenda pamsewu wopita kumtunda ndikukwera ndege yonyamula katundu, yomwe idanyamuka kupita ku Moscow.
Magalimoto adapezeka m'magalasi a owononga - mitundu yamtengo wapatali ya Audi, Cadillac, ndi Mercedes. Wotchi yokhala ndi diamondi 272 idapezekanso. zodzikongoletsera zokwanira 12 miliyoni rubles ndi zida. Ponseponse, apolisi adafufuza pafupifupi 80 m'zigawo 15 ndikumanga anthu pafupifupi 50.
Makamaka, akatswiri onse aluso a gululo adamangidwa. Ruslan Stoyanov, wogwira ntchito ku Kaspersky Lab yemwe adachita nawo kafukufuku wamilandu ya Lurk pamodzi ndi mabungwe azamisala, adati oyang'anira amawayang'ana ambiri patsamba lokhazikika kuti alembe anthu ogwira ntchito zakutali. Zotsatsazo sizinanene chilichonse chokhudza kuti ntchitoyo idzakhala yosaloledwa, ndipo malipiro a Lurk adaperekedwa pamwamba pa msika, ndipo zinali zotheka kugwira ntchito kunyumba.
"M'mawa uliwonse, kupatula Loweruka ndi Lamlungu, m'madera osiyanasiyana a Russia ndi Ukraine, anthu ankakhala pansi pamakompyuta awo ndikuyamba kugwira ntchito," adatero Stoyanov. "Opanga mapulogalamu adasintha magwiridwe antchito a mtundu wotsatira [wa kachilomboka], oyesa adayang'ana, kenako munthu yemwe adayang'anira botnet adayika chilichonse ku seva yolamula, kenako zosintha zokha zidachitika pamakompyuta a bot."
Kuganiziridwa kwa mlandu wa gululi kukhoti kunayamba kugwa kwa 2017 ndikupitilira kumayambiriro kwa 2019 - chifukwa cha kuchuluka kwa mlanduwu, womwe uli ndi mabuku pafupifupi mazana asanu ndi limodzi. Loya wowononga akubisa dzina lake kuti palibe m'modzi mwa omwe akuganiziridwa kuti angapange mgwirizano ndi kafukufukuyu, koma ena adavomereza mbali ya milanduyo. "Makasitomala athu adagwira ntchito yopanga magawo osiyanasiyana a kachilombo ka Lurk, koma ambiri samadziwa kuti ndi Trojan," adatero. "Wina adapanga gawo la ma algorithms omwe amatha kugwira ntchito bwino pamainjini osakira."
Mlandu wa mmodzi wa hackers gulu anabweretsedwa mu milandu osiyana, ndipo iye analandira zaka 5, kuphatikizapo kuwakhadzula maukonde la ndege Yekaterinburg.
M'zaka zaposachedwa ku Russia, mautumiki apadera adakwanitsa kugonjetsa magulu ambiri owononga omwe adaphwanya lamulo lalikulu - "Musagwire ntchito pa ru": Carberp (anabera ma ruble pafupifupi biliyoni imodzi ndi theka kuchokera kumabanki aku Russia), Anunak (anabera ma ruble oposa biliyoni kuchokera ku akaunti za mabanki aku Russia), Paunch (adapanga nsanja zowukira zomwe mpaka theka la matenda padziko lonse lapansi adadutsa) ndi zina zotero. Ndalama zomwe magulu otere amapeza zimafanana ndi zomwe amapeza ogulitsa zida, ndipo amakhala ndi anthu ambiri kuphatikiza owononga okha - alonda, madalaivala, osunga ndalama, eni malo omwe zida zatsopano zimawonekera, ndi zina zotero.
Source: www.habr.com