Musoro wekoronavirus nhasi wazadza ese mafeed enhau, uye zvakare yave iyo huru leitmotif yeakasiyana zviitiko zvevanorwisa vachishandisa musoro weCCIDID-19 uye zvese zvine chekuita nazvo. Muchinyorwa ichi, ndinoda kutarisisa kune mimwe mienzaniso yezviitwa zvakashata zvakadaro, izvo, zvechokwadi, hazvisi chakavanzika kune vazhinji vezvekuchengetedza ruzivo nyanzvi, asi pfupiso iyo mune imwe chinyorwa ichaita kuti zvive nyore kugadzirira iwe pachako kuziva. -kusimudza zviitiko zvevashandi, vamwe vavo vanoshanda kure uye vamwe vanotapukirwa nekutyisidzira kwakasiyana-siyana kwekuchengetedza ruzivo kupfuura kare.
Nguva yekutarisira kubva kuUFO
Nyika yakazivisa zviri pamutemo denda reCCIDID-19, hutachiona hunotyisa hwekufema hunokonzerwa neSARS-CoV-2 coronavirus (2019-nCoV). Pane ruzivo rwakawanda paHabrΓ© pane iyi nyaya - gara uchiyeuka kuti inogona kuve yakavimbika / inobatsira uye neimwe nzira.
Tinokukurudzira kuti utsoropodze chero ruzivo rwakaburitswa.
Zvinyorwa zvepamutemo
- Mawebhusaiti uye mapoka epamutemo emahofisi makuru anoshanda mumatunhu
Kana iwe usingagari muRussia, ndapota tarisa kune akafanana saiti munyika yako.
Geza maoko ako, chengeta vadikani vako, gara pamba kana zvichiita uye shanda kure.Verenga zvinyorwa nezve: |
Zvinofanira kucherechedzwa kuti hapana kutyisidzira kutsva kwakabatana nekoronavirus nhasi. Asi, isu tiri kutaura nezve kurwisa mavector ayo atove echinyakare, anongoshandiswa mu "sosi" nyowani. Saka, ini ndaizodaidza akakosha marudzi ekutyisidzira:
- phishing saiti uye tsamba dzenhau dzine hukama nekoronavirus uye ine hukama hutsinye kodhi
- Hutsotsi uye disinformation yakanangana nekushandisa kutya kana ruzivo rusina kukwana nezveCOVID-19
- kurwiswa nemasangano anobatanidzwa mukutsvagisa coronavirus
MuRussia, uko vagari vetsika havavimbi nezviremera uye vachitenda kuti vari kuvanza chokwadi kubva kwavari, mukana wekubudirira "kusimudzira" nzvimbo dzekubira uye zvinyorwa zvekutumira, pamwe nezviwanikwa zvekubiridzira, wakakwira zvakanyanya kupfuura munyika dzakavhurika zvakanyanya. zviremera. Kunyangwe nhasi pasina munhu anogona kuzviona akadzivirirwa zvachose kubva kune vanogadzira cyber frauds vanoshandisa ese ekare kushaya simba kwemunhu - kutya, tsitsi, makaro, nezvimwe.
Tora, semuenzaniso, saiti yehutsotsi inotengesa masiki ekurapwa.
Imwe saiti yakafanana, CoronavirusMedicalkit[.]com, yakavharwa nevakuru veUS pakugovera mushonga usipo weCCIDID-19 mahara uine "chete" yekutumira mushonga. Muchiitiko ichi, nemutengo wakaderera wakadaro, kuverenga kwaive kwekukurumidza kudiwa kwemushonga mumamiriro ekutya muUnited States.
Iyi haisi yemhando yepamusoro cyber kutyisidzira, sezvo basa revanorwisa mune iyi kesi harisi rekutapurira vashandisi kana kuba dhata ravo kana ruzivo rwechitupa, asi nekungotya kutya kuvamanikidza kuti vatore masiki ekurapa nemitengo yakakwira. ne5-10-30 nguva inodarika mutengo chaiwo. Asi iro zano chairo rekugadzira webhusaiti yekunyepedzera kushandisa iyo coronavirus theme iri kushandiswawo nemacybercriminals. Semuenzaniso, heino saiti ine zita rine kiyi yezwi rekuti "covid19", asi iri zvakare saiti yekubira.
Kazhinji, kutarisa zuva nezuva basa redu rekuferefeta chiitiko , unoona kuti mangani madomasi ari kugadzirwa ane mazita ane mazwi anoti covid, covid19, coronavirus, nezvimwe. Uye vazhinji vavo vane hutsinye.
Munzvimbo umo vamwe vashandi vekambani vanoendeswa kunoshanda kubva kumba uye vasina kuchengetedzwa nematanho ekuchengetedza emakambani, zvakakosha kupfuura nakare kose kutarisa zviwanikwa zvinowanikwa kubva kuvashandi venharembozha uye desktop zvishandiso, vachiziva kana vasina. ruzivo. Kana usiri kushandisa sevhisi kuona uye kuvharisa madomasi akadaro (uye Cisco yekubatanidza kune iyi sevhisi yave yemahara), wobva wagadzirisa yako Webhu yekutarisa mhinduro dzekutarisa madomain ane akakodzera mazwi. Panguva imwecheteyo, yeuka kuti maitiro echinyakare ekudaira mazita, pamwe nekushandisa mukurumbira dhatabhesi, anogona kutadza, sezvo nzvimbo dzine hutsinye dzakagadzirwa nekukurumidza uye dzinoshandiswa mukurwiswa kwe1-2 chete kwemaawa mashoma - ipapo iyo vanorwisa vanochinja kune itsva ephemeral domains. Makambani ekuchengetedza ruzivo haana nguva yekukasira kugadzirisa mabhesi eruzivo uye kugovera kune vese vatengi vavo.
Varwi vanoramba vachibiridzira email chiteshi kugovera phishing link uye malware mune zvakabatanidzwa. Uye kushanda kwavo kwakakwira zvakanyanya, sezvo vashandisi, vachiri kugamuchira zviri pamutemo nhau dzetsamba nezve coronavirus, havagone kugara vachiziva chimwe chinhu chakaipa muhuwandu hwavo. Uye nepo huwandu hwevanhu vane hutachiona huri kuramba huchikura, huwandu hwekutyisidzira kwakadaro huchakurawo.
Semuyenzaniso, izvi ndizvo zvakaita muenzaniso weiyo phishing email inomiririra CDC inotaridzika se:
Kutevera chinongedzo, hongu, hakutungamiri kune webhusaiti yeCDC, asi kune peji rekunyepedzera rinoba rekupinda nepassword yemunhu akabatwa:
Heino muenzaniso weiyo phishing email inonzi yakamiririra World Health Organisation:
Uye mumuenzaniso uyu, vanorwisa vari kuverenga pamusoro pekuti vanhu vazhinji vanotenda kuti zviremera zviri kuvanza chiyero chechokwadi chehutachiona kubva kwavari, uye nekudaro vashandisi nemufaro uye pasina kuzeza tinya pane aya marudzi emabhii ane hutsinye zvinongedzo kana zvakabatanidzwa izvo. Zvinofungidzirwa kuti achazivisa zvakavanzika zvese.
Nenzira, kune saiti yakadaro , iyo inokubvumira kuti utarise zviratidzo zvakasiyana-siyana, semuenzaniso, kufa, nhamba yevanoputa, huwandu hwevanhu munyika dzakasiyana, nezvimwe. Iyo webhusaiti zvakare ine peji yakatsaurirwa kune coronavirus. Uye saka pandakaenda kwairi munaKurume 16, ndakaona peji iro kwechinguva rakaita kuti ndisave nechokwadi kuti zviremera zvaitiudza chokwadi (handizive kuti chikonzero chenhamba idzi chii, pamwe kukanganisa):
Imwe yezvivakwa zvakakurumbira zvinoshandiswa nevanorwisa kutumira maemail akafanana Emotet, imwe yenjodzi uye yakakurumbira kutyisidzira munguva pfupi yapfuura. Zvinyorwa zveshoko zvakanamirwa kumameseji eemail zvine maEmotet downloaders, ayo anoisa mamodule matsva akaipa pakombuta yemunhu anenge abatwa. Emotet yakatanga kushandiswa kusimudzira zvinongedzo kunzvimbo dzechitsotsi dzinotengesa masiki ekurapa, yakanangana nevagari vekuJapan. Pazasi iwe unoona mhedzisiro yekuongorora faira rakashata uchishandisa sandboxing , iyo inoongorora mafaera kune zvakaipa.
Asi vanorwisa havashandise kwete kugona kuvhura muMS Word chete, asiwo mune mamwe maapplication eMicrosoft, semuenzaniso, muMS Excel (ndiwo maitiro eAPT36 hacker boka), vachitumira kurudziro yekurwisa coronavirus kubva kuHurumende yeIndia ine Crimson. RAT:
Imwe mushandirapamwe wakashata unoshandisa iyo coronavirus theme ndeye Nanocore RAT, iyo inokutendera iwe kuti uise zvirongwa pamakomputa akabatwa kuti asvike kure, kubata keyboard sitiroko, kutora mifananidzo yekrini, kuwana mafaera, nezvimwe.
Uye Nanocore RAT inowanzoendeswa ne-e-mail. Semuenzaniso, pazasi iwe unoona muenzaniso meseji meseji ine yakasungirirwa ZIP archive ine ino itwa yePIF faira. Nekudzvanya pafaira rinogoneka, munhu anenge abatwa anoisa chirongwa chekusvika kure (Remote Access Tool, RAT) pakombuta yake.
Heano mumwe muenzaniso wemushandirapamwe parasitic pane musoro weCOVID-19. Mushandisi anogashira tsamba nezvekuti kunonoka kutumirwa nekuda kwekoronavirus ine invoice yakanamirwa pamwe nekuwedzera .pdf.ace. Mukati meiyo compressed archive mune zvinogoneka zvemukati zvinomisikidza chinongedzo kune yekuraira uye control server kugamuchira yakawedzera mirairo uye kuita zvimwe zvinangwa zveanorwisa.
Parallax RAT ine kushanda kwakafanana, iyo inogovera faira inonzi "nyowani ine hutachiona CORONAVIRUS sky 03.02.2020/XNUMX/XNUMX.pif" uye iyo inoisa chirongwa chakaipa chinopindirana nemirairo yayo sevha kuburikidza neDNS protocol. EDR kirasi yekudzivirira maturusi, muenzaniso wayo uri , uye kana NGFW ichabatsira kutarisa kutaurirana nemaseva ekuraira (semuenzaniso, ), kana DNS yekutarisa maturusi (semuenzaniso, ).
Mumuenzaniso uri pazasi, kure kure yekuwana malware yakaiswa pakombuta yemunhu akabatwa uyo, nekuda kwechimwe chikonzero chisingazivikanwe, akatenga mukushambadzira kuti chirongwa chenguva dzose antivirus chakaiswa paPC chinogona kudzivirira kubva kuCOVID-19 chaiyo. Uye shure kwezvose, mumwe munhu akawira nokuda kwejoke rakadaro.
Asi pakati pemarware pane zvakare zvimwe zvinhu zvinoshamisa. Semuenzaniso, majee mafaira anotevedzera basa re ransomware. Mune imwe nyaya, yedu Cisco Talos chikamu faira rakanzi CoronaVirus.exe, iro rakavhara chidzitiro panguva yekuurayiwa ndokutanga timer uye meseji "kubvisa mafaera ese nemaforodha pakombuta iyi - coronavirus."
Pakapedza kuverenga pasi, bhatani riri pazasi rakatanga kushanda uye paradzvanywa, meseji inotevera yakaratidzwa, ichiti uku kwaive kuseka uye kuti unofanira kudzvanya Alt+F12 kupedzisa chirongwa.
Kurwisa mameseji ane hutsinye kunogona kuve otomatiki, semuenzaniso, kushandisa , iyo inokubvumira kuti uone kwete chete zvakashata zvirimo mune zvakabatanidzwa, asi zvakare tevera phishing link uye kudzvanya pazviri. Asi kunyangwe mune iyi kesi, haufanirwe kukanganwa nezve kudzidzisa vashandisi uye kugara uchiitisa phishing simulations uye cyber maekisesaizi, ayo anogadzirira vashandisi kune akasiyana matipi evanorwisa anonangana nevashandisi vako. Kunyanya kana vakashanda kure uye kuburikidza neemail yavo yega, hutsinye kodhi inogona kupinda mukati mekambani kana yedhipatimendi network. Pano ndinogona kukurudzira mhinduro itsva , iyo inobvumira kwete chete kuita micro- uye nano-kudzidziswa kwevashandi panyaya dzekuchengetedza ruzivo, asiwo kuronga phishing simulations kwavari.
Asi kana nekuda kwechimwe chikonzero iwe usati wagadzirira kushandisa zvigadziriso zvakadaro, saka zvakakosha kuronga mameseji enguva dzose kune vashandi vako nechiyeuchidzo chengozi ye phishing, mienzaniso yayo uye runyorwa rwemitemo yemaitiro akachengeteka (chinhu chikuru ndechekuti vanorwisa havazvivanze saivo ). Nenzira, imwe yenjodzi inogona kuitika parizvino ndeye phishing mailings kuita setsamba kubva kune yako manejimendi, iyo inonzi inotaura nezvemitemo mitsva uye maitiro ebasa kure, inosungirwa software inofanirwa kuiswa pamakomputa ari kure, nezvimwe. Uye usakanganwa kuti kuwedzera kune email, ma cybercriminals anogona kushandisa pakarepo vatumwa uye masocial network.
Murudzi urwu rwekutumira kana chirongwa chekusimudzira ruzivo, unogona kusanganisira iyo yatove yemhando yemepu yekunyepedzera yechirwere checonavirus, yaive yakafanana neiyo. Johns Hopkins University. Musiyano yaive yekuti kana uchinge uchinge uchinge uchinge uchinge uchinge uchinge uchinge uchinge uchinge uchinge uchinge uchinge uchinge uchinge uchinge uchinge uchinge uchinge uchinge uchinge uchinge uchinge uchinge uchinge uchinge uchinge uchinge uchinge uchinge uchinge uchinge uchinge uchinge uchinge uchinge uchinge uchinge uchinge uchinge uchinge uchinge waiswa pakombiyuta yemushandisi, iyo yakaba ruzivo rweakaundi yevashandisi ndokuitumira kune cybercriminals. Imwe vhezheni yechirongwa chakadaro yakagadzirawo RDP yekubatanidza yekuwana kure kune komputa yemunhu akabatwa.
Nenzira, nezveRDP. Iyi imwe vheji yekurwisa iyo vanorwisa vari kutanga kushandisa zvakanyanya panguva yedenda re coronavirus. Makambani mazhinji, kana achichinjira kumabasa ari kure, anoshandisa masevhisi akadai seRDP, ayo, kana akagadziridzwa zvisizvo nekuda kwekukasira, anogona kutungamira kune vanorwisa vachipinda vese vari kure mushandisi makomputa uye mukati memakambani ehupfumi. Uyezve, kunyangwe nekurongeka kwakaringana, kuita kwakasiyana kweRDP kunogona kuve nekusagadzikana kunogona kushandiswa nevanorwisa. Somuenzaniso, Cisco Talos kusazvibata kwakawanda muFreeRDP, uye muna Chivabvu gore rapfuura, njodzi yakaoma CVE-2019-0708 yakawanikwa muMicrosoft Remote Desktop sevhisi, iyo yakabvumira kupokana kodhi kuti iitwe pakombuta yemunhu akabatwa, malware kuunzwa, nezvimwe. Katsamba kake nezvake kakatoparadzirwa , uye, semuenzaniso, Cisco Talos kurudziro yekudzivirirwa kwairi.
Pane mumwe muenzaniso wekushandiswa kweiyo coronavirus theme - kutyisidzira chaiko kwehutachiona hwemhuri yemunhu akabatwa kana vakaramba kubhadhara rudzikinuro muma bitcoins. Kuwedzera mhedzisiro, kupa kukosha kwetsamba uye kugadzira pfungwa yesimba rese reanobira, password yemunhu akabatwa kubva kune imwe yeakaundi yake, yakawanikwa kubva kuruzhinji dhatabhesi yelogins nemapassword, yakaiswa muzvinyorwa zvetsamba.
Mune mumwe wemienzaniso iri pamusoro, ndakaratidza meseji yekubira kubva kuWorld Health Organisation. Uye heino mumwe muenzaniso umo vashandisi vanokumbirwa rubatsiro rwemari kurwisa COVID-19 (kunyangwe mumusoro uri mumutumbi wetsamba, izwi rekuti "DONATION" rinobva raonekwa). Uye vanokumbira rubatsiro mumabitcoins ekudzivirira kubva cryptocurrency tracking.
Uye nhasi kune mienzaniso yakawanda yakadaro inoshandisa tsitsi dzevashandisi:
Bitcoins ine hukama neCOVID-19 neimwe nzira. Semuenzaniso, izvi ndizvo izvo mameseji anogamuchirwa nevagari veBritish vazhinji vakagara pamba uye vasingakwanisi kuwana mari vakaita senge (muRussia zvino zvichave zvakakosha).
Achiita seanozivikanwa mapepanhau nenzvimbo dzenhau, mameseji aya anopa mari iri nyore nekuchera cryptocurrencies panzvimbo dzakakosha. Muchokwadi, mushure menguva yakati, unogamuchira meseji yekuti mari yawakawana inogona kubviswa kune yakakosha account, asi iwe unofanirwa kuendesa mutero mudiki zvisati zvaitika. Zviri pachena kuti mushure mekugamuchira mari iyi, vanyengeri havatumire chero chinhu mukudzoka, uye mushandisi anonyengera anorasikirwa nemari yakatamiswa.
Pane kumwe kutyisidzira kwakabatana neWorld Health Organisation. MaHackers akabira maDNS marongero eD-Link uye Linksys routers, anowanzo shandiswa nevashandisi vekumba nemabhizinesi madiki, kuitira kuti vaendese kune webhusaiti yenhema ine yambiro yepop-up nezve kudiwa kwekuisa iyo WHO app, inovachengeta. kusvika parizvino nenhau dzichangoburwa nezve coronavirus. Zvakare, iyo application pachayo yaive neiyo yakaipa chirongwa Oski, iyo inoba ruzivo.
Pfungwa yakafanana neyekushandisa ine mamiriro azvino ehutachiona hweCCIDID-19 inoshandiswa neiyo Android Trojan CovidLock, iyo inogoverwa kuburikidza nechikumbiro chinonzi "chakasimbiswa" neUS Department of Education, WHO uye Center for Epidemic Control ( CDC).
Vazhinji vashandisi nhasi vari kuzviparadzanisa nevamwe uye, vasingade kana kusakwanisa kubika, vanoshingairira kushandisa masevhisi ekutumira chikafu, girosari kana zvimwe zvinhu, senge bepa rechimbuzi. Vanorwisa vakagonawo iyi vector nekuda kwezvinangwa zvavo. Semuenzaniso, izvi ndizvo zvinoita webhusaiti ine hutsinye, yakafanana neyepamutemo sosi yeCanada Post. Iyo link kubva kuSMS yakagamuchirwa nemunhu akabatwa inotungamira kune webhusaiti iyo inoshuma kuti chigadzirwa chakarairwa hachigone kuendeswa nekuti chete $3 yakashaikwa, iyo inofanirwa kubhadharwa yakawedzerwa. Muchiitiko ichi, mushandisi anotungamirirwa kune peji apo anofanira kuratidza tsanangudzo yekadhi rake rechikwereti ... nemigumisiro yese inotevera.
Mukupedzisa, ndinoda kupa mimwe mienzaniso miviri yekutyisidzira kwecyber zvine chekuita neCOVID-19. Semuenzaniso, mapulagi "COVID-19 Coronavirus - Rarama Mepu WordPress Plugin", "Coronavirus Spread Prediction Graphs" kana "Covid-19" akavakirwa mumasaiti achishandisa yakakurumbira WordPress injini uye, pamwe nekuratidza mepu yekupararira kweiyo. coronavirus, zvakare ine WP-VCD malware. Uye iyo kambani Zoom, iyo, mushure mekukura kwenhamba yezviitiko zvepamhepo, yakave yakakurumbira, yakatarisana neyakanzi nenyanzvi "Zoombombing." Ivo vanorova, asi chokwadi vakajairwa porn trolls, akabatana ne online chats nemisangano yepamhepo uye airatidza akasiyana mavhidhiyo anonyadzisa. Nenzira, kutyisidzira kwakafanana kunowanikwa nhasi nemakambani eRussia.
Ini ndinofunga vazhinji vedu tinogara tichitarisa zviwanikwa zvakasiyana, zvese zviri pamutemo uye kwete zviri pamutemo, nezve mamiriro azvino denda. Varwi vari kushandisa nyaya iyi, vachitipa ruzivo "rwezvino" nezve coronavirus, kusanganisira ruzivo "rwekuti zviremera zvakakuvanzira iwe." Asi kunyange vashandisiwo zvavo munguva pfupi yapfuura vakabatsira varwisi nekutumira macode echokwadi chakasimbiswa kubva kuβvanozivanaβ uye βshamwari.β Nyanzvi dzepfungwa dzinoti kuita kwakadai kwevashandisi ve "alarmist" vanotumira zvese zvinouya mumunda wavo wekuona (kunyanya mumasocial network uye vatumwa vepakarepo, vasina nzira dzekudzivirira pakutyisidzira kwakadaro), vanovabvumira kuti vanzwe vachibatanidzwa mukurwisa. kutyisidzira kwepasirese uye, kutonzwa kunge magamba ari kuponesa nyika kubva kukoronavirus. Asi, zvinosuruvarisa, kushaikwa kweruzivo rwakakosha kunotungamira kune chokwadi chekuti izvi zvinangwa zvakanaka "zvinotungamira munhu wese kugehena," zvichigadzira kutyisidzira kutsva kwecybersecurity uye kuwedzera huwandu hwevakabatwa.
Muchokwadi, ini ndaigona kuenderera nemienzaniso yekutyisidzira kwecyber zvine chekuita nekoronavirus; Uyezve, matsotsi epamhepo haamire uye anouya nenzira nyowani dzekushandisa zvishuwo zvevanhu. Asi ndinofunga tinogona kugumira ipapo. Mufananidzo wacho watove wakajeka uye unotiudza kuti munguva pfupi iri kutevera mamiriro acho achatowedzera kuipa. Nezuro, zviremera zveMoscow zvakaisa guta revanhu vane mamiriyoni gumi pasi pekuzviparadzanisa nevamwe. Zviremera zvenharaunda yeMoscow nedzimwe nharaunda dzakawanda dzeRussia, pamwe chete nevavakidzani vedu vepedyo munzvimbo yaichimbova yeSoviet Union, vakaita zvimwe chetezvo. Izvi zvinoreva kuti nhamba yevanogona kushungurudzwa nevanoparwa nedandemutande ichawedzera kakawanda. Naizvozvo, zvakakosha kuti usangofunga nezve yako chengetedzo nzira, iyo kusvika nguva pfupi yadarika yanga yakatarisana nekuchengetedza chete kambani kana yedhipatimendi network, uye kuongorora kuti ndeapi maturusi ekudzivirira ausina, asi zvakare uchifunga nezvemienzaniso yakapihwa muchirongwa chako chekuzivisa vashandi. kuve chikamu chakakosha cheruzivo rwekuchengetedza system yevashandi vari kure. A vakagadzirira kukubatsira neizvi!
PS. Mukugadzirira chinyorwa ichi, zvinhu kubva kuCisco Talos, Naked Security, Anti-Phishing, Malwarebytes Lab, ZoneAlarm, Reason Security uye RiskIQ makambani, Dhipatimendi reU.
Source: www.habr.com