Chidimbu kubva mubhuku rinonzi βInvasion. Nhoroondo Pfupi yeRussia Hackers"
Muna Chivabvu gore rino mune yekutsikisa imba Individum mutori wenhau Daniil Turovsky "Kupinda. Nhoroondo Pfupi yeRussia Hackers." Iine nyaya kubva kudivi rakasviba reRussia IT indasitiri - nezve vakomana avo, vakawira murudo nemakomputa, vakadzidza kwete kungoita chirongwa, asi kubira vanhu. Iri bhuku rinokura, senge chiitiko pachacho - kubva kuhutsotsi hwevechiri kuyaruka uye mapato emaforamu kuenda kumabasa ekuchengetedza mutemo uye kunyomba kwenyika.
Danieri akaunganidza zvinhu kwemakore akati wandei, dzimwe nyaya , nekuda kwekudzokorora kwake kwezvinyorwa zvaDaniel, Andrew Kramer weNew York Times akagamuchira Mubairo wePulitzer muna 2017.
Asi kubira, semhosva chero ipi zvayo, yakavharwa zvakanyanya musoro. Nyaya chaidzo dzinopfuudzwa nemuromo chete pakati pevanhu. Uye bhuku rinosiya fungidziro yekusakwana kwekuda kuziva - sekunge rimwe nerimwe regamba raro rinogona kuunganidzwa kuita bhuku rine mavhoriyamu matatu ekuti "zvaive chaizvo."
Nemvumo yemuparidzi, tiri kubudisa chidimbu chipfupi pamusoro peboka reLurk, iro rakabira mabhanga eRussia muna 2015-16.
Muzhizha ra2015, Russian Central Bank yakagadzira Fincert, nzvimbo yekutarisa uye kupindura kune zviitiko zvekombuta muchikwereti uye chikamu chemari. Kuburikidza nazvo, mabhanga anotsinhana ruzivo nezve kurwiswa kwekombuta, ongorora uye kugamuchira kurudziro pamusoro pekudzivirirwa kubva kumasangano ehungwaru. Kune dzakawanda kurwisa kwakadaro: Sberbank muna June 2016 kurasikirwa kwehupfumi hweRussia kubva kune cybercrime yakasvika ku600 bhiriyoni rubles - panguva imwechete iyo bhangi yakawana imwe kambani inotsigira, Bizon, inobata nekuchengetedzwa kweruzivo rwebhizinesi.
Mukutanga mhedzisiro yebasa raFincert (kubva muna Gumiguru 2015 kusvika Kurume 2016) inotsanangura 21 yakanangana nekurwiswa kwezvivakwa zvebhangi; Nekuda kwezviitiko izvi, mhosva gumi nembiri dzakatangwa. Zvizhinji zvekurwiswa uku kwaive basa reboka rimwe chete, iro rakanzi Lurk mukukudza hutachiona hwezita rimwe chete, rakagadzirwa nevabiki: nerubatsiro rwayo, mari yakabiwa kubva kumabhizinesi ekutengesa nemabhangi.
Mapurisa nenyanzvi dzezvekuchengetedzwa kwepamhepo vanga vachitsvaga nhengo dzeboka kubva 2011. Kwenguva yakareba, kutsvaga hakuna kubudirira - muna 2016, boka racho rakaba anenge mabhiriyoni matatu rubles kubva kumabhangi eRussia, kupfuura mamwe mabheji.
Hutachiona hwaLurk hwaive hwakasiyana nehwaive hwambosangana nevaongorori. Apo chirongwa ichi chaiitwa murabhoritari yekuongororwa, hapana chaakaita (ndicho chikonzero chakanzi Lurk - kubva kuChirungu "kuvanda"). Gare gare iyo Lurk yakagadzirwa seyo modular system: chirongwa ichi zvishoma nezvishoma chinotakura mamwe mabhuroki ane akasiyana mashandiro - kubva pakutemesa mavara anopinda pa keyboard, logins uye passwords kusvika pakukwanisa kurekodha vhidhiyo rwizi kubva pachiratidziro chekombuta ine hutachiona.
Kuparadzira hutachiona, boka rakavharira mawebhusaiti akashanyirwa nevashandi vebhangi: kubva pamhepo media (semuenzaniso, RIA Novosti neGazeta.ru) kuenda kumaforamu e accounting. MaHackers akashandisa kusagadzikana muhurongwa hwekuchinjana mabhena ekushambadzira uye kugovera malware kuburikidza navo. Pane mamwe mawebhusaiti, matsotsi akatumira chinongedzo kuhutachiona kwenguva pfupi: paforamu yerimwe remagazini eakaunzi, yaionekwa pakati pevhiki panguva yekudya kwemasikati kwemaawa maviri, asi kunyangwe panguva iyi, Lurk akawana vanhu vakati wandei vakakodzera.
Nekudzvanya pabhanari, mushandisi akaendeswa kune peji ine zviitiko, mushure mezvo ruzivo rwakatanga kuunganidzwa pamakomputa akarwiswa - vapambi vainyanya kufarira chirongwa chekubhengi kure. Tsanangudzo mumirau yekubhadhara kwebhangi yakatsiviwa neinodiwa, uye kutamiswa kusina mvumo kwakatumirwa kumaakaundi emakambani akabatana neboka. Maererano naSergei Golovanov kubva kuKaspersky Lab, kazhinji mumamiriro ezvinhu akadaro, mapoka anoshandisa makambani ehombodo, "ayo akafanana nekufambisa uye kubvisa mari": mari inogamuchirwa inotorwa ipapo, inoiswa mumabhegi uye yakasiiwa mabhukumaki mumapaki eguta, uko vatengesi vanotora. ivo . Nhengo dzeboka dzakanyatsovanza zviito zvavo: vakanyora tsamba dzese dzemazuva ese uye nzvimbo dzakanyoreswa nevashandisi venhema. "Vanorwisa vanoshandisa katatu VPN, Tor, chats dzepachivande, asi dambudziko nderekuti kunyange nzira inoshanda zvakanaka inotadza," anotsanangura kudaro Golovanov. - Kana iyo VPN inodonha, ipapo chat chakavanzika chinobva chave chisina kuvanzika, ipapo imwe, panzvimbo yekufona kuburikidza neTeregiramu, inongodaidzwa kubva parunhare. Ichi ndicho chikonzero chemunhu. Uye kana wanga uchiunganidza dhatabhesi kwemakore, unofanirwa kutsvaga njodzi dzakadai. Mushure meizvi, vezvemitemo vanogona kubata vanopa kuti vaone kuti ndiani akashanyira yakadai uye yakadai kero yeIP uye panguva ipi. Zvino nyaya yacho inovakwa. "
Kuvharirwa kwematsotsi kubva kuLurk kunge firimu rekuita. Vashandi veMinistry of Emergency Situations vakacheka makiyi mudzimba dzekumaruwa nedzimba dzevapambi munzvimbo dzakasiyana dzeYekaterinburg, mushure mezvo mapurisa eFSB akaridza mhere, akabata matsotsi ndokuakanda pasi, ndokusecha nzvimbo yacho. Mushure meizvi, vanofungidzirwa vakaiswa mubhazi, vakaendeswa kunhandare yendege, vakafamba mumugwagwa uye vakaendeswa kune imwe ndege inotakura zvinhu, iyo yakaenda kuMoscow.
Mota dzakawanikwa mumagaraji evabiki - inodhura Audi, Cadillac, uye Mercedes modhi. Wachi yaive yakavharwa ne272 madhaimondi yakawanikwa zvakare. zvishongo zvakakosha 12 miriyoni rubles nezvombo. Pakazara, mapurisa akaita zvekusecha makumi masere mumatunhu gumi nemashanu uye akasunga vanhu vangangosvika makumi mashanu.
Kunyanya, vese nyanzvi dzehunyanzvi dzeboka dzakasungwa. Ruslan Stoyanov, mushandi weKaspersky Lab aipinda mukuferefetwa kwemhosva dzeLurk pamwe nevehungwaru masevhisi, akati manejimendi akatsvaga mazhinji acho panzvimbo dzenguva dzose dzekuunganidza vashandi vebasa riri kure. Zviziviso zvacho hazvina kutaura chero chinhu pamusoro pekuti basa racho raizove risiri pamutemo, uye muhoro wepaLurk wakapihwa pamusoro pemusika, uye zvaikwanisika kushanda kubva kumba.
"Mangwanani oga oga, kunze kwekupera kwevhiki, munzvimbo dzakasiyana dzeRussia neUkraine, vanhu vaigara pasi pamakombiyuta avo ndokutanga kushanda," Stoyanov akatsanangura. "Vagadziri vakagadzirisa mashandiro eiyo inotevera vhezheni [yehutachiona], vaedzi vakaitarisa, zvino munhu aitarisira botnet akaisa zvese kune server yekuraira, mushure mezvo otomatiki zvigadziriso zvakaitika pamakomputa ebhoti."
Kutariswa kwenyaya yeboka mudare kwakatanga mukudonha kwe2017 uye kwakaenderera mberi kwekutanga kwe2019 - nekuda kwehuwandu hwenyaya, iyo ine mazana matanhatu mavhoriyamu. Hacker lawyer rinovanza zita raro kuti hapana mumwe wevanopomerwa achaita chibvumirano nekuferefeta, asi vamwe vakabvuma chikamu chemhosva. "Vatengi vedu vakaita basa rekugadzira zvikamu zvakasiyana zvehutachiona hweLurk, asi vazhinji vanga vasingazive kuti yaive Trojan," akatsanangura. "Mumwe munhu akaita chikamu chealgorithms inogona kushanda zvinobudirira mumainjini ekutsvaga."
Mhosva yemumwe wevabiki veboka yakaunzwa mumatare akasiyana, uye akagamuchira makore mashanu, kusanganisira yekubira network yeYekaterinburg airport.
Mumakumi emakore achangopfuura muRussia, masevhisi akakosha akakwanisa kukunda ruzhinji rwemapoka makuru ehacker akatyora mutemo mukuru - "Usashande paru": Carberp (akaba bhiriyoni imwe nehafu rubles kubva kumaakaundi emabhangi eRussia), Anunak (akaba anopfuura bhiriyoni rubles kubva kuakaundi yemabhangi eRussia), Paunch (vakagadzira mapuratifomu ekurwiswa ayo anosvika hafu yezvirwere pasi rese zvakapfuura) zvichingodaro. Mari yemapoka akadaro inofananidzwa nemari yevatengesi vezvombo, uye inosanganisira vanhu vazhinji kuwedzera kune vanobira ivo pachavo - varindi vekuchengetedza, vatyairi, vanotora mari, varidzi vesaiti kunowanikwa zvitsva, zvichingodaro.
Source: www.habr.com