Xirmooyinka xun ayaa sheegay in laga bilaabo Diseembar 2018, koox dambiilayaal internetka ah ay jabsadeen jiheeyayaasha guriga, ugu horrayn moodooyinka D-Link, si ay u beddelaan goobaha server-ka DNS oo ay u joojiyaan taraafikada loogu talagalay mareegaha sharciga ah. Taas ka dib, isticmaalayaasha waxaa loo wareejiyay ilaha been abuurka ah.
Waxaa la sheegay in ujeedadaas awgeed, godadka firmware-ka loo isticmaalo, taas oo u oggolaanaysa isbeddello aan la ogaan karin in lagu sameeyo habdhaqanka router. Liiska aaladaha la beegsanayo ayaa u eg sidan:
- D-Link DSL-2640B - 14327 aaladaha la jebiyey;
- D-Link DSL-2740R - 379 qalab;
- D-Link DSL-2780B - 0 qalab;
- D-Link DSL-526B - 7 qalab;
- ARG-W4 ADSL - 0 qalab;
- DSLink 260E - 7 qalab;
- Secutech - 17 qalab;
- TOTOLINK - 2265 qalab.
Taasi waa, laba nooc oo keliya ayaa u adkaystay weerarrada. Waxaa la xusay in saddex mowjadood oo weerar ah la qaaday: December 2018, billowgii bishii February iyo dhammaadkii bishii March ee sanadkan. Hackers-ka ayaa la sheegay in ay adeegsadeen ciwaannada IP-yada ee server-yada soo socda:
- 144.217.191.145;
- 66.70.173.48;
- 195.128.124.131;
- 195.128.126.165.
Mabda'a hawlgalka ee weerarrada noocan oo kale ah waa mid fudud - goobaha DNS ee router waa la beddelaa, ka dib markii ay u wareejiso isticmaalaha goobta clone, halkaas oo looga baahan yahay inay galaan galitaanka, erayga sirta ah iyo xogta kale. Kadib waxay u tagaan tuugada. Dhammaan milkiilayaasha moodooyinka kor ku xusan waxaa lagula talinayaa inay cusboonaysiiyaan firmware-ka routerkooda sida ugu dhakhsaha badan.
Waxa xiiso leh, weerarrada noocan oo kale ah hadda aad bay u naadir yihiin; waxay caan ahaayeen horraantii 2000aadkii. Inkasta oo sannadihii u dambeeyay si xilliyo ah loo isticmaali jiray. Sidaa darteed, 2016, weerar ballaaran ayaa la duubay iyadoo la adeegsanayo xayaysiisyada router-ka ee Brazil.
Bilowgii 2018, waxaa la qaaday weerar kaas oo u weeciyey isticmaaleyaasha goobaha leh malware-ka Android.
Source: 3dnews.ru