Abaphandi baye bafumanisa i-clone entsha ye-Mirai botnet eyaziwayo, ejoliswe kwizixhobo ze-IoT. Ngeli xesha, izixhobo ezizinzisiweyo ezilungiselelwe ukusetyenziswa kwiindawo zoshishino ziphantsi komngcipheko. Eyona njongo yabahlaseli kukulawula izixhobo ezine-bandwidth kunye nokwenza uhlaselo olukhulu lwe-DDoS.
NONE
Ngexesha lokubhalwa kwenguqulelo, andizange ndiyazi ukuba i-hub yayisele ikhona .
Ababhali beMirai yokuqala sele bebanjwe, kodwa ukufumaneka , epapashwe kwi-2016, ivumela abahlaseli abatsha ukuba benze i-botnets yabo ngokusekelwe kuyo. Umzekelo, и .
I-Mirai yasekuqaleni yavela kwi-2016. Isulele iirotha, iikhamera ze-IP, ii-DVR kunye nezinye izixhobo ezihlala zinegama lokugqitha elingagqibekanga, kunye nezixhobo ezisebenzisa iinguqulelo eziphelelwe lixesha zeLinux.
Uhlobo olutsha lweMirai lujolise kwizixhobo zoshishino
I-botnet entsha yafunyanwa liqela labaphandi ukusuka kwiNethiwekhi yePalo Alto. Iyahluka kwezinye iiclones kuba yenzelwe izixhobo zoshishino, kuquka i-WePresent WiPG-1000 iisistim zokubonisa ngaphandle kwamacingo kunye ne-LG Supersign TVs.
I-remote access exeqution exploit ye-LG Supersign TVs (CVE-2018-17173) yenziwe yafumaneka ngoSeptemba kulo nyaka uphelileyo. Kwaye ngenxa ye-WePresent WiPG-1000, yapapashwa ngo-2017. Iyonke, i-bot ixhotyiswe ngokusetyenziswa kwe-27, apho i-11 entsha. Ukwahluka okutsha kweMirai kwakhona kujolise kwiihardware ezahlukeneyo ezifakwe ezinje:
- Iirotha zeLinksys
- Iirotha zeZTE
- DLink iirotha
- Izixhobo zokugcina inethiwekhi
- Iikhamera ze-NVR kunye ne-IP
"Ezi mpawu zintsha zinika i-botnet indawo enkulu yokuhlaselwa," abaphandi be-Unit 42 bathi kwiposti yeblogi. Ngokukodwa, ukujolisa kwiitshaneli zonxibelelwano kuvumela ukuba ilawule i-bandwidth engaphezulu, ekhokelela ekunyuseni komlilo kwi-botnet ukwenza uhlaselo lweDDoS."
Esi siganeko sibonisa imfuneko yokuba amashishini abeke iliso kwizixhobo ze-IoT kuthungelwano lwawo, ukuqwalasela ngokufanelekileyo ukhuseleko, kunye nesidingo sohlaziyo rhoqo.
.
umthombo: www.habr.com