Icatshulwe kwincwadi ethi “Invasion. Imbali emfutshane yeeHacker zaseRashiya"
NgoMeyi walo nyaka kwindlu yopapasho Individum intatheli uDaniil Turovsky "Uhlaselo. Imbali emfutshane yeeHacker zaseRashiya. Iqulethe amabali avela kwicala elimnyama loshishino lwe-IT yaseRashiya - malunga nabafana, abaye bathandana neekhompyutheni, bafunda kungekuphela nje ukucwangcisa, kodwa ukuphanga abantu. Le ncwadi iphuhla, njengesiganeko ngokwayo - ukusuka kwi-hooliganism yolutsha kunye namaqela eeforamu ukuya kwimisebenzi yokunyanzelisa umthetho kunye namahlazo amazwe ngamazwe.
UDaniel waqokelela izixhobo iminyaka eliqela, amabali athile , ngenxa yokubalisa kwakhona amanqaku kaDaniel, u-Andrew Kramer weNew York Times wafumana ibhaso lePulitzer ngo-2017.
Kodwa ukukhwabanisa - njengalo naluphi na ulwaphulo-mthetho - luvaliwe kakhulu isihloko. Amabali okwenene adluliselwa ngomlomo kuphela phakathi kwabantu. Kwaye le ncwadi ishiya umbono wokungafezeki okuphambanayo-ngokungathi iqhawe ngalinye linokuhlanganiswa libe yincwadi enemiqulu emithathu ethi "indlela ebekuyiyo ngokwenene."
Ngemvume yomshicileli, sipapasha isicatshulwa esifutshane malunga neqela laseLurk, eliphange iibhanki zaseRashiya ngo-2015-16.
Ehlotyeni le-2015, iBhanki ePhakathi yaseRashiya yakha i-Fincert, iziko lokubeka iliso kunye nokuphendula kwiziganeko zekhompyutheni kwi-credit and financial sector. Ngalo, iibhanki zitshintshiselana ngolwazi malunga nokuhlaselwa kweekhompyutheni, zihlalutye kwaye zifumane iingcebiso malunga nokukhuselwa kwii-arhente zobuntlola. Kukho ezininzi ukuhlaselwa okunjalo: Sberbank ngoJuni 2016 ilahleko yoqoqosho lwaseRashiya kwi-cybercrime yaba ngama-ruble angama-600 ezigidigidi - ngelo xesha ibhanki yafumana inkampani encedisayo, i-Bizon, ejongene nokhuseleko lolwazi lweshishini.
Kweyokuqala iziphumo zomsebenzi kaFincert (ukususela ngo-Oktobha 2015 ukuya kuMatshi 2016) zichaza ukuhlaselwa okujoliswe kuyo kwe-21 kwiziseko zebhanki; Ngenxa yezi ziganeko, kwaqaliswa amatyala olwaphulo-mthetho ali-12. Ininzi yolu hlaselo yayiyimisebenzi yeqela elinye, elibizwa ngokuba nguLurk ngokuhlonipha intsholongwane yegama elifanayo, eliphuhliswe ngabahlaseli: ngoncedo lwayo, imali yabiwa kumashishini orhwebo kunye neebhanki.
Amapolisa kunye neengcali zokhuseleko kwi-cybersecurity zikhangela amalungu eqela ukusukela ngo-2011. Kwangexesha elide, ukukhangela akuzange kuphumelele - ngo-2016, iqela liba malunga neebhiliyoni ezintathu zee-ruble kwiibhanki zaseRashiya, ngaphezu kwanoma yiyiphi enye i-hackers.
Intsholongwane kaLurk yayahlukile kwabo baphandi babekhe badibana nayo ngaphambili. Xa inkqubo yayiqhutywa kwilabhoratri yovavanyo, ayizange yenze nto (yiyo loo nto ibizwa ngokuba yiLurk - ukusuka kwisiNgesi "ukufihla"). Kamva ukuba uLurk uyilwe njengenkqubo yeemodyuli: inkqubo ngokuthe ngcembe ilayisha iibhloko ezongezelelweyo ezinomsebenzi ohlukeneyo - ukusuka kwi-intercepting characters efakwe kwi-keyboard, i-logins kunye ne-passwords ukuya kwikhono lokurekhoda umjelo wevidiyo ukusuka kwikhusi yekhompyutha eyosulelekileyo.
Ukusasaza intsholongwane, iqela langena kwiiwebhusayithi ezihanjelwe ngabasebenzi bebhanki: ukusuka kwimidiya ye-intanethi (umzekelo, i-RIA Novosti kunye neGazeta.ru) kwiiforamu zokubala. Abahlaseli baxhaphaze ubuthathaka kwinkqubo yokutshintshiselana ngeebhena zentengiso kwaye basasaze i-malware ngabo. Kwezinye iisayithi, abahlaseli bathumele ikhonkco kwintsholongwane ngokufutshane kuphela: kwiforum enye yeemagazini ze-accounting, yavela phakathi evekini ngexesha lesidlo sasemini iiyure ezimbini, kodwa ngeli xesha, uLurk wafumana amaxhoba amaninzi afanelekileyo.
Ngokunqakraza kwibhena, umsebenzisi uthathwe kwiphepha elinokuxhaphazwa, emva koko ulwazi lwaqala ukuqokelela kwikhompyutheni ehlaselwe - abahlaseli babenomdla kakhulu kwiprogram yebhanki ekude. Iinkcukacha kwii-odolo zentlawulo zebhanki zathatyathelwa indawo nezifunekayo, kwaye ukudluliselwa okungagunyaziswanga kwathunyelwa kwiiakhawunti zeenkampani ezinxulumene neqela. Ngokutsho kukaSergei Golovanov ovela eKaspersky Lab, ngokuqhelekileyo kwiimeko ezinjalo, amaqela asebenzisa iinkampani zegobolondo, "ezifana nokudlulisa kunye nokukhupha imali": imali efunyenweyo ichithwa apho, ifakwe kwiingxowa kwaye ishiye iibhukhimakhi kwiipaki zedolophu, apho abahlaseli bathatha khona. bona . Amalungu eqela azifihla ngenkuthalo izenzo zabo: babhala ngekhowudi yonke imbalelwano yemihla ngemihla kunye neendawo ezibhalisiweyo kunye nabasebenzisi bobuxoki. "Abahlaseli basebenzisa i-VPN kathathu, iTor, iincoko eziyimfihlo, kodwa ingxaki kukuba kwanesixhobo esisebenza kakuhle siyasilela," ucacisa uGolovanov. -Nokuba iVPN iyawa, emva koko incoko eyimfihlo ijike ingabikho mfihlo, emva koko ibe nye, endaweni yokufowuna ngeTelegram, ebizwa ngokulula kwifowuni. Le yinkalo yomntu. Kwaye xa uqokelela i-database iminyaka, kufuneka ukhangele iingozi ezinjalo. Emva koku, ukuthotyelwa komthetho kunokuqhagamshelana nababoneleli ukufumanisa ukuba ngubani oye watyelela idilesi ye-IP enjalo kunye neliphi ixesha. Kwaye ke ityala liyakhiwa. "
Ukuvalelwa kwabaphangi abavela eLurk njengomboniso bhanyabhanya. Abasebenzi beSebe leeMeko eziNgxamisekileyo baqhawula izitshixo kwizindlu zasemaphandleni kunye namagumbi abahlaseli kwiindawo ezahlukeneyo zaseYekaterinburg, emva koko amagosa e-FSB aqhuma ngesikhalo, abamba abahlaseli abaphosa phantsi, akhangela indawo. Emva koko, abarhanelwa bafakwa ebhasini, basiwa kwisikhululo seenqwelomoya, bahamba kunye nomzila weenqwelo-moya baza bathathwa kwinqwelo-moya, eyaya eMoscow.
Iimoto zifunyenwe kwiigaraji zehackers-imodeli ebiza kakhulu iAudi, Cadillac, kunye neMercedes. Iwotshi efakwe iidayimani ezingama-272 nayo yafunyanwa. ubucwebe obuxabisa i-ruble ye-12 yezigidi kunye nezixhobo. Lilonke, amapolisa aqhube ugqogqo olumalunga nama-80 kwimimandla eyi-15 kwaye abamba malunga nama-50 abantu.
Ngokukodwa, zonke iingcali zobuchwepheshe zeqela zabanjwa. URuslan Stoyanov, umqeshwa weKaspersky Lab owayebandakanyeka kuphando lolwaphulo-mthetho lwaseLurk kunye neenkonzo zobuntlola, wathi abaphathi bajonge uninzi lwabo kwiindawo eziqhelekileyo zokugaya abasebenzi ukuze basebenze kude. Izibhengezo azizange zichaze nto malunga nokuba umsebenzi wawungekho mthethweni, kwaye umvuzo eLurk wawunikelwe ngaphezu kwemarike, kwaye kwakunokwenzeka ukusebenzela ekhaya.
Rhoqo kusasa, ngaphandle kweempelaveki, kwiindawo ezahlukeneyo zaseRashiya naseUkraine, abantu bahlala phantsi kwiikhompyuter zabo baqalise ukusebenza,” utshilo uStoyanov. "Abacwangcisi batshintshe imisebenzi yenguqulelo elandelayo [yentsholongwane], abavavanyi bayijongile, emva koko umntu onoxanduva lwe-botnet wafaka yonke into kwiseva yomyalelo, emva koko uhlaziyo oluzenzekelayo lwenzeka kwiikhompyuter ze-bot."
Ukuqwalaselwa kwecala leqela enkundleni kwaqala ekwindla ka-2017 kwaye kwaqhubeka ekuqaleni kwe-2019 - ngenxa yomthamo wecala, eliqulethe malunga namakhulu amathandathu imiqulu. Igqwetha leHacker lifihla igama lalo ukuba akukho namnye kubarhanelwa oya kwenza isivumelwano nophando, kodwa abanye bavumile inxalenye yezityholo. “Abathengi bethu benze umsebenzi wokuphuhlisa iindawo ezahlukeneyo zentsholongwane kaLurk, kodwa abaninzi bebengazi ukuba yiTrojan,” utshilo. "Umntu othile wenze inxalenye ye-algorithms enokusebenza ngempumelelo kwiinjini zokukhangela."
Ityala lomnye wabaduni beli qela laziswa kwiinkqubo ezahlukeneyo, kwaye wafumana iminyaka emi-5, kubandakanywa nokuqhekeza inethiwekhi yesikhululo seenqwelomoya saseYekaterinburg.
Kumashumi eminyaka akutshanje eRashiya, iinkonzo ezikhethekileyo zikwazile ukoyisa uninzi lwamaqela amakhulu e-hacker aphule umthetho ophambili - "Musa ukusebenza kwi-ru": iCarberp (ibe malunga nebhiliyoni enye enesiqingatha kwii-akhawunti zebhanki zaseRussia), U-Anunak (weba ngaphezu kweebhiliyoni zeeruble kwii-akhawunti zeebhanki zaseRashiya), i-Paunch (bakha amaqonga okuhlaselwa apho ukuya kwisiqingatha sosulelo kwihlabathi jikelele) njalo njalo. Ingeniso yala maqela ithelekiseka nengeniso yabathengisi bezixhobo, kwaye ibandakanya abantu abaninzi ukongezelela kubaduni ngokwabo - oonogada, abaqhubi, abakheshi, abanini beendawo apho kuvela khona izinto ezintsha, njalo njalo.
umthombo: www.habr.com