Kumaqela amakhulu ekhompyuter abekwe kumaziko aphezulu e-UK, eJamani, eSwitzerland naseSpain, umkhondo wokuqhekezwa kweziseko ezingundoqo kunye nokufakwa kwe-malware kwimigodi efihliweyo ye-cryptocurrency ye-Monero (XMR). Uhlalutyo olunzulu lweziganeko alukabikho, kodwa ngokweenkcukacha zokuqala, iinkqubo ziye zaphazamiseka ngenxa yokubiwa kweziqinisekiso ezivela kwiinkqubo zabaphandi ababenokufikelela ekusebenzeni imisebenzi kumaqela (kutsha nje, amaqela amaninzi anikezela ukufikelela Abaphandi beqela lesithathu abafunda i-coronavirus ye-SARS-CoV-2 kunye nokuqhuba inkqubo yomzekelo eyayanyaniswa nosulelo lwe-COVID-19). Emva kokufumana ukufikelela kwiqela kwelinye lamatyala, abahlaseli baxhaphaze ubuthathaka. kwi-Linux kernel ukufumana ufikelelo lwengcambu kwaye ufake i-rootkit.
iziganeko ezibini apho abahlaseli basebenzise iziqinisekiso ezithathwe kubasebenzisi abavela kwiYunivesithi yaseKrakow (ePoland), iYunivesithi yezoThutho yaseShanghai (eChina) kunye neShayina yeSayensi Network. Iziqinisekiso zithathwe kubathathi-nxaxheba kwiinkqubo zophando zamazwe ngamazwe kwaye zisetyenziselwa ukudibanisa kumaqela nge-SSH. Indlela kanye iziqinisekiso zibanjwe ngayo akukacaci, kodwa kwezinye iinkqubo (hayi zonke) zamaxhoba okuvuza kwegama eliyimfihlo, iifayile eziphunyeziweyo ze-SSH zichongiwe.
Ngenxa yoko, abahlaseli ukufikelela kwi-UK-based (iYunivesithi yase-Edinburgh) cluster , ibekwe kwindawo ye-334 kwiikhompyuter ezinkulu ezingama-500 ezinkulu. Ukulandela ukungena okufanayo kwaba kumaqela bwUniCluster 2.0 (Karlsruhe Institute of Technology, Germany), ForHLR II (Karlsruhe Institute of Technology, Germany), bwForCluster JUSTUS (Ulm University, Germany), bwForCluster BinAC (University of TΓΌbingen, Germany) kunye Hawk (University of Stuttgart, Jemani).
Ulwazi malunga neziganeko zokhuseleko lweqela kwi (CSCS), ( ngaphezulu kwama-500), (eJamani) kunye (, ΠΈ iindawo kwiTop500). Ukongeza, kubasebenzi ulwazi malunga nokuthotyelwa kweziseko zophuhliso lweZiko leKhompyutha eliPhezulu laseBarcelona (eSpain) ayikaqinisekiswa ngokusemthethweni.
utshintsho
, ukuba iifayile ezimbini ezinokusetyenziswa eziyingozi zakhutshelwa kwiiseva ezisengozini, apho iflegi yengcambu ye-suid yamiselwa: β/etc/fonts/.fontsβ kunye β/etc/fonts/.lowβ. Eyokuqala sisilayishi sekhompyutha sokusebenzisa imiyalelo yeqokobhe ngamalungelo eengcambu, kwaye eyesibini sisicoci selog sokususa umkhondo womsebenzi womhlaseli. Iindlela ezahlukeneyo zisetyenzisiwe ukufihla izinto ezinobungozi, kubandakanya ukufaka i-rootkit. , ilayishwe njengemodyuli ye Linux kernel. Kwimeko enye, inkqubo yemigodi yaqalwa kuphela ebusuku, ukuze ingatsali ingqalelo.
Nje ukuba igqekeziwe, inginginya ingasetyenziselwa ukwenza imisebenzi eyahlukeneyo, efana nemigodi ye-Monero (XMR), iqhuba i-proxy (ukunxibelelana nezinye iinginginya zemigodi kunye nomncedisi olungelelanisa imigodi), eqhuba i-SOCKS esekwe kwi-SOCKS proxy (ukwamkela ngaphandle. udibaniso nge-SSH) kunye nogqithiso lwe-SSH (eyona ndawo iphambili yokungena kusetyenziswa i-akhawunti ephazamisekileyo apho umguquleli wedilesi elungiselelwe ukuthunyelwa kuthungelwano lwangaphakathi). Xa uqhagamshela kwinginginya ezisengozini, abahlaseli basebenzise iinginginya ezinee-SOCKS proxies kwaye ziqhagamshelwe ngeTor okanye ezinye iinkqubo ezisengozini.
umthombo: opennet.ru