Abacwaningi bathole i-clone entsha ye-Mirai botnet eyaziwa kakhulu, egxile kumadivayisi we-IoT. Kulokhu, amadivayisi ashumekiwe aklanyelwe ukusetshenziswa ezindaweni zebhizinisi asengozini. Umgomo omkhulu wabahlaseli ukulawula amadivaysi ane-bandwidth nokwenza ukuhlasela kwe-DDoS ngezinga elikhulu.
Phawula:
Ngesikhathi ngibhala ukuhumusha, ngangingazi ukuthi uHabré wayesenayo .
Ababhali beMirai yasekuqaleni sebeboshiwe, kodwa ukutholakala , eshicilelwe ku-2016, ivumela abahlaseli abasha ukuthi benze ama-botnets abo ngokusekelwe kuwo. Ngokwesibonelo, и .
I-Mirai yasekuqaleni ivele ngo-2016. Ithelele amarutha, amakhamera we-IP, ama-DVR, namanye amadivayisi avame ukuba nephasiwedi ezenzakalelayo, kanye namadivayisi asebenzisa izinguqulo eziphelelwe yisikhathi ze-linux.
Okuhlukile okusha kwe-Mirai okudizayinelwe amadivayisi ebhizinisi
I-botnet entsha etholwe ithimba labacwaningi kusuka ku-Palo Alto Network. Umehluko wayo kwamanye ama-clones ukuthi yakhelwe amadivayisi ezinkampani, okuhlanganisa amasistimu okwethula okungenantambo e-WePresent WiPG-1000 kanye nama-LG Supersign TV.
Ukusetshenziswa kokufinyelela okukude kwe-LG Supersign TVs (CVE-2018-17173) kwenziwe kwatholakala ngoSepthemba odlule. Futhi ye-WePresent WiPG-1000, yanyatheliswa ngo-2017. Sekukonke, i-bot inikezwe ama-exlayers angu-27, okuyi-11 amasha. Okuhlukile okusha kwe-Mirai kuphinde kuqondise ihadiwe ehlukahlukene eshumekiwe njenge:
- Ama-Linksys Routers
- Amarutha
- DLink routers
- Amadivayisi wesitoreji senethiwekhi
- Amakhamera we-NVR kanye ne-IP
"Lezi zici ezintsha zinikeza i-botnet indawo enkulu yokuhlasela," abacwaningi base-Unit 42 babhala eposini lebhulogi. "Ikakhulukazi, ukugxila eziteshini zokuxhumana zezinkampani kuvumela ukuthi ibambe umkhawulokudonsa owengeziwe, okuholela ekwandeni kwamandla omlilo we-botnet yokuhlaselwa kwe-DDoS."
Lesi sigameko sigqamisa isidingo sokuthi amabhizinisi alawule amadivayisi e-IoT kunethiwekhi yawo, alungiselele kahle ukuphepha, futhi abuyekeze njalo.
.
Source: www.habr.com