Ekupheleni kuka-2019, osomabhizinisi abaningana baseRussia baxhumane nomnyango wokuphenya ubugebengu be-inthanethi beQembu-IB ababebhekene nenkinga yokufinyelela okungagunyaziwe kwabantu abangaziwa lapho bebhalelana khona nesithunywa seTelegram. Izehlakalo zenzeke kumadivayisi e-iOS nawe-Android, kungakhathaliseki ukuthi yimuphi u-opharetha wamaselula wenhlangano isisulu abeyiklayenti lakhe.
Ukuhlasela kwaqala lapho umsebenzisi ethola umlayezo kusithunywa seTelegram ovela esiteshini sesevisi yeTelegram (lesi yisiteshi esisemthethweni sesithunywa esinesheke lokuqinisekisa eliluhlaza okwesibhakabhaka) ngekhodi yokuqinisekisa leyo umsebenzisi angayicelanga. Ngemuva kwalokhu, i-SMS enekhodi yokwenza kusebenze yathunyelwa ku-smartphone yesisulu - futhi cishe ngokushesha kwatholwa isaziso esiteshini sesevisi yeTelegram sokuthi i-akhawunti ingene ngemvume ivela kudivayisi entsha.
Kuzo zonke izimo i-Group-IB eyaziyo, abahlaseli bangene ku-akhawunti yomunye umuntu nge-inthanethi yeselula (mhlawumbe besebenzisa amakhadi e-SIM alahlwayo), futhi ikheli le-IP labahlaseli ezimweni eziningi laliseSamara.
Ukufinyelela lapho ucela
Ucwaningo olwenziwa yi-Group-IB Computer Forensics Laboratory, lapho izinto zikagesi zezisulu zadluliselwa khona, zabonisa ukuthi imishini yayingenalo i-spyware noma iTrojan yasebhange, ama-akhawunti awazange agqekezwe, futhi i-SIM khadi ayizange ishintshwe. Kuzo zonke izimo, abahlaseli bathole ukufinyelela kusigijimi sesisulu besebenzisa amakhodi e-SMS awamukelwe lapho bengena ku-akhawunti besuka kudivayisi entsha.
Le nqubo imi kanje: lapho kusebenze isithunywa kudivayisi entsha, iTelegramu ithumela ikhodi ngesiteshi sesevisi kuwo wonke amadivaysi omsebenzisi, bese (ngesicelo) umlayezo we-SMS uthunyelwa ocingweni. Ukwazi lokhu, abahlaseli ngokwabo baqala isicelo sokuthi isithunywa sithumele i-SMS enekhodi yokwenza kusebenze, babambe le SMS futhi basebenzise ikhodi eyamukelwe ukuze bangene ngempumelelo kusithunywa.
Ngakho-ke, abahlaseli bathola ukufinyelela okungekho emthethweni kuzo zonke izingxoxo zamanje, ngaphandle kweziyimfihlo, kanye nomlando wokuxhumana kulezi zingxoxo, okuhlanganisa amafayela nezithombe ezithunyelwe kubo. Ngemva kokuthola lokhu, umsebenzisi osemthethweni weTelegramu anganqamula isikhathi somhlaseli. Ngenxa yendlela yokuvikela esetshenzisiwe, okuphambene ngeke kwenzeke; umhlaseli akakwazi ukunqamula amaseshini amadala omsebenzisi wangempela phakathi namahora angu-24. Ngakho-ke, kubalulekile ukuthola isikhathi sangaphandle bese usiqeda ukuze ungalahlekelwa ukufinyelela ku-akhawunti yakho. Ochwepheshe be-Group-IB bathumele isaziso ethimbeni le-Telegram mayelana nophenyo lwabo ngalesi simo.
Ucwaningo lwezehlakalo luyaqhubeka, futhi okwamanje akukaziwa kahle ukuthi yiluphi uhlelo olusetshenziswe ukudlula isici se-SMS. Ezikhathini ezehlukene, abacwaningi banikeze izibonelo zokunqamuka kwe-SMS kusetshenziswa ukuhlaselwa kwezivumelwano ze-SS7 noma ze-Diameter ezisetshenziswa kumanethiwekhi eselula. Ngokwethiyori, ukuhlasela okunjalo kungenziwa ngokusebenzisa okungekho emthethweni kwezindlela zobuchwepheshe ezikhethekile noma ulwazi lwangaphakathi oluvela ku-opharetha bamaselula. Ikakhulukazi, ezinkundleni zokuxhumana ze-hacker ku-Darknet kunezikhangiso ezintsha ezinezipesheli zokugebenga izithunywa ezihlukahlukene, kuhlanganise neTelegram.
"Ochwepheshe bamazwe ahlukene, kuhlanganise neRussia, baye basho kaningi ukuthi izinkundla zokuxhumana, amabhange eselula kanye nezithunywa ezisheshayo zingagetshengwa kusetshenziswa ukuba sengozini kwe-protocol ye-SS7, kodwa lezi kwakuyizimo ezizimele zokuhlaselwa okuhlosiwe noma ucwaningo lokuhlola," kuphawula uSergey Lupanin, inhloko. womnyango wophenyo ngobugebengu bamakhompuyutha e-Group-IB, “Ochungechungeni lwezigameko ezintsha, esezingaphezu kwe-10, isifiso sabahlaseli sokubeka le ndlela yokuthola imali ngokusakazwayo sisobala. Ukuze uvimbele lokhu ukuthi kungenzeki, kuyadingeka ukwandisa izinga lakho lokuhlanzeka kwedijithali: okungenani, sebenzisa ukuqinisekiswa kwezinto ezimbili lapho kungenzeka khona, futhi wengeze isici sesibili esiyisibopho ku-SMS, esifakwe ngokusebenzayo kuTelegram efanayo. ”
Ungazivikela kanjani?
1. I-Telegram isivele isebenzise zonke izinketho ezidingekayo ze-cybersecurity ezizonciphisa imizamo yabahlaseli ibe yize.
2. Kumadivayisi e-iOS ne-Android eTelegramu, udinga ukuya kuzilungiselelo zeTelegramu, ukhethe ithebhu ethi “Ubumfihlo” bese unikeza “Iphasiwedi yefu Ukuqinisekiswa kwezinyathelo ezimbili” noma “Ukuqinisekiswa kwezinyathelo ezimbili”. Incazelo enemininingwane yokuthi ungayenza kanjani le nketho isebenze inikezwe emiyalweni ekuwebhusayithi esemthethweni yesithunywa: (https://telegram.org/blog/sessions-and-2-step-verification)
3. Kubalulekile ukuthi ungasethi ikheli le-imeyili ukuze ubuyisele le phasiwedi, njengoba, njengomthetho, ukutholwa kwephasiwedi ye-imeyili nakho kwenzeka nge-SMS. Ngendlela efanayo, ungakwazi ukwandisa ukuphepha kwe-akhawunti yakho ye-WhatsApp.
Source: www.habr.com