VirusTotal da SafeBreach case: Duk gaskiya kuma babu komai sai gaskiya

Isaac

4 minti

VirusTotal, SafeBreach

Anan Gaskiya duka da abin da ba su gaya muku ba game da cutar VirusTotal (mallakar Google) da kuma gano kamfanin SafeBreach na Isra'ila. Wannan ba kamar yadda aka yi sharhi a kafofin watsa labarai da yawa ba, ciki har da wannan wanda ya bar kansa ta hanyar majiyoyin da ke nuna wani abu na daban. Don haka, daga LxA na nemi afuwar VT kuma zan yi ƙoƙarin yin sharhi game da ainihin abin da ya faru, wanda ba shi da mahimmanci kamar yadda ake gani.

Me ake nufi?

Me aka yi ishara game da wannan harka shi ne SafeBreach, wani rauni ne da ake zargin wannan kamfani ya gano a cikin VirusTotal, wanda kuma ya haifar da labarin harin da aka kai wa sabis na VT (wanda ba haka ba ne), har ma da zargin alaka da Google (mai VirusTotal ta hanyar Kamfanin Tsaro na Chronicle) don haka daidai. wannan matsala. Koyaya, Google ya yi shiru. Dalili? Zaku fahimta a kashi na gaba...

Ana tsammanin, tare da lasisin VirusTotal $ 600 kowane wata zaku iya samun dama ga Shaidar mai amfani mara iyaka ta amfani da ƴan saukin bincike a cikin wannan sabis ɗin. Daga ciki akwai iya samun fayiloli tare da bayanan sata (adiresoshin imel, sunayen masu amfani, kalmomin shiga, samun damar shiga shafukan sada zumunta, shafukan yanar gizo na e-kasuwanci, dandamali masu yawo, ayyukan gwamnati na kan layi, banki kan layi, har ma da kalmomin shiga) na walat ɗin cryptocurrency masu zaman kansu).

A cewar Bar, ɗaya daga cikin masu binciken SafeBreach, "Manufarmu ita ce gano bayanan da mai laifi zai iya tattarawa tare da lasisin VirusTotal«, hanyar da suka yi baftisma azaman VirusTotal Hacking.

"Mai laifin da ke amfani da wannan hanyar zai iya tattarawa kusan adadin takaddun shaida mara iyaka da sauran bayanan mai amfani masu mahimmanci tare da ƙoƙari kaɗan a cikin ɗan gajeren lokaci ta amfani da hanyar da ba ta da kamuwa da cuta. Mun kira shi cikakken laifin yanar gizo, ba wai kawai saboda gaskiyar cewa babu haɗari da ƙananan ƙoƙari ba, amma kuma saboda rashin iyawar wadanda abin ya shafa don kare kansu daga irin wannan aikin. Bayan masu kutse na asali sun yi kutse, yawancinsu ba su da ɗan iya gani cikin abubuwan da ake lodawa da adana bayanai masu mahimmanci akan VirusTotal da sauran wuraren zama.".

Yanzu gaskiyar abin da ya faru da VirusTotal

VirusTotal mai tushen Malaga ya ƙaddamar da sabis da ake kira VT Intelligence a cikin 2009 don amfani da duk bayanan da suka zo ga wannan Multi riga-kafi akan layi. An kaddamar da wannan portal a matsayin babban rumbun adana bayanai na masu bincike a bangaren tsaro na yanar gizo da kamfanoni masu sassan tsaro, domin samun damar shiga dukkan wadannan bayanai da nufin bincike da inganta tsaron kayayyakinsu da masu amfani da su.

Ƙuntataccen dama ga Intelligence na VT

A takaice dai, ba masu amfani da lasisin dala $600 da aka ambata ba ko wasu masu aikata laifukan yanar gizo ba za su iya ba samun damar irin wannan bayanan, haka kuma wani kamfani ba zai iya samun damar shiga Intelligence na VT ba. Duk wanda ke da damar yana bi ta hanyar tantancewa don tabbatar da cewa kamfani amintacce ne kuma mai suna, baya ga samun damar amfani da ta dace don samun damar wannan bayanan.

Abubuwan ciki na Database da tushe

Wannan bayanan ya ƙunshi bayanai daban-daban, tare da barazanar kowane iri, daga malware, zuwa ci-gaba da fa'ida, ta hanyar phishing kits, hacking kayan aikin da aka karbo daga dandalin hacking na kasa, katin yin katin, rajistan ayyukan (rikodi) da fayiloli tare da takaddun shaida waɗanda aka fallasa akan waɗannan rukunin yanar gizon, da sauransu.

Duk wannan ya zo daga wurare daban-daban:

  • kamfanoni
  • takaddun shaida
  • masu amfani da ba a san su ba
  • Ta API daga wasu shafuka da yawa
  • Da dai sauransu.

Tabbatar da masu amfani

Don haka, lokacin da SafeBreach ya sami kowane ɗayan waɗannan fayilolin tare da takaddun shaida ko rajistan ayyukan tare da mahimman bayanai, saboda An lalata bayanan ko kuma yawo kafin a kai ga bayanan sirri na VT. Wato, VirusTotal ba shine tushen da wannan keɓaɓɓen bayanan ke fitowa ba, a'a madaidaicin bayanai ne tsakanin barazanar da ta ba da damar fitar da wannan bayanan da gwajin SafeBreach.

Ƙungiyoyi masu samun damar zuwa VT Intelligent za su iya samun damar duk wannan bayanin zuwa ga sanya mafita ko sanar da abokan cinikin ku cewa ƙila waɗannan hare-haren ta yanar gizo ko leaks sun shafe su.

ƙarshe

Ba za a iya amfani da VirusTotal azaman tushe don cire mahimman bayanai ba kamar yadda SafeBreach alamu. Waɗannan takaddun shaida ne waɗanda aka riga aka gyara akasarinsu lokacin da aka ba da rahoton cewa an fallasa su. Kuma idan ba a canza su ba, tabbas ba za su yi tasiri sosai ba.

Menene ƙari, idan ba ku isa VirusTotal ba, haka kuma za a ci gaba da fallasa su a shafukan da masu binciken yanar gizo suka fitar da su.

Abinda kawai SafeBreach yayi, baya ga ƙirƙirar duk wannan hargitsi, shine motsa jiki na tunani game da abin da zai faru idan wanda ake zargi da kai hari zai iya samun damar shiga Intelligence na VT.

Wasan kwaikwayo na sifili!


Bar tsokaci

Your email address ba za a buga. Bukata filayen suna alama da *

*

*

  1. Alhakin bayanai: AB Internet Networks 2008 SL
  2. Manufar bayanan: Sarrafa SPAM, sarrafa sharhi.
  3. Halacci: Yarda da yarda
  4. Sadarwar bayanan: Ba za a sanar da wasu bayanan ga wasu kamfanoni ba sai ta hanyar wajibcin doka.
  5. Ajiye bayanai: Bayanin yanar gizo wanda Occentus Networks (EU) suka dauki nauyi
  6. Hakkoki: A kowane lokaci zaka iyakance, dawo da share bayanan ka.