Graboid - iyo cryptojacking honye inopararira kuburikidza nemidziyo yeDocker

Graboid-honye

Kwenguva yekutanga munhoroondo, Vatsvakurudzi vakawana crypto work gonye. ari Palo Alto Networ Unit 42 Vanochengetedza Vanochengetedzak Inc. ivo vakaita kutsvaga weichi cryptojacking honye icho inopararira ichishandisa Docke software midziyor. Iyi cryptojacking worm inoshandisa iyo chikuva-se-se-sevhisi (PaaS) mhinduro iyo vashandisi ve software vanoshandisa kuyedza uye kuendesa zvinoshandiswa kuWindows neLinux mapuratifomu.

Sezvo docker ichibvumidza maapplication kumhanya mune chaiyo nharaunda yakaparadzaniswa nemamwe maWindows application, ichibvumira vanogadzira kumhanya kunyorera pane zvakagovaniswa system zviwanikwa. Akatumidzwa zita remadunhurirwa "Graboid", iro honye rakapararira kunopfuura zviuru zviviri zveDocker host isina kuchengetedzeka uye inoshandisa vane hutachiona varidzi kumedza iyo cryptocurrency "Monero".

Monero ndeyevabheki 'vanofarira cryptocurrency nekuti haina kuzivikanwa uye yakaoma kwazvo kuteedzera. Asi, bitcoin inogona kuteverwa kuburikidza nerevo yeruzhinji.

Vatsvakurudzi yakawana mifananidzo yakawanda yemidziyo yakabatanas pamwe nekurwiswa pamatanho akasiyana ehutachiona cheni. Midziyo iyi yakabviswa neDocker Hub rutsigiroMushure mekuyeverwa nevatsvagiri, imwe yemifananidzo yemidziyo inomhanya CentOS yakaedza kubatanidza kune yakatsanangurwa kuraira uye kutonga (C2) maseva kurodha pasi nekumhanyisa zvinyorwa zvina zvegobolondo.

Ivo vari kuseri kweGraboid vanocherekedza injini dzeDocker dzisina kuchengeteka kutanga chirongwa chehutachiona. Pakangowanikwa nzvimbo yekupinda, honye inotambanuka kutanga rwendo rwayo.

Kana uchirodha pasi mamwe magwaro kubva kune yekuraira uye yekudzora server, iro honye rinozvigonera, rinotanga cryptocurrency pane iyo Docker inomiririra utachiona uchitsvaga mutsva. Graboid inotanga nekusarudza zvisina mwero nhatu dzehutachiona, kuisa honye pachinangwa chekutanga, uye kumisa mugodhi pachinangwa chechipiri, kutanga kuchera pane chechitatu chinangwa.

"Iyi nzira inotungamira kune yakasarudzika maitiro ekuchera," vatsvakurudzi vakatsanangura nhasi “Kana muenzi wangu akanganisa, mudziyo une ngozi hautangi ipapo. Panzvimbo iyoyo, ndinofanira kumirira kusvikira mumwe mugamuchiri akashungurudzika andisarudza uye otanga kuita kwangu kwekuchera… Chaizvoizvo, mucheri pane wese ane hutachiona anodzorwa nenjodzi nevamwe vese vane hutachiona.

Paavhareji, mugodhi wega wega aishanda 63% yenguva uye imwe nguva yekuchera yakatora masekondi mazana maviri nemakumi mashanu, zvichiita kuti basa rive rakaoma kuona, sezvo mazhinji magumo ekudzivirira software asingatarise data uye zviitiko mukati meMidziyo.

Vatsvagiri veYuniti 42 vakashanda nechikwata cheDocker kubvisa mifananidzo yemidziyo yakaipa, asi njodzi yekutapukirwa neramangwana kubva kune akasiyana achishandisa maitiro akafanana nderechokwadi.

"Kana gonye rine simba rakambogadzirwa kutora nzira yakafanana yekupinda, rinogona kukuvadza zvakanyanya, saka zvakakosha kuti masangano adzivirire maDocker avo," vaongorori vakayambira.

In the blog post nezve Graboid, vezvekuchengetedza vanopa mazano izvo zvinogona kubatsira kudzivirira hutachiona. Pakati pavo, vaPalo Alto vaongorori kuraira makambani kuti asambofumura madhimoni avo eDocker zvakananga kuInternet pasina chokwadi chakakodzera.

Muchokwadi, Docker Injini haina kuburitswa muInternet nekumisikidza, saka iko kusachengeteka kwekushandisa kunoshandiswa nehonye iyi kwakagadzirwa nemaoko kuti iwanikwe pachena.

Zvimwe yemazano akapihwa nevaongorori ndeekuti makambani anoshandisa SSH nekusimbiswa kwakasimba kana vachida kure kure kubatanidza kune Docker daemon uye voisanganisa nemitemo yemoto firewall iyo inogumira kubatana kune runyorwa rwekuvimbika IP kero.

Uyewo, inokurudzira kuti manejimendi ave nechokwadi chekuti havatombotumira mifananidzo yeDocker yemidziyo kubva kune vasina kuvimbika masosi paDocker Hub uye kazhinji tarisa kwavo Docker kuitisa kuti vabvise zvisingazivikanwe midziyo kana mifananidzo.


Izvo zviri muchinyorwa zvinoomerera pamisimboti yedu ye tsika dzekunyora. Kuti utaure chikanganiso tinya pano.

Iva wekutanga kutaura

Siya yako yekutaura

Your kero e havazobvumirwi ichibudiswa. Raida minda anozivikanwa ne *

*

*

  1. Inotarisira data: AB Internet Networks 2008 SL
  2. Chinangwa cheiyo data: Kudzora SPAM, manejimendi manejimendi.
  3. Legitimation: Kubvuma kwako
  4. Kutaurirana kwedata
  5. Dhata yekuchengetedza: Dhatabhesi inobatwa neOccentus Networks (EU)
  6. Kodzero: Panguva ipi neipi iwe unogona kudzora, kupora uye kudzima ruzivo rwako