Ngomvulo wokugqibela UBob Diachenko uthumele malunga nokufumanisa akwenzileyo malunga nokuveza idatha kwiirekhodi ezingaphezu kwezigidi ezili-11 zabantu abafumene idatha yobuqu kwezi zinto.
Ugcino lwedatha enkulu emalunga nezigidi ezili-11 zeerekhodi ze-imeyile zagqogqwa. Ukufikelela kwenzeka ngoMvulo kwaye yonke into ibonisa, isiseko sedatha sasigcwele ulwazi lomntu kunye ne-imeyile.
Ingxaki
Idatha benze ntoni zigcinwe kwimeko yeMongoDB kwaye zabanjwa kwisakhelo seSMS-SMS, LLC kwaye, ezi datha zinokufikelelwa nangubani na ukuba wayeyazi indlela yokusebenzisa izixhobo ezichanekileyo.
UBob Diachenko, ongomnye wabaphandi abahloniphekileyo kwezokhuseleko, ukwazile ukufumana olo lwazi kwi-intanethi esebenzisa izixhobo zikawonkewonke.
Xa ukhangela, UBob ufumanise ukuba olu lwazi lwalukhangelwe yi-Shodan injini yokukhangela. kwaye uhlaziyo lokugqibela lwenzeka nge-13 kaSeptemba, nangona kunjalo, akazange achonge ezinye iintsuku ngaphambi kokuba uShadan akwazi ukwalathisa umxholo kwaye ngenxa yoko, uwonke-wonke.
Ifayile encinci ye-43,5 GB kuphela equlathe malunga needilesi ze-imeyile ezingama-10.999.535 nayo yonke i-Yahoo, ineligama negama lokugqibela, iidilesi, ikhowudi ye-zip, ilizwe kunye nesixeko.
Ulwazi olukwiziko ledatha (ii-imeyile ezineenkcukacha zobuqu) yayiyigolide esulungekileyo kuzo zonke iintlobo zabantu abazisebenzisela iinjongo eziyingozi ezifana nokugaxekile, abakhohlisi, abalobi bazo zonke iintlobo.
Ukuchonga ilizwe kunye nesixeko, uninzi kufuneka ukuba lusebenzise olo datha ukuzisebenzisa kwi-spammers, scammers, botnet, malware ezinje nge-ransomware, spyware kunye nezinye izinto ezininzi eziyingozi, kwaye umngcipheko wokuba namaxhoba amaninzi ngokuqinisekileyo uphezulu, ngenxa idatha yabasebenzisi yokuqinisekisa.
Ugcino lwedatha oluye lwachaphazeleka lwacazululwa kwaye ngokwento ebonwayo, yonke into yeyesaverSpy, Kodwa ayisiyiSaverSpy kuphela esebenzisa le database, iisayithi ezinje nge-consons.com kunye nezinye iinkqubo ezinxulumene nazo ezibonelela kwihlabathi liphela, zisenokwabelana ngale database.
Impazamo yomntu
Umncedisi ubonakala eyinkampani yokuthengisa nge-imeyile esekwe eCalifornia. Ukuza kuthi ga ngoku, inkampani egcina idatha ibingafuni ukutsho ngqo ukuba zeziphi iinkampani ezisebenzisa le datha inkulu kangaka.
Eyona nto ibaluleke kakhulu, ngethamsanqa akukho bhanki okanye ulwazi lwekhadi letyala elivela koku kuvuza.
ngokumangalisayo I-MongoDB ekuthethwa ngayo sele iphawulwe njenge 'Compromised' eShodan kwaye iqulethwe kuvimba weenkcukacha 'Isilumkiso' nengqokelela ye 'Readme' kunye inqaku lentlawulelo lifuna i-0.4 BTC ukufumana idatha kwakhona equlathe ingqokelela yedatha ngalo mbhalo ulandelayo:
»Ugcino lwedatha yakho ikhutshiwe kwaye yaxhaswa kwiserver yethu ekhuselekileyo. Ukufumana kwakhona idatha yakho elahlekileyo: thumela i-0.4 BTC kwidilesi yethu yeBitCoin kwaye unxibelelane nathi nge-imeyile ngedilesi ye-IP kunye nobungqina bokuhlawula.
Nayiphi na i-imeyile ngaphandle kwedilesi yakho ye-IP kunye nobungqina bentlawulo abuyi kuhoywa. Unokucela isishwankathelo sokugcina ngaphakathi kwiiyure ezili-12.
Emva koko siya kususa i-backup. Akukho ngxaki! «
Nangona kunjalo, Ngexesha lokufumanisa, yonke idatha yayihambile. Ndicinga ukuba esi sisiphumo somzamo ongaphumelelanga osetyenziswe ngabagwenxa (kunye nethamsanqa kubanini beenkcukacha).
Okwangoku, idathabheyisi sele ikhethiwe kwaye kwiintsuku ezimbalwa ezizayo ngokuqinisekileyo i-injini yokukhangela eyalathe ulwazi yathi kufuneka icime idatha.
Ukongeza kulwazi lomntu wabucala, isiseko sedatha sikwabandakanya neenkcukacha ze-DNS malunga nemo ye-imeyile (ethunyelwe ngempumelelo okanye hayi), ebonisa ukuba ngaba i-imeyile iye yenziwa kunye nempendulo evela kwiseva.
Ungabona ulwazi malunga neenkqubo zokudibana ezinokufakwa kwindawo yogcino lwedatha okanye ukungabikho kofikelelo kwiziko ledatha elipapashwe ngumphandi.