[{"@context":"https:\/\/schema.org\/","@type":"Article","@id":"https:\/\/www.veritel.sk\/hackeri-vydolovali-zo-severov-peniaze\/#Article","mainEntityOfPage":"https:\/\/www.veritel.sk\/hackeri-vydolovali-zo-severov-peniaze\/","headline":"Hackeri vydolovali zo severov peniaze","name":"Hackeri vydolovali zo severov peniaze","description":"\u0164a\u017eba virtu\u00e1lnych mien u\u017e nie je tak\u00e1 jednoduch\u00e1 ako kedysi. V s\u00fa\u010dasnosti s\u00fa v\u00fdpo\u010dty pre kontrolu transakci\u00ed nato\u013eko komplexn\u00e9, \u017ee v\u00e1m jeden po\u010d\u00edta\u010d nesta\u010d\u00ed a potrebujete zainvestova\u0165 peniaze do \u0161peci\u00e1lne prisp\u00f4soben\u00e9mu hardwaru. Hackeri v\u0161ak na\u0161li alternat\u00edvnu cestu. Minim\u00e1lne od m\u00e1ja tohto roka bolo zneu\u017eit\u00fdch nieko\u013eko stoviek webov\u00fdch serverov s opera\u010dn\u00fdm syst\u00e9mom Windows Server 2003 na...<p class=\"more-link-wrap\"><a href=\"https:\/\/www.veritel.sk\/hackeri-vydolovali-zo-severov-peniaze\/\" class=\"more-link\">Read More<span class=\"screen-reader-text\"> &ldquo;Hackeri vydolovali zo severov peniaze&rdquo;<\/span> &raquo;<\/a><\/p>","datePublished":"2017-08-24","dateModified":"2017-08-24","author":{"@type":"Person","@id":"https:\/\/www.veritel.sk\/author\/devene\/#Person","name":"devene","url":"https:\/\/www.veritel.sk\/author\/devene\/","identifier":1,"image":{"@type":"ImageObject","@id":"https:\/\/secure.gravatar.com\/avatar\/69bd9b72104e3ccfb6214cbd23cb226f96c6ecf33a2a351fa1d4682235118df3?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/69bd9b72104e3ccfb6214cbd23cb226f96c6ecf33a2a351fa1d4682235118df3?s=96&d=mm&r=g","height":96,"width":96}},"publisher":{"@type":"Organization","name":"veritel.sk","logo":{"@type":"ImageObject","@id":"\/logo.png","url":"\/logo.png","width":600,"height":60}},"image":{"@type":"ImageObject","@id":"https:\/\/www.veritel.sk\/wp-content\/uploads\/img_a282975_w2032_t1508864469.jpg","url":"https:\/\/www.veritel.sk\/wp-content\/uploads\/img_a282975_w2032_t1508864469.jpg","height":0,"width":0},"url":"https:\/\/www.veritel.sk\/hackeri-vydolovali-zo-severov-peniaze\/","wordCount":355,"articleBody":"\u0164a\u017eba virtu\u00e1lnych mien u\u017e nie je tak\u00e1 jednoduch\u00e1 ako kedysi. V s\u00fa\u010dasnosti s\u00fa v\u00fdpo\u010dty pre kontrolu transakci\u00ed nato\u013eko komplexn\u00e9, \u017ee v\u00e1m jeden po\u010d\u00edta\u010d nesta\u010d\u00ed a potrebujete zainvestova\u0165 peniaze do \u0161peci\u00e1lne prisp\u00f4soben\u00e9mu hardwaru. Hackeri v\u0161ak na\u0161li alternat\u00edvnu cestu. Minim\u00e1lne od m\u00e1ja tohto roka bolo zneu\u017eit\u00fdch nieko\u013eko stoviek webov\u00fdch serverov s opera\u010dn\u00fdm syst\u00e9mom Windows Server 2003 na \u0165a\u017ebu kryptomeny Monero (XMR). Na in\u0161tal\u00e1ciu malwaru vyu\u017eili \u00fato\u010dn\u00edci bezpe\u010dnostn\u00fa chybu v IIS 6.0 s ozna\u010den\u00edm CVE-2017-7269. O tejto chybe, ktor\u00fa r\u00f4zni hackeri akt\u00edvne vyu\u017e\u00edvali u\u017e v tom \u010dase, prv\u00fdkr\u00e1t informovali \u010d\u00ednski vedci v marci, kedy v r\u00e1mci svojho v\u00fdskumu zverejnili aj n\u00e1stroj, ktor\u00fd dok\u00e1zal identifikova\u0165 takto zranite\u013en\u00e9 syst\u00e9my. Amat\u00e9rizmus? Pr\u00e1ve tento n\u00e1stroj sa stal z\u00e1kladom \u00faspechu hackerov. Skrze neho bolo mo\u017en\u00e9 na internete lokalizova\u0165 IIS 6.0 servery a nain\u0161talova\u0165 do nich \u0161kodliv\u00fd software. Zauj\u00edmavou je jednoduchos\u0165 tohto \u00fatoku. Autori malwaru vykonali len mal\u00fd rozsah zmien v zneu\u017eitej aplik\u00e1cii a celkov\u00e1 pr\u00e1ca mohla zabra\u0165 len nieko\u013eko min\u00fat. \u0160lo najm\u00e4 o nahradenie \u0161peci\u00e1lneho alfanumerick\u00e9ho re\u0165azca, ktor\u00fd mal p\u00f4vodne v syst\u00e9me otvori\u0165 kalkula\u010dku, no po \u00faprave do\u0161lo k stiahnutiu a spusteniu \u0165a\u017eobnej aplik\u00e1cie. Samotn\u00fd open-source program na \u0165a\u017ebu, s n\u00e1zvom XMRig, v\u0161ak nebol nijako pozmenen\u00fd. Boli do\u0148 zadan\u00e9 len \u00fadaje o cie\u013eovej virtu\u00e1lnej pe\u0148a\u017eenke, adresa mining poolu a zop\u00e1r \u010fal\u0161\u00edch argumentov.Odmena Minim\u00e1lne od m\u00e1ja si tak\u00fdmto sp\u00f4sobom pri\u0161li nezn\u00e1mi hackeri na celkom slu\u0161n\u00fd bal\u00edk pe\u0148az\u00ed. Hodnota takejto botnetmi (skupina infikovan\u00fdch po\u010d\u00edta\u010dov) vygenerovanej odmeny siahala v prepo\u010dte a\u017e k 63 000 americk\u00fdch dol\u00e1rov (pribli\u017ene 54 tis\u00edc eur). Pokia\u013e teda prev\u00e1dzkovatelia nechc\u00fa umo\u017eni\u0165 \u00fato\u010dn\u00edkom pri\u017eivi\u0165 sa na ich serveroch, mali by si \u010do najsk\u00f4r stiahnu\u0165 ofici\u00e1lny patch, ktor\u00fd ich ochr\u00e1ni.                                                                                                                                                                                                                                                                                                                                                                                                 "},{"@context":"https:\/\/schema.org\/","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Hackeri vydolovali zo severov peniaze","item":"https:\/\/www.veritel.sk\/hackeri-vydolovali-zo-severov-peniaze\/#breadcrumbitem"}]}]