{"id":124226,"date":"2015-07-09T12:11:30","date_gmt":"2015-07-09T12:11:30","guid":{"rendered":"https:\/\/bm.dev.synology.me\/?p=124226"},"modified":"2015-07-09T12:11:30","modified_gmt":"2015-07-09T12:11:30","slug":"un-virus-bancar-ataca-si-clientii-bancilor-din-romania","status":"publish","type":"post","link":"https:\/\/bm.dev.synology.me\/?p=124226","title":{"rendered":"Un virus bancar atac\u0103 \u015fi clien\u0163ii b\u0103ncilor din Rom\u00e2nia"},"content":{"rendered":"<p>\nUn nou val de mesaje ce con\u0163in virusul bancar Dyre vizeaz\u0103 clien\u0163i ai institu\u0163iilor financiare din mai multe \u0163\u0103ri, printre care \u015fi Rom\u00e2nia, informeaz\u0103 speciali\u015ftii produc\u0103torului de solu\u0163ii de securitate IT Bitdefender. Odat\u0103 instalat, virusul fur\u0103 datele de autentificare la serviciile de e-banking. B\u0103ncile locale vizate au o cot\u0103 de pia\u0163\u0103 cumulat\u0103 de circa 40%.<\/p>\n<p>\nUtilizatorii de servicii de e-banking sunt invita\u0163i s\u0103 descarce un fi\u015fier mali\u0163ios de tip arhiv\u0103 con\u0163in\u00e2nd un executabil, care provine de la un consultant fiscal. Mesajul pretinde a fi o continuare a unei discu\u0163ii purtate anterior \u015fi le sugereaz\u0103 clien\u0163ilor s\u0103 descarce cu prioritate fi\u015fierul pentru a finaliza o tranzac\u0163ie financiar\u0103. Un al doilea mesaj sus\u0163ine c\u0103 trimite documenta\u0163ia financiar\u0103 a clientului \u015fi \u00eei cere s\u0103 verifice autenticitatea tranzac\u0163iilor. Al treilea mesaj informeaz\u0103 clientul despre sanc\u0163iuni contraven\u0163ionale impuse companiei pe care o de\u0163ine, invit\u00e2ndu-l s\u0103 ia la cuno\u015ftin\u0163\u0103 lista abaterilor.<\/p>\n<p>\nFi\u015fierul .exe descarc\u0103 \u015fi activeaz\u0103 virusul bancar Dyreza, cunoscut \u015fi sub denumirea Dyre. Observat pentru prima dat\u0103 anul trecut, virusul Dyre este foarte asem\u0103n\u0103tor cu celebrul troian bancar Zeus. Se instaleaz\u0103 pe computerul utilizatorului \u015fi devine activ doar c\u00e2nd utilizatorul \u00ee\u015fi introduce creden\u0163ialele pe un site specific, de cele mai multe ori \u00een pagina de autentificare a unei institu\u0163ii bancare. Prin intermediul unui atac de tip man-in-the-browser, hackerii injecteaz\u0103 cod Javascript mali\u0163ios, ce le permite s\u0103 fure creden\u0163ialele de atutentificare sau s\u0103 efectueze opera\u0163iuni neautorizate \u00een cont.<\/p>\n<p>\nAtacul vizeaz\u0103 si clien\u0163i ai unor reputate instutu\u0163ii financiare \u015fi bancare din Statele Unite ale Americii, Marea Britanie, Germania, Australia \u015fi Fran\u0163a. Potrivit Bitdefender Labs, 19.000 de mii de e-mailuri au fost trimise \u00een trei zile de pe servere din SUA, Taiwan, Hong Kong, Danemarca, Rusia, China, Coreea de Sud, Marea Britanie, Australia.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Un nou val de mesaje ce con\u0163in virusul bancar Dyre vizeaz\u0103 clien\u0163i ai institu\u0163iilor financiare din mai multe \u0163\u0103ri, printre care \u015fi Rom\u00e2nia, informeaz\u0103 speciali\u015ftii produc\u0103torului de solu\u0163ii de securitate IT Bitdefender. Odat\u0103 instalat, virusul fur\u0103 datele de autentificare la serviciile de e-banking. B\u0103ncile locale vizate au o cot\u0103 de pia\u0163\u0103 cumulat\u0103 de circa 40%. [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[510],"tags":[10653,16894,7267,8039,4126,9637,14767,11056,389,76,98,15,11605],"class_list":["post-124226","post","type-post","status-publish","format-standard","hentry","category-actualitate","tag-atac","tag-australia","tag-banci","tag-bitdefender","tag-clienti","tag-continut","tag-coreea-de-sud","tag-financiar","tag-furt","tag-institutii","tag-romania","tag-servicii","tag-virus"],"_links":{"self":[{"href":"https:\/\/bm.dev.synology.me\/index.php?rest_route=\/wp\/v2\/posts\/124226","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/bm.dev.synology.me\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/bm.dev.synology.me\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/bm.dev.synology.me\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/bm.dev.synology.me\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=124226"}],"version-history":[{"count":0,"href":"https:\/\/bm.dev.synology.me\/index.php?rest_route=\/wp\/v2\/posts\/124226\/revisions"}],"wp:attachment":[{"href":"https:\/\/bm.dev.synology.me\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=124226"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/bm.dev.synology.me\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=124226"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/bm.dev.synology.me\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=124226"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}