{"id":147006,"date":"2017-05-05T11:36:30","date_gmt":"2017-05-05T11:36:30","guid":{"rendered":"https:\/\/bm.dev.synology.me\/?p=147006"},"modified":"2017-05-05T11:36:30","modified_gmt":"2017-05-05T11:36:30","slug":"bitdefender-a-identificat-prima-amenintare-cibernetica-pentru-spionaj-creata-cu-instrumente-disponibile-la-liber-pe-internet","status":"publish","type":"post","link":"https:\/\/bm.dev.synology.me\/?p=147006","title":{"rendered":"Bitdefender a identificat prima amenin\u0163are cibernetic\u0103 pentru spionaj creat\u0103 cu instrumente disponibile la liber pe internet"},"content":{"rendered":"<p>\nAmenin\u0163area denumit\u0103 Netrepser folose\u015fte mecanisme avansate de phishing (tehnici de \u00een\u015fel\u0103ciuni informatice) \u015fi are misiunea principal\u0103 s\u0103 colecteze informa\u0163ii pe care s\u0103 le sustrag\u0103 \u00een mod sistematic, ceea ce demonstreaz\u0103 c\u0103 atacul ar face parte dintr-o ampl\u0103 campanie de spionaj. Speciali\u015ftii Bitdefender sus\u0163in c\u0103 Netrepser nu a vizat mase, ci a afectat un num\u0103r limitat de terminale apar\u0163in\u00e2nd unor adrese IP marcate ca \u0163inte sensibile, majoritatea victimelor fiind agen\u0163ii sau institu\u0163ii guvernamentale.<\/p>\n<p>\nNetrepser folose\u015fte diverse metode pentru a fura informa\u0163ii, de la interceptarea tastelor p\u00e2n\u0103 la furtul de parole \u015fi de cookie-uri (informa\u0163ii salvate local de un calculator la navigarea \u00een Internet), \u015fi este mascat\u0103 \u00eentr-un set de aplica\u0163ii legitime dar controversate, furnizate de compania NirSoft. Aplica\u0163iile NirSoft sunt folosite de regul\u0103 pentru recuperarea parolelor \u015fi pentru monitorizarea traficului din re\u0163ea, folosind o interfa\u0163\u0103 \u00een linie de comand\u0103 care poate rula chiar \u015fi pe ascuns. De mult timp \u00eens\u0103, companiile de securitate informatic\u0103 au avertizat c\u0103 instrumentele dezvoltate de NirSoft reprezint\u0103 poten\u0163iale riscuri de securitate \u015fi pot fi modificate cu u\u015furin\u0163\u0103 pentru a dezvolta amenin\u0163\u0103ri informatice \u015fi, deci, comite abuzuri, potrivit unui comunicat de pres\u0103.<\/p>\n<p>\nChiar dac\u0103 Netrepser se folose\u015fte de tool-uri gratuite disponibile pe internet s\u0103 duc\u0103 la bun sf\u00e2r\u015fit anumite sarcini, complexitatea atacurilor \u015fi \u0163intele vizate arat\u0103 c\u0103 amenin\u0163area reprezint\u0103 mai mult dec\u00e2t o unealt\u0103 obi\u015fnuit\u0103.<\/p>\n<p>\n\u201eAbordarea folosit\u0103 de c\u0103tre dezvoltatorii Netreprser este extrem de neobi\u015fnuit\u0103 pentru o campanie de spionaj. Atacatorii mizeaz\u0103 pe cartea simplit\u0103\u0163ii ca s\u0103 se infiltreze \u00een mediul victimei, chiar cu riscul de a st\u00e2rni suspiciuni. Netrepser este exemplul perfect de instrument de spionaj foarte avansat care vizeaz\u0103 institu\u0163ii de calibru \u015fi colecteaz\u0103 informa\u0163ii \u00eentr-o manier\u0103 inedit\u0103. Putem spune c\u0103 este complet opusul unei amenin\u0163\u0103ri avansate persistente (APT), dat fiind c\u0103 se combin\u0103 cu instrumente gratuite de pe internet pentru a-\u015fi face misiunea\u201d, spune Bogdan Botezatu, specialist \u00een securitate cibernetic\u0103 la Bitdefender.<\/p>\n<p>\nDe\u015fi e-mailul reprezint\u0103 principalul vector prin care se infecteaz\u0103 victimele, speciali\u015ftii Bitdefender nu exclud ca anumite versiuni ale atacurilor s\u0103 foloseasc\u0103 \u015fi alte tehnici de infiltrare \u00een infrastructurile victimelor.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Speciali\u015ftii Bitdefender au identificat o amenin\u0163are cibernetic\u0103 personalizat\u0103, destinat\u0103 spionajului cibernetic, care poate fi dezvoltat\u0103 cu u\u015furin\u0163\u0103 folosind instrumente gratuite g\u0103site pe internet.<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[510],"tags":[211,15977,10653,363,9632,8039,7555,32507,17365,30806,16015,7442,32766,389,32506,7470,22530,10652,10322,76,171,13302,9843,80,298,219,7745,15650,13247],"class_list":["post-147006","post","type-post","status-publish","format-standard","hentry","category-actualitate","tag-amenintare","tag-amenintari","tag-atac","tag-atacuri","tag-avansare","tag-bitdefender","tag-campanie","tag-cibernetic","tag-colectare","tag-creare","tag-denumire","tag-dezvoltare","tag-folosire","tag-furt","tag-gasire","tag-gratuit","tag-identificare","tag-informatica","tag-informatii","tag-institutii","tag-internet","tag-misiune","tag-phishing","tag-refuz","tag-reprezentare","tag-securitate","tag-specialisti","tag-spionaj","tag-victime"],"_links":{"self":[{"href":"https:\/\/bm.dev.synology.me\/index.php?rest_route=\/wp\/v2\/posts\/147006","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/bm.dev.synology.me\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/bm.dev.synology.me\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/bm.dev.synology.me\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/bm.dev.synology.me\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=147006"}],"version-history":[{"count":0,"href":"https:\/\/bm.dev.synology.me\/index.php?rest_route=\/wp\/v2\/posts\/147006\/revisions"}],"wp:attachment":[{"href":"https:\/\/bm.dev.synology.me\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=147006"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/bm.dev.synology.me\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=147006"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/bm.dev.synology.me\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=147006"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}