{"id":163520,"date":"2018-08-20T13:35:23","date_gmt":"2018-08-20T13:35:23","guid":{"rendered":"https:\/\/bm.dev.synology.me\/?p=163520"},"modified":"2018-08-20T13:35:23","modified_gmt":"2018-08-20T13:35:23","slug":"bitdefender-avertizeaza-asupra-unor-atacuri-informatice-avansate-asupra-bancilor-din-europa-de-est-si-rusia","status":"publish","type":"post","link":"https:\/\/bm.dev.synology.me\/?p=163520","title":{"rendered":"Bitdefender avertizeaz\u0103 asupra unor atacuri informatice avansate asupra b\u0103ncilor din Europa de Est \u015fi Rusia"},"content":{"rendered":"<p>\n\u201eAtacurile investigate s-au desf\u0103\u015furat prin campanii de phishing trimise c\u0103tre b\u0103nci din Europa de Est \u015fi Rusia, \u00een general \u00een prima parte a s\u0103pt\u0103m\u00e2nilor, \u00een intervalul luni-miercuri\u201d, spune Liviu Arsene, specialist \u00een securitate informatic\u0103 la Bitdefender.<\/p>\n<p>\nDin martie 2018, campania de phishing \u00eencerca s\u0103 p\u0103c\u0103leasc\u0103 angaja\u0163ii b\u0103ncilor s\u0103 dea click pe linkuri infectate sau s\u0103 descarce fi\u015fiere din mailuri trimise aparent de c\u0103tre cineva din organiza\u0163ia unde lucrau. Dup\u0103 ce atacatorii ajungeau pe calculatorul vizat, ei c\u0103utau s\u0103 ob\u0163in\u0103 privilegii de administrator pentru a se putea infiltra prin re\u0163eaua companiei. Criminalii informatici operau cu precizie chirurgical\u0103, de aceea infectau doar un num\u0103r mic de dispozitive, astfel \u00eenc\u00e2t s\u0103 r\u0103m\u00e2n\u0103 nedecta\u0163i c\u00e2t mai mult timp posibil. Victimele ideale erau angaja\u0163ii cu privilegii \u00eenalte \u015fi drepturi de acces extinse \u00een infrastructura informatic\u0103 a companiei.<\/p>\n<p>\nPentru a evita depistarea, gruparea criminal\u0103 folosea adeseori tehnici de atac f\u0103r\u0103 fi\u015fier, precum scripturile PowerShell sau Cobalt Strike, dar \u015fi aplica\u0163ii legitime folosite frecvent pentru conectarea \u015fi administrarea de la distan\u0163\u0103 a terminalului victimei. \u00cen acest caz, atacatorii operau \u00een afara orelor de lucru \u015fi pl\u0103nuiau s\u0103 ob\u0163in\u0103 banii la sf\u00e2r\u015fit de s\u0103pt\u0103m\u00e2n\u0103.<\/p>\n<p>\nRecentul avertisment al FBI, generat de atacul asupra b\u0103ncii indiene Cosmos, conform c\u0103ruia un val de atacuri cibernetice ar putea \u0163inti institu\u0163ii financiar-bancare, se coroboreaz\u0103 cu descoperirile recente ale Bitdefender, care ridic\u0103 nivelul de alert\u0103 pentru b\u0103ncile din Europa de Est \u015fi Rusia.<\/p>\n<p>\n&nbsp; Modul de lucru preferat din faza final\u0103 a acestor atacuri implica instruirea de la distan\u0163\u0103 a bancomatelor s\u0103 elibereze numerar la un moment predefinit, iar membri ai grupului infrac\u0163ional colectau imediat sumele de bani \u015fi s\u0103 le transfere \u00een conturi proprii. O alt\u0103 metod\u0103 era s\u0103 modifice bazele de date cu informa\u0163ii despre conturi c\u00e2t timp ace\u015ftia retr\u0103geau bani.<\/p>\n<p>\n&nbsp;<\/p>\n<p>\n&nbsp;<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Produc\u0103torul global de solu\u0163ii de securitate informatic\u0103 Bitdefender a investigat recent o serie de atacuri cibernetice avansate care vizau institu\u0163ii financiar-bancare, menite s\u0103 sustrag\u0103 voalat sume imense de bani prin atacuri concertate.Pe durata investiga\u0163iei, speciali\u015ftii de la Bitdefender au identificat componente ale arsenalului Cobalt Strike \u2013 asociat grup\u0103rii de criminalitate Carbanak, cunoscut\u0103 \u00eenc\u0103 din 2013 pentru atacul asupra a 100 de b\u0103nci din peste 40 de \u0163\u0103ri, responsabil pentru pagube financiare de peste un milliard de euro.<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[510],"tags":[13416,10653,363,9632,7267,82,8039,8611,19553,11056,30370,22530,10652,76,7253,219],"class_list":["post-163520","post","type-post","status-publish","format-standard","hentry","category-actualitate","tag-asociere","tag-atac","tag-atacuri","tag-avansare","tag-banci","tag-bani","tag-bitdefender","tag-componente","tag-criminalitate","tag-financiar","tag-grupare","tag-identificare","tag-informatica","tag-institutii","tag-investigatie","tag-securitate"],"_links":{"self":[{"href":"https:\/\/bm.dev.synology.me\/index.php?rest_route=\/wp\/v2\/posts\/163520","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/bm.dev.synology.me\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/bm.dev.synology.me\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/bm.dev.synology.me\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/bm.dev.synology.me\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=163520"}],"version-history":[{"count":0,"href":"https:\/\/bm.dev.synology.me\/index.php?rest_route=\/wp\/v2\/posts\/163520\/revisions"}],"wp:attachment":[{"href":"https:\/\/bm.dev.synology.me\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=163520"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/bm.dev.synology.me\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=163520"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/bm.dev.synology.me\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=163520"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}