{"id":187896,"date":"2020-11-09T16:07:06","date_gmt":"2020-11-09T16:07:06","guid":{"rendered":"https:\/\/bm.dev.synology.me\/?p=187896"},"modified":"2020-11-09T16:07:06","modified_gmt":"2020-11-09T16:07:06","slug":"un-nou-virus-le-permite-hackerilor-sa-comita-fraude-bancare-prin-intermediul-telefoanelor-infectate","status":"publish","type":"post","link":"https:\/\/bm.dev.synology.me\/?p=187896","title":{"rendered":"Un nou virus le permite hackerilor s\u0103 comit\u0103 fraude bancare prin intermediul telefoanelor infectate"},"content":{"rendered":"<p>\nCercetatorii Kaspersky au descoperit un nou troian bancar. Numit Ghimob, acesta poate dezactiva op\u0163iunea de dezinstalare manual\u0103, captura date, manipula con\u0163inutul ecranului \u015fi oferi control complet, de la distan\u0163\u0103, actorilor din spatele acestuia. Potrivit exper\u0163ilor, dezvoltatorii acestui troian mobil tipic, de acces la distan\u0163\u0103 (RAT) sunt foarte concentra\u0163i asupra utilizatorilor din Brazilia, dar au planuri mari de extindere pe tot globul.<\/p>\n<p>\nTroianul bancar Ghimob atrage victimele s\u0103 instaleze fi\u015fierul r\u0103u inten\u0163ionat printr-un e-mail care sugereaz\u0103 c\u0103 persoana care \u00eel prime\u015fte are un fel de datorie. E-mailul include, de asemenea, un link care s\u0103 fie accesat de victim\u0103 pentru a putea afla mai multe informa\u0163ii. Odat\u0103 ce RAT-ul este instalat, malware-ul trimite un mesaj despre infec\u0163ia reu\u015fit\u0103 c\u0103tre serverul s\u0103u. Mesajul include modelul de telefon, dac\u0103 are sau nu activat\u0103 blocarea ecranului \u015fi o list\u0103 a tuturor aplica\u0163iilor instalate pe care malware-ul le poate afecta. \u00cen total, Ghimob poate spiona 153 de aplica\u0163ii mobile, \u00een principal de la b\u0103nci, companii fintech, criptomonede \u015fi schimburi.<\/p>\n<p>\nPractic, Ghimob este un spion in buzunarul victimei. Dezvoltatorii pot accesa de la distan\u0163\u0103 dispozitivul infectat. Chiar dac\u0103 utilizatorul folose\u015fte un sistem de blocare a ecranului, Ghimob este capabil sa \u00eel \u00eenregistreze \u015fi s\u0103 \u00eel redea pentru a debloca dispozitivul. C\u00e2nd dezvoltatorii sunt gata s\u00ee efectueze o tranzac\u0163ie frauduloas\u0103 pot introduce o suprapunere pe ecran, o imagine neagr\u0103, sau pot deschide unele site-uri web pe \u00eentregul ecran. Apoi, \u00een timp ce utilizatorul se uit\u0103 la acel ecran, dezvoltatorii efectueaz\u0103 tranzac\u0163ia frauduloas\u0103 \u00een fundal, utiliz\u00e2nd aplica\u0163ia financiar\u0103 deja deschis\u0103\u015f<\/p>\n<p>\nStatisticile Kaspersky arat\u0103 c\u0103, \u00een afara de Brazilia, obiectivele de extindere ale Ghimob au \u00een vizor Paraguay, Peru, Portugalia, Germania, Angola \u015fi Mozambic.<\/p>\n<p>\n&nbsp;<\/p>\n<p>\n&nbsp;<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Un nou virus le permite hackerilor s\u0103 comit\u0103 fraude bancare prin intermediul telefoanelor infectate. Descoperirea a fost f\u0103cut\u0103 de exper\u0163ii Kaspersky care au stabilit c\u0103 troianul bancar poate captura date, manipula con\u0163inutul ecranului si oferi control complet de la distan\u0163\u0103.<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[510],"tags":[13594,10657,11605],"class_list":["post-187896","post","type-post","status-publish","format-standard","hentry","category-actualitate","tag-fraude","tag-kaspersky","tag-virus"],"_links":{"self":[{"href":"https:\/\/bm.dev.synology.me\/index.php?rest_route=\/wp\/v2\/posts\/187896","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/bm.dev.synology.me\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/bm.dev.synology.me\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/bm.dev.synology.me\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/bm.dev.synology.me\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=187896"}],"version-history":[{"count":0,"href":"https:\/\/bm.dev.synology.me\/index.php?rest_route=\/wp\/v2\/posts\/187896\/revisions"}],"wp:attachment":[{"href":"https:\/\/bm.dev.synology.me\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=187896"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/bm.dev.synology.me\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=187896"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/bm.dev.synology.me\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=187896"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}