Māhele: Hōʻike Pūnaewele

Wehe ʻo Sarwent malware i nā awa RDP ma ka lolouila maʻi

Ua loaʻa nā noiʻi palekana i nā polokalamu ʻino e wehe ana i nā awa pākaukau mamao ma ka pā ahi. Hoʻonohonoho ʻia nā awa RDP (Remote desktop), maʻalahi kēia i ka poʻe hoʻouka kaua e hōʻino i nā awa RDP ma hope aku.

Ua hoʻohana ʻia ka polokalamu ʻo Sarwent mai ka makahiki 2018. I ka hoʻomaka ʻana o 2020 Vitali Kwemez i hoʻouna i kahi tweet e pili ana i ka malware Sarwent akā ʻaʻole liʻiliʻi ka ʻike e pili ana i ka malware Sarwent ma ka pūnaewele.

ʻAʻole ʻike ʻia ke ala e hoʻolaha ʻia ai ka polokalamu ʻo Sarwent; Ua manaʻo ʻia ua hoʻolaha ʻia ʻo Sarwent ma o nā polokalamu ʻē aʻe, ma nā botnets paha.

ʻO ka mea i ʻike ʻia e pili ana iā Sarwent ʻo ia ma hope o ka maʻi i hana ʻia ka malware i kahi mea hou Windows moʻokāki mea hoʻohana ma ke kamepiula a wehe i ke awa RDP 3389 ma ke kamepiula a ma ka pā ahi. E wehe ʻia paha ʻo RDP i mea e komo ai i ka lolouila maʻi ma o ka hana ʻana Windows mooolelo hoohana.

ʻIke ʻia nā helu IP Sarwent, nā hashes MD5, a me nā kikowaena mai Sarwent, hāʻawi ʻia kēia mau kikoʻī i IOCs (Indicators of compromise) no nā hui e ʻike iā Sarwent.

E heluhelu pū

Ua lele ka ʻikepili pilikino i nā miliona o nā mea hoʻohana ʻo Wishbone app ma ka Pūnaewele

Max Reisler

Aloha mai! ʻO wau ʻo Max, ʻāpana o kā mākou hui hoʻopau malware. ʻO kā mākou misionari e makaʻala i nā hoʻoweliweli malware e ulu nei. Ma o kā mākou blog, hoʻomau mākou iā ʻoe i ka hōʻano hou ʻana i nā pōʻino malware a me ka lolouila, hoʻolako iā ʻoe me nā mea hana e pale ai i kāu mau polokalamu. He mea nui kou kākoʻo i ka hoʻolaha ʻana i kēia ʻike koʻikoʻi ma waena o nā pāpaho kaiaulu i kā mākou hana hui e pale aku i nā poʻe ʻē aʻe.