{"id":2104,"date":"2014-03-28T11:30:02","date_gmt":"2014-03-28T10:30:02","guid":{"rendered":"http:\/\/preventista.sk\/info\/?p=2104"},"modified":"2014-03-28T11:34:21","modified_gmt":"2014-03-28T10:34:21","slug":"skodliva-operacia-windigo","status":"publish","type":"post","link":"https:\/\/preventista.sk\/info\/skodliva-operacia-windigo\/","title":{"rendered":"\u0160kodliv\u00e1 oper\u00e1cia Windigo"},"content":{"rendered":"

\u0160kodliv\u00e1 oper\u00e1cia Windigo zneu\u017e\u00edva 25-tis\u00edc serverov, ohrozen\u00fdch je 500-tis\u00edc po\u010d\u00edta\u010dov<\/b><\/p>\n

Bezpe\u010dnostn\u00ed v\u00fdskumn\u00edci zo slovenskej antiv\u00edrusovej spolo\u010dnosti ESET objavili spolu so zahrani\u010dn\u00fdm bezpe\u010dnostn\u00fdmi organiz\u00e1ciami rozsiahlu kybernetick\u00fa krimin\u00e1lnu \u010dinnos\u0165, ktor\u00e1 celosvetovo prevzala kontrolu nad viac ne\u017e 25-tis\u00edckami serverov. Nieko\u013eko z nich sa nach\u00e1dza aj na Slovensku a v \u010ceskej republike.<\/p>\n

\"ESET<\/a>

Krajiny napadnut\u00e9 \u0161kodliv\u00fdm k\u00f3dom Windigo.<\/p><\/div>\n

\u00datok, ktor\u00fd bezpe\u010dnostn\u00ed experti pomenovali \u201coper\u00e1cia Windigo\u201d, mal za n\u00e1sledok infikovanie serverov, ktor\u00e9 rozosielali mili\u00f3ny spamov\u00fdch e-mailov. Komplexn\u00e1 skupina sofistikovan\u00fdch komponentov \u0161kodliv\u00e9ho k\u00f3du bola vytvoren\u00e1 na prevzatie kontroly nad servermi, infikovanie po\u010d\u00edta\u010dov, ktor\u00e9 ich nav\u0161t\u00edvia a na kr\u00e1de\u017e inform\u00e1ci\u00ed.<\/p>\n

\u201cWindigo naberal na sile viac ne\u017e dva a pol roka a moment\u00e1lne m\u00e1 pod kontrolou 10-tis\u00edc serverov,\u201d hovor\u00ed Marc-\u00c9tienne L\u00e9veill\u00e9, bezpe\u010dnostn\u00fd v\u00fdskumn\u00edk spolo\u010dnosti ESET. \u201cDenne je na e-mailov\u00e9 \u00fa\u010dty nevinn\u00fdch internetov\u00fdch pou\u017e\u00edvate\u013eov t\u00fdmto sp\u00f4sobom odoslan\u00fdch viac ne\u017e 35 mili\u00f3nov spamov\u00fdch e-mailov. Zaberaj\u00fa im e-mailov\u00e9 schr\u00e1nky a vystavuj\u00fa ich syst\u00e9my riziku. E\u0161te hor\u0161ie v\u0161ak je, \u017ee ka\u017ed\u00fd de\u0148 sa riziku vystavuje pol mili\u00f3na po\u010d\u00edta\u010dov, ktor\u00e9 nav\u0161tevuj\u00fa webstr\u00e1nky infikovan\u00e9 \u0161kodliv\u00fdm k\u00f3dom zameran\u00fdm na webov\u00e9 servery. Tento \u0161kodliv\u00fd k\u00f3d na ne umiestnili tvorcovia oper\u00e1cie Windigo, po\u010d\u00edta\u010de s\u00fa t\u00fdmto sp\u00f4sobom presmerovan\u00e9 na \u0161kodliv\u00e9 exploit sady a reklamu,\u201d vysvet\u013euje L\u00e9veill\u00e9.<\/p>\n

\"ESET<\/a>

\u0160tatistika obet\u00ed pod\u013ea opera\u010dn\u00e9ho syst\u00e9mu.<\/p><\/div>\n

 <\/p>\n

\"ESET<\/p>\n

Zauj\u00edmav\u00e9 je, \u017ee Windigom zasiahnut\u00e9 webstr\u00e1nky sa pok\u00fa\u0161aj\u00fa infikova\u0165 po\u010d\u00edta\u010de s Windowsom cez exploit sadu, pou\u017e\u00edvate\u013eom Macov v\u0161ak pods\u00favaj\u00fa reklamu na zoznamovacie webstr\u00e1nky a majitelia iPhonov s\u00fa presmerov\u00e1van\u00ed na str\u00e1nky s pornografick\u00fdm obsahom.<\/p>\n

Viac ne\u017e 60 percent webstr\u00e1nok na celom svete be\u017e\u00ed na linuxov\u00fdch serveroch. V\u00fdskumn\u00edci ESETu, ktor\u00ed Windigo pomenovali pod\u013ea m\u00fdtick\u00e9ho stvorenia severoamerick\u00fdch Indi\u00e1nov Alqonquinov pre jeho kanibalistick\u00e9 sklony, apeluj\u00fa na administr\u00e1torov unixov\u00fdch syst\u00e9mov a webmasterov, aby vo svojich syst\u00e9moch zadali nasledovn\u00fd pr\u00edkaz, ktor\u00fd im povie, \u010di boli ich servery skompromitovan\u00e9:<\/p>\n

$ ssh -G 2>&1 | grep -e illegal -e unknown > \/dev\/null && echo „System clean“ || echo „System infected“<\/p>\n

 <\/p>\n

 <\/p>\n

Ak syst\u00e9mov\u00ed administr\u00e1tori zistia, \u017ee ich syst\u00e9my s\u00fa infikovan\u00e9, je im odporu\u010den\u00e9 vymaza\u0165 zasiahnut\u00e9 po\u010d\u00edta\u010de a prein\u0161talova\u0165 opera\u010dn\u00fd syst\u00e9m a softv\u00e9r. Je d\u00f4le\u017eit\u00e9, aby boli pou\u017eit\u00e9 nov\u00e9 hesl\u00e1 a priv\u00e1tne \u0161ifrovacie k\u013e\u00fa\u010de. Existuj\u00face musia by\u0165 pova\u017eovan\u00e9 za skompromitovan\u00e9.<\/p>\n

Pre vy\u0161\u0161iu \u00farove\u0148 ochrany pri vstupe do syst\u00e9mov by mali syst\u00e9mov\u00ed a web administr\u00e1tori zv\u00e1\u017ei\u0165 pou\u017eitie technol\u00f3gie dvojfaktorovej autentifik\u00e1cie.<\/p>\n

\u201cUvedomujeme si, \u017ee premaza\u0165 server a za\u010da\u0165 od za\u010diatku m\u00f4\u017ee by\u0165 horkou pilulkou. Ak v\u0161ak hackeri ukradli va\u0161e administr\u00e1torsk\u00e9 loginy a maj\u00fa vzdialen\u00fd pr\u00edstup k va\u0161im serverom, nem\u00f4\u017eete riskova\u0165,\u201d vysvet\u013euje L\u00e9veill\u00e9. \u201cSme v kontakte s niektor\u00fdmi obe\u0165ami tohto \u00fatoku, ktor\u00e9 vedia, \u017ee s\u00fa infikovan\u00e9. Pre vy\u010distenie svojich syst\u00e9mov v\u0161ak bohu\u017eia\u013e ni\u010d nespravili, \u010do m\u00f4\u017ee potenci\u00e1lnemu riziku vystavi\u0165 e\u0161te viac internetov\u00fdch pou\u017e\u00edvate\u013eov.\u201d<\/p>\n

V\u0161etk\u00fdm pou\u017e\u00edvate\u013eom internetu ESET pripom\u00edna, aby jedno heslo nepou\u017e\u00edvali do viacer\u00fdch syst\u00e9mov a aby si ako heslo nevyberali \u013eahko uh\u00e1dnute\u013en\u00fd re\u0165azec.<\/p>\n

\"ESET<\/a>

\u0160tatistika obet\u00ed pod\u013ea prehliada\u010dov.<\/p><\/div>\n

 <\/p>\n","protected":false},"excerpt":{"rendered":"

Bezpe\u010dnostn\u00ed v\u00fdskumn\u00edci zo slovenskej antiv\u00edrusovej spolo\u010dnosti ESET objavili spolu so zahrani\u010dn\u00fdm bezpe\u010dnostn\u00fdmi organiz\u00e1ciami rozsiahlu kybernetick\u00fa krimin\u00e1lnu \u010dinnos\u0165, ktor\u00e1 celosvetovo prevzala kontrolu nad viac ne\u017e 25-tis\u00edckami serverov. Nieko\u013eko z nich sa nach\u00e1dza aj na Slovensku a v \u010ceskej republike.<\/p>\n","protected":false},"author":1,"featured_media":1957,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"jetpack_post_was_ever_published":false,"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[4],"tags":[32,43,45],"class_list":["post-2104","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-itbezp","tag-bezpecnost","tag-eset","tag-navod"],"aioseo_notices":[],"jetpack_featured_media_url":"https:\/\/i0.wp.com\/preventista.sk\/info\/wp-content\/uploads\/2013\/08\/eset-2.jpg?fit=700%2C400&ssl=1","jetpack_sharing_enabled":true,"jetpack-related-posts":[{"id":4993,"url":"https:\/\/preventista.sk\/info\/manipulativne-podvody\/","url_meta":{"origin":2104,"position":0},"title":"Manipulat\u00edvne podvody","author":"J. Oster","date":"10. okt\u00f3bra 2022","format":false,"excerpt":"Denne virtu\u00e1lnym i fyzick\u00fdm svetom prebehn\u00fa r\u00f4zne typy manipulat\u00edvnych podvodov, kedy sa \u00fato\u010dn\u00edci sna\u017eia potenci\u00e1lnu obe\u0165 po\u010das vz\u00e1jomnej komunik\u00e1cie zmanipulova\u0165 tak, aby bola ochotn\u00e1 spolupracova\u0165 a vykonala to \u010do od nej \u00fato\u010dn\u00edk o\u010dak\u00e1va (teda nasledovala jeho pokyny). Z\u00e1merom \u00fato\u010dn\u00edka b\u00fdva obvykle dosiahnu\u0165 aby potenci\u00e1lna obe\u0165 nie\u010do vykonala, nie\u010do poskytla ako\u2026","rel":"","context":"V "Bezpe\u010dnos\u0165"","block_context":{"text":"Bezpe\u010dnos\u0165","link":"https:\/\/preventista.sk\/info\/category\/itbezp\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/preventista.sk\/info\/wp-content\/uploads\/2022\/10\/phishing-SP-26032021.png?resize=350%2C200&ssl=1","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/preventista.sk\/info\/wp-content\/uploads\/2022\/10\/phishing-SP-26032021.png?resize=350%2C200&ssl=1 1x, https:\/\/i0.wp.com\/preventista.sk\/info\/wp-content\/uploads\/2022\/10\/phishing-SP-26032021.png?resize=525%2C300&ssl=1 1.5x"},"classes":[]},{"id":2885,"url":"https:\/\/preventista.sk\/info\/falosne-android-aplikacie-nasli-sposob-ako-obist-ochrannu-technologiu-googlu\/","url_meta":{"origin":2104,"position":1},"title":"Falo\u0161n\u00e9 android aplik\u00e1cie na\u0161li sp\u00f4sob, ako ob\u00eds\u0165 ochrann\u00fa technol\u00f3giu Googlu","author":"T.Paulus","date":"14. okt\u00f3bra 2015","format":false,"excerpt":"Falo\u0161n\u00e9 android aplik\u00e1cie na\u0161li sp\u00f4sob, ako ob\u00eds\u0165 ochrann\u00fa technol\u00f3giu Googlu Slovensk\u00e1 bezpe\u010dnostn\u00e1 spolo\u010dnos\u0165 ESET analyzovala falo\u0161n\u00e9 android aplik\u00e1cie, ktor\u00e9 sa nach\u00e1dzali priamo v\u00a0digit\u00e1lnom obchode Google Play. V\u00a0\u013eu\u010foch vzbudzovali dojem, \u017ee obsahuj\u00fa cheaty do ob\u013e\u00faben\u00fdch hier a\u00a0za jedin\u00fd mesiac boli nain\u0161talovan\u00e9 viac ne\u017e 200-tis\u00edc kr\u00e1t. Aplik\u00e1cie v\u0161ak v\u00a0skuto\u010dnosti majite\u013eom android telef\u00f3nov\u2026","rel":"","context":"V "N\u00e1vody"","block_context":{"text":"N\u00e1vody","link":"https:\/\/preventista.sk\/info\/category\/navody\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/preventista.sk\/info\/wp-content\/uploads\/2015\/10\/eset-bg.png?fit=700%2C400&ssl=1&resize=350%2C200","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/preventista.sk\/info\/wp-content\/uploads\/2015\/10\/eset-bg.png?fit=700%2C400&ssl=1&resize=350%2C200 1x, https:\/\/i0.wp.com\/preventista.sk\/info\/wp-content\/uploads\/2015\/10\/eset-bg.png?fit=700%2C400&ssl=1&resize=525%2C300 1.5x, https:\/\/i0.wp.com\/preventista.sk\/info\/wp-content\/uploads\/2015\/10\/eset-bg.png?fit=700%2C400&ssl=1&resize=700%2C400 2x"},"classes":[]},{"id":1185,"url":"https:\/\/preventista.sk\/info\/hesla-a-inspiracia\/","url_meta":{"origin":2104,"position":2},"title":"Hesl\u00e1 a in\u0161pir\u00e1cia","author":"Redakcia","date":"21. augusta 2013","format":false,"excerpt":"Mu\u017eov pri tvorbe hesiel in\u0161piruje \u0161port, \u017eeny zase zn\u00e1me men\u00e1 Hesl\u00e1 s\u00fa stra\u0161n\u00e1 otrava, a nie len vtedy, ke\u010f ich mus\u00edte vy\u0165uka\u0165 do svojho online bankov\u00e9ho \u00fa\u010dtu alebo ak chcete nakupova\u0165 vo svojom ob\u013e\u00fabenom digit\u00e1lnom obchode. Spolo\u010dnos\u0165 Harris Interactive spravila pre antiv\u00edrusov\u00fa spolo\u010dnos\u0165 ESET prieskum o tom, ako \u013eudia zaobch\u00e1dzaj\u00fa\u2026","rel":"","context":"V "Bezpe\u010dnos\u0165"","block_context":{"text":"Bezpe\u010dnos\u0165","link":"https:\/\/preventista.sk\/info\/category\/itbezp\/"},"img":{"alt_text":"heslo","src":"https:\/\/i0.wp.com\/preventista.sk\/info\/wp-content\/uploads\/2013\/08\/heslo.jpg?fit=700%2C400&ssl=1&resize=350%2C200","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/preventista.sk\/info\/wp-content\/uploads\/2013\/08\/heslo.jpg?fit=700%2C400&ssl=1&resize=350%2C200 1x, https:\/\/i0.wp.com\/preventista.sk\/info\/wp-content\/uploads\/2013\/08\/heslo.jpg?fit=700%2C400&ssl=1&resize=525%2C300 1.5x, https:\/\/i0.wp.com\/preventista.sk\/info\/wp-content\/uploads\/2013\/08\/heslo.jpg?fit=700%2C400&ssl=1&resize=700%2C400 2x"},"classes":[]},{"id":5525,"url":"https:\/\/preventista.sk\/info\/cluster-kybernetickej-bezpecnosti\/","url_meta":{"origin":2104,"position":3},"title":"Cluster Kybernetickej Bezpe\u010dnosti","author":"Redakcia","date":"17. janu\u00e1ra 2024","format":false,"excerpt":"Jednou z organiz\u00e1ci\u00ed, ktor\u00e1 sa na Slovensku intenz\u00edvne venuje podpore slovensk\u00fdch \u0161k\u00f4l pre zvy\u0161ovan\u00ed kompetenci\u00ed v oblasti technickej str\u00e1nky kybernetickej bezpe\u010dnosti je Cluster Kybernetickej Bezpe\u010dnosti z Liptovsk\u00e9ho Mikul\u00e1\u0161a. Vyspovedali sme J\u00e1na Lichv\u00e1ra, predsedu tohto zdru\u017eenia a polo\u017eili sme mu p\u00e1r ot\u00e1zok. Cluster kybernetickej bezpe\u010dnosti, m\u00f4\u017eete n\u00e1m p\u00e1r slovami pribl\u00ed\u017ei\u0165 \u010do\u2026","rel":"","context":"V "Bezpe\u010dnos\u0165"","block_context":{"text":"Bezpe\u010dnos\u0165","link":"https:\/\/preventista.sk\/info\/category\/itbezp\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/preventista.sk\/info\/wp-content\/uploads\/2023\/12\/ckb-logo-02.jpg?resize=350%2C200&ssl=1","width":350,"height":200},"classes":[]},{"id":2130,"url":"https:\/\/preventista.sk\/info\/boli-sme-pri-tom-eset-security-days-2014\/","url_meta":{"origin":2104,"position":4},"title":"Boli sme pri tom: ESET Security Days 2014","author":"Redakcia","date":"2. m\u00e1ja 2014","format":false,"excerpt":"D\u0148a 7.4.2014 sa v Bratislave konala konferencia ESET Security Days 2014. Preventista tam samozrejme nemohol ch\u00fdba\u0165. Rie\u0161ili sa ot\u00e1zky digit\u00e1lnej bezpe\u010dnosti a pr\u00e1va, mohli sme hlb\u0161ie nahliadnu\u0165 do mnoh\u00fdch legislat\u00edvnych zmien\u00a0a tie\u017e sme si osvie\u017eili vedomosti o dvojfaktorovej autentifik\u00e1cii a \u0161ifrovan\u00ed. V z\u00e1vere konferencie sme boli svedkami panelovej debaty, ktorej\u2026","rel":"","context":"V "Bezpe\u010dnos\u0165"","block_context":{"text":"Bezpe\u010dnos\u0165","link":"https:\/\/preventista.sk\/info\/category\/itbezp\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/preventista.sk\/info\/wp-content\/uploads\/2014\/05\/adsf.jpg?fit=690%2C392&ssl=1&resize=350%2C200","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/preventista.sk\/info\/wp-content\/uploads\/2014\/05\/adsf.jpg?fit=690%2C392&ssl=1&resize=350%2C200 1x, https:\/\/i0.wp.com\/preventista.sk\/info\/wp-content\/uploads\/2014\/05\/adsf.jpg?fit=690%2C392&ssl=1&resize=525%2C300 1.5x"},"classes":[]},{"id":5179,"url":"https:\/\/preventista.sk\/info\/o-kybernetickej-bezpecnosti-nestaci-len-rozpravat-alias-krst-nasej-ucebnice\/","url_meta":{"origin":2104,"position":5},"title":"O kybernetickej bezpe\u010dnosti nesta\u010d\u00ed len rozpr\u00e1va\u0165 alias krst na\u0161ej u\u010debnice","author":"Redakcia","date":"22. marca 2023","format":false,"excerpt":"O kybernetickej bezpe\u010dnosti nesta\u010d\u00ed len rozpr\u00e1va\u0165 OZ Preventista a\u00a0spolo\u010dnos\u0165 ESET \u00a0spolo\u010dn\u00fdmi silami pripravili\u00a0krst druhej \u010dasti \u00faspe\u0161nej U\u010debnice informa\u010dnej bezpe\u010dnosti pre stredn\u00e9 \u0161koly a gymn\u00e1zi\u00e1, ktorej cie\u013eom je poskytn\u00fa\u0165 kvalitn\u00fd \u0161tudijn\u00fd materi\u00e1l pre vyu\u010dovania informa\u010dnej bezpe\u010dnosti ako ucelen\u00e9ho predmetu na stredn\u00fdch \u0161kol\u00e1ch. U\u010debnicu pokrst\u00ed COO spolo\u010dnosti ESET, Pavel Luka, za pr\u00edtomnosti\u2026","rel":"","context":"V "Akcie"","block_context":{"text":"Akcie","link":"https:\/\/preventista.sk\/info\/category\/akcie\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/preventista.sk\/info\/wp-content\/uploads\/2023\/01\/NovaKniha_kniha.png?resize=350%2C200&ssl=1","width":350,"height":200},"classes":[]}],"_links":{"self":[{"href":"https:\/\/preventista.sk\/info\/wp-json\/wp\/v2\/posts\/2104","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/preventista.sk\/info\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/preventista.sk\/info\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/preventista.sk\/info\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/preventista.sk\/info\/wp-json\/wp\/v2\/comments?post=2104"}],"version-history":[{"count":2,"href":"https:\/\/preventista.sk\/info\/wp-json\/wp\/v2\/posts\/2104\/revisions"}],"predecessor-version":[{"id":2111,"href":"https:\/\/preventista.sk\/info\/wp-json\/wp\/v2\/posts\/2104\/revisions\/2111"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/preventista.sk\/info\/wp-json\/wp\/v2\/media\/1957"}],"wp:attachment":[{"href":"https:\/\/preventista.sk\/info\/wp-json\/wp\/v2\/media?parent=2104"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/preventista.sk\/info\/wp-json\/wp\/v2\/categories?post=2104"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/preventista.sk\/info\/wp-json\/wp\/v2\/tags?post=2104"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}