{"id":6860,"date":"2023-01-16T08:00:00","date_gmt":"2023-01-16T05:00:00","guid":{"rendered":"https:\/\/rockvell.com\/?p=6860"},"modified":"2023-01-16T10:41:11","modified_gmt":"2023-01-16T07:41:11","slug":"2022-ci-ilin-4-cu-rubund%c9%99-700-d%c9%99n-cox-sirk%c9%99t-h%c9%99d%c9%99fli-fidy%c9%99-kriptoqraflarinin-hucumuna-m%c9%99ruz-qalib","status":"publish","type":"post","link":"https:\/\/rockvell.com\/?p=6860","title":{"rendered":"2022-ci ilin 4-c\u00fc r\u00fcb\u00fcnd\u0259 700-d\u0259n \u00e7ox \u015firk\u0259t h\u0259d\u0259fli fidy\u0259 kriptoqraflar\u0131n\u0131n h\u00fccumuna m\u0259ruz qal\u0131b"},"content":{"rendered":"\n

2022-ci ilin 4-c\u00fc r\u00fcb\u00fcnd\u0259 700-d\u0259n \u00e7ox \u015firk\u0259t h\u0259d\u0259fli fidy\u0259 kriptoqraflar\u0131n\u0131n h\u00fccumuna m\u0259ruz qal\u0131b<\/strong><\/p>\n\n\n\n

Kaspersky-nin m\u0259lumat\u0131na g\u00f6r\u0259 2022-ci ilin d\u00f6rd\u00fcnc\u00fc r\u00fcb\u00fcnd\u0259 d\u00fcnya \u00fczr\u0259 \u0259n az\u0131 730 t\u0259\u015fkilat h\u0259d\u0259fli fidy\u0259 proqram\u0131 h\u00fccumlar\u0131na m\u0259ruz qal\u0131b. H\u00fccumlar\u0131n yar\u0131s\u0131n\u0131n arxas\u0131nda f\u0259aliyy\u0259tl\u0259ri Kaspersky Threat Intelligence komandas\u0131n\u0131n “\u0130yr\u0259nc s\u0259kkizlik: Fidy\u0259 Proqram\u0131 H\u00fccumlar\u0131 Qruplar\u0131n\u0131n Texnikalar\u0131, Taktikalar\u0131 v\u0259 Prosedurlar\u0131 (TTP)<\/a>” adl\u0131 analitik hesabat\u0131nda t\u0259svir edil\u0259n s\u0259kkiz b\u00f6y\u00fck qrup dayan\u0131r,. Hal-haz\u0131rda, Clop (TA 505), Hive, Lockbit, RagnarLocker, BlackByte v\u0259 BlackCat \u0259n aktiv olaraq qal\u0131r, sonuncu ikisi is\u0259 2021-ci ilin pay\u0131z\u0131ndan etibar\u0259n h\u00fccumlarda i\u015ftirak edir.<\/p>\n\n\n

\n
\"\"<\/figure><\/div>\n\n\n

\u018fn \u00e7ox h\u00fccum LockBit t\u0259r\u0259find\u0259n h\u0259yata ke\u00e7irilib: fidy\u0259 kriptoqraf\u0131n\u0131n m\u00f6vcud oldu\u011fu b\u00fct\u00fcn d\u00f6vr \u0259rzind\u0259 onun qurbanlar\u0131n\u0131n say\u0131 mini ke\u00e7ib. Qrupun h\u0259d\u0259fl\u0259ri aras\u0131nda aviasiya, enerji, konsaltinq xidm\u0259tl\u0259ri sah\u0259l\u0259rini t\u0259msil ed\u0259n \u015firk\u0259tl\u0259ri var. Qurbanlar\u0131n co\u011frafiyas\u0131 da m\u00fcxt\u0259lifdir: AB\u015e, \u00c7in, Hindistan, \u0130ndoneziya, h\u0259m\u00e7inin M\u0259rk\u0259zi v\u0259 \u015eimal-Q\u0259rbi Avropa \u00f6lk\u0259l\u0259ri. Operatorlar qurban\u0131n infrastrukturunda “i\u015fl\u0259m\u0259k” fidy\u0259\u00e7il\u0259r \u00fc\u00e7\u00fcn standart hesab edil\u0259n ilkin n\u00fcfuz vektorlar\u0131ndan v\u0259 utilitl\u0259rd\u0259n istifad\u0259 edirl\u0259r. \u0130lkin giri\u015f \u0259ld\u0259 etm\u0259k \u00fc\u00e7\u00fcn \u0259n \u00e7ox RDP protokollar\u0131 v\u0259 ya z\u0259iflik istismar\u0131 vasit\u0259l\u0259rin\u0259, \u015f\u0259b\u0259k\u0259 daxilind\u0259ki f\u0259aliyy\u0259tl\u0259r \u00fc\u00e7\u00fcn is\u0259 PsExec, Empire, Mimikatz al\u0259tl\u0259rin\u0259 m\u00fcraci\u0259t olunur.<\/p>\n\n\n\n

\u201cFidy\u0259 proqramlar\u0131 \u0259sas t\u0259hl\u00fck\u0259l\u0259rd\u0259n biri olmaqda davam edir. Biz bu tip z\u0259r\u0259rli proqramlar \u00fcz\u0259rind\u0259 \u00e7oxlu analitik i\u015f aparm\u0131\u015f\u0131q v\u0259 onlar\u0131n texnika v\u0259 taktikalar\u0131n\u0131n \u0259sas\u0259n eyni oldu\u011funu v\u0259 uzun m\u00fcdd\u0259t \u0259rzind\u0259 d\u0259yi\u015film\u0259diyini a\u015fkar etmi\u015fik. Hesabat\u0131m\u0131z \u015firk\u0259tl\u0259r\u0259 bu t\u0259hl\u00fck\u0259 il\u0259 m\u00fcbariz\u0259 aparma\u011fa k\u00f6m\u0259k ed\u0259c\u0259k faydal\u0131 m\u0259lumatlarla z\u0259ngindir\u201d, – dey\u0259 Kaspersky-nin geni\u015fl\u0259ndirilmi\u015f t\u0259hdid ara\u015fd\u0131rmalar\u0131 \u015f\u00f6b\u0259sinin r\u0259hb\u0259ri Nikita Nazarov bildirir.<\/p>\n\n\n\n

Hesabat\u0131n rus dilind\u0259ki tam versiyas\u0131n\u0131 buradan oxuya bil\u0259rsiniz: https:\/\/go.kaspersky.com\/ru-ransomware-report<\/a>.<\/p>\n\n\n\n

Biznesi fidy\u0259 proqram\u0131 h\u00fccumlar\u0131ndan qorumaq \u00fc\u00e7\u00fcn Kaspersky \u015firk\u0259tl\u0259r\u0259 a\u015fa\u011f\u0131dak\u0131 t\u0259birl\u0259r\u0259 \u0259m\u0259l etm\u0259yi xat\u0131rlad\u0131r:<\/p>\n\n\n\n