{"id":7748,"date":"2023-05-11T13:59:33","date_gmt":"2023-05-11T13:59:33","guid":{"rendered":"https:\/\/texnokun.uz\/?p=7748"},"modified":"2023-06-16T14:07:13","modified_gmt":"2023-06-16T14:07:13","slug":"dragos-axborot-xavfsizligi-kompaniyasi-xakerlik-hujumi-haqida-xabar-berdi","status":"publish","type":"post","link":"https:\/\/texnokun.uz\/?p=7748","title":{"rendered":"Dragos Axborot Xavfsizligi kompaniyasi xakerlik hujumi haqida xabar berdi"},"content":{"rendered":"\n<p class=\"has-medium-font-size wp-block-paragraph\">Dragos, sanoat kiberxavfsizlik kompaniyasi, ma&#8217;lum bo&#8217;lgan xakerlik guruhi to&#8217;lov dasturini joylashtirish uchun uning mudofaasini buzishga va ichki tarmog&#8217;iga kirishga harakat qilganini aytdi.<\/p>\n\n\n\n<p class=\"has-medium-font-size wp-block-paragraph\">Mutaxassislarning ta\u2019kidlashicha, hujumchilar kompaniya tarmog\u2018iga kira olmagan, biroq ular SharePoint bulutli xizmati va kompaniyaning shartnomalarni boshqarish tizimidan foydalanish imkoniyatiga ega bo\u2018lishgan.<\/p>\n\n\n\n<blockquote class=\"wp-block-quote is-layout-flow wp-block-quote-is-layout-flow\">\n<p class=\"has-medium-font-size wp-block-paragraph\"><em>\u201c2023-yilning 8-mayida ma\u02bclum bo\u02bblgan kiberjinoyatchilar guruhi Dragos&#8217;ga to\u02bblov dasturi hujumini amalga oshirishga urindi, biroq muvaffaqiyatsizlikka uchradi. Hech qanday Dragos tizimi, jumladan Dragos platformasi bilan bog&#8217;liq bo&#8217;lgan tizimlar xakerlik hujumiga uchramagan, deyiladi kompaniya bayonotida.<\/em><\/p>\n\n\n\n<p class=\"has-medium-font-size wp-block-paragraph\"><em>&#8221; Jinoiy guruh yangi savdo xodimining shaxsiy elektron pochta manzilini buzish orqali (u boshlangan sanadan oldin) kirish huquqiga ega bo&#8217;lgan va keyin [jinoyatchilar] ushbu shaxsiy ma&#8217;lumotlardan Dragos xodimi sifatida o&#8217;zini namoyon qilish uchun foydalangan va ular nomidan birinchi qadamlarni bajarishgan<\/em>.&#8221;<\/p>\n<\/blockquote>\n\n\n\n<p class=\"has-medium-font-size wp-block-paragraph\">Xabarlarga ko&#8217;ra, SharePoint buzib tashlanganidan so&#8217;ng, tajovuzkorlar &#8220;Ommaviy ma&#8217;lumotlar&#8221;ni yuklab olishgan va faqat mijozlar uchun mavjud bo&#8217;lgan 25 ta hisobotga kirish huquqiga ega bo&#8217;lishgan.<\/p>\n\n\n\n<p class=\"has-medium-font-size wp-block-paragraph\">Xodimning akkauntiga kirish imkoniga ega bo\u2018lgan tajovuzkorlar 16 soat davomida bir nechta Dragos tizimlariga kirishga harakat qilishgan lekin RBAC qoidalariga ko\u2018ra muvaffaqiyatsizlikka uchragan. Ular orasida: xabar almashish tizimi, yordamchi stol, moliyaviy tizim, takliflar so&#8217;rovi tizimi, xodimlarni rag&#8217;batlantirish tizimi va marketing tizimlari bor.<\/p>\n\n\n\n<p class=\"has-medium-font-size wp-block-paragraph\">Kompaniyaning ichki tarmog&#8217;iga kira olmay, hujum boshlanganidan 11 kun o&#8217;tgach, hujumchilar Dragos rahbarlariga tovlamachilik xatini yuborishdi. Ushbu xabar 5 soatdan keyin o&#8217;qilgan, chunki u ish soatlaridan keyin yuborilgan.<\/p>\n\n\n\n<p class=\"has-medium-font-size wp-block-paragraph\"><font style=\"vertical-align: inherit\"><font style=\"vertical-align: inherit\">Tovlama xabarini o&#8217;qib bo&#8217;lgach, besh daqiqada, Dragos hisobni o&#8217;chirib tashlaydi, barcha faol seanslarni bekor qildi va tajovuzkorlarning kompaniya resurslariga kirishini blokladi.<\/font><\/font><\/p>\n\n\n\n<figure class=\"wp-block-gallery has-nested-images columns-default is-cropped wp-block-gallery-1 is-layout-flex wp-block-gallery-is-layout-flex\">\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"768\" height=\"739\" data-id=\"7749\" src=\"https:\/\/texnokun.uz\/wp-content\/uploads\/2023\/05\/time-line-768x739-1.png\" alt=\"\" class=\"wp-image-7749\" srcset=\"https:\/\/texnokun.uz\/wp-content\/uploads\/2023\/05\/time-line-768x739-1.png 768w, https:\/\/texnokun.uz\/wp-content\/uploads\/2023\/05\/time-line-768x739-1-300x289.png 300w\" sizes=\"auto, (max-width: 768px) 100vw, 768px\" \/><\/figure>\n<\/figure>\n\n\n\n<p class=\"wp-block-paragraph\">                         Hodisa xronologiyasi<\/p>\n\n\n\n<blockquote class=\"wp-block-quote is-layout-flow wp-block-quote-is-layout-flow\">\n<p class=\"has-medium-font-size wp-block-paragraph\"><em>\u201cIshonchimiz komilki, bizning ko&#8217;p qatlamli xavfsizlik nazoratimiz tajovuzkorlarga o&#8217;zlarining asosiy maqsadi bo&#8217;lgan to&#8217;lov dasturini ishga tushirishdan to&#8217;sqinlik qildi. Ular shuningdek, yo&#8217;nalishni to&#8217;g&#8217;ri yo&#8217;naltira olmadilar,doimiy kirishni o&#8217;rnatmadilar yoki infratuzilmaga biron bir o&#8217;zgartirish kiritmadilar&#8221;-deydi kompaniya rahbari.<\/em><\/p>\n\n\n\n<p class=\"has-medium-font-size wp-block-paragraph\"><em>\u201cHodisa oqibatlari bilan shug\u2018ullangan tashqi firma va Dragos tahlilchilari hodisa to\u2018xtatilgan deb hisoblasa-da, tergov davom etmoqda. O\u02bbg\u02bbirlangan ma\u02bclumotlar ommaga e\u02bclon qilinishi mumkin, chunki biz tovlamachilarga pul to\u02bblamaslikka qaror qildik\u201d.<\/em><\/p>\n<\/blockquote>\n\n\n\n<p class=\"has-medium-font-size wp-block-paragraph\"><mark style=\"background-color:rgba(0, 0, 0, 0)\" class=\"has-inline-color has-vivid-red-color\">Bleeping Computer<\/mark> qayd etishicha, Dragos tomonidan murosa ko\u2018rsatkichlari qatorida sanab o\u2018tilgan IP-manzillardan biri (144.202.42[.]216) avvalroq <mark style=\"background-color:rgba(0, 0, 0, 0)\" class=\"has-inline-color has-vivid-red-color\">ransomware<\/mark> tomonidan buzilgan tizimlarga masofadan kirish uchun ishlatiladigan SystemBC va Cobalt Strike zararli dasturlarini joylashtirish bilan bog\u2018langan.<\/p>\n\n\n\n<p class=\"has-medium-font-size wp-block-paragraph\">Equinix tadqiqotchilari nashrga SystemBC&#8217;dan Conti, ViceSociety, BlackCat, Quantum, Zeppelin va Play kabi ko\u2018plab to\u2018lov dasturlari guruhlari tomonidan foydalanilgan, shuning uchun Dragosga hujum ortida kim turganini aytish qiyin. Xususan, mutaxassislar ushbu IP-manzil so&#8217;nggi BlackBasta hujumlarida ishlatilganligini ham ta&#8217;kidladilar.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Foydalanilgan manba: <a href=\"https:\/\/xakep.ru\/2023\/05\/11\/dragos-attack\/\">&#8221;Dragos Axborot Xavfsizligi kompaniyasi xakehttps:\/\/texnokun.uz\/wp-admin\/post.php?post=7748&amp;action=editrlik hujumi haqida xabar berdi&#8221;<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Mutaxassislarning ta\u2019kidlashicha, hujumchilar kompaniya tarmog\u2018iga kira olmagan, biroq ular SharePoint bulutli xizmati va kompaniyaning shartnomalarni boshqarish tizimidan foydalanish imkoniyatiga ega bo\u2018lishgan.<\/p>\n","protected":false},"author":18,"featured_media":8071,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_mi_skip_tracking":false,"footnotes":""},"categories":[92],"tags":[311,312],"class_list":["post-7748","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-yangiliklar","tag-dragos","tag-xakerlik-hujumi"],"_links":{"self":[{"href":"https:\/\/texnokun.uz\/index.php?rest_route=\/wp\/v2\/posts\/7748","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/texnokun.uz\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/texnokun.uz\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/texnokun.uz\/index.php?rest_route=\/wp\/v2\/users\/18"}],"replies":[{"embeddable":true,"href":"https:\/\/texnokun.uz\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=7748"}],"version-history":[{"count":8,"href":"https:\/\/texnokun.uz\/index.php?rest_route=\/wp\/v2\/posts\/7748\/revisions"}],"predecessor-version":[{"id":8632,"href":"https:\/\/texnokun.uz\/index.php?rest_route=\/wp\/v2\/posts\/7748\/revisions\/8632"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/texnokun.uz\/index.php?rest_route=\/wp\/v2\/media\/8071"}],"wp:attachment":[{"href":"https:\/\/texnokun.uz\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=7748"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/texnokun.uz\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=7748"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/texnokun.uz\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=7748"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}