{"id":2284,"date":"2024-07-10T08:12:06","date_gmt":"2024-07-10T08:12:06","guid":{"rendered":"https:\/\/tastycounter.net\/index.php\/2024\/07\/10\/xuat-hien-ma-doc-tong-tien-moi-tan-cong-he-dieu-hanh-windows\/"},"modified":"2024-07-10T08:12:06","modified_gmt":"2024-07-10T08:12:06","slug":"xuat-hien-ma-doc-tong-tien-moi-tan-cong-he-dieu-hanh-windows","status":"publish","type":"post","link":"https:\/\/tastycounter.net\/index.php\/2024\/07\/10\/xuat-hien-ma-doc-tong-tien-moi-tan-cong-he-dieu-hanh-windows\/","title":{"rendered":"Xu\u1ea5t hi\u1ec7n m\u00e3 \u0111\u1ed9c t\u1ed1ng ti\u1ec1n m\u1edbi t\u1ea5n c\u00f4ng h\u1ec7 \u0111i\u1ec1u h\u00e0nh Windows"},"content":{"rendered":"<\/p>\n<div class=\"content-detail textview\">\n<p>M\u1ed9t d\u1ecbch v\u1ee5 ransomware (m\u00e3 \u0111\u1ed9c t\u1ed1ng ti\u1ec1n) m\u1edbi c\u00f3 t\u00ean Eldorado xu\u1ea5t hi\u1ec7n d\u01b0\u1edbi d\u1ea1ng cung c\u1ea5p d\u1ecbch v\u1ee5 cho c\u00e1c \u0111\u1ed1i t\u00e1c li\u00ean k\u1ebft \u0111ang t\u1ea5n c\u00f4ng h\u1ec7 th\u1ed1ng Windows v\u00e0 m\u00e1y \u1ea3o VMware ESXi.<\/p>\n<p>M\u00e3 \u0111\u1ed9c n\u00e0y xu\u1ea5t hi\u1ec7n t\u1eeb th\u00e1ng 3 v\u00e0 \u0111\u00e3 c\u00f3 16 n\u1ea1n nh\u00e2n b\u1ecb t\u1ea5n c\u00f4ng, ch\u1ee7 y\u1ebfu \u1edf M\u1ef9, ho\u1ea1t \u0111\u1ed9ng trong l\u0129nh v\u1ef1c b\u1ea5t \u0111\u1ed9ng s\u1ea3n, gi\u00e1o d\u1ee5c, y t\u1ebf v\u00e0 s\u1ea3n xu\u1ea5t.<\/p>\n<p style=\"text-align:center\"><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/st.quantrimang.com\/photos\/image\/holder.png\" alt=\"M\u00e3 \u0111\u1ed9c \" width=\"700\" height=\"366\" class=\"lazy\" data-src=\"https:\/\/st.quantrimang.com\/photos\/image\/2024\/07\/09\/ma-doc-700.jpg\"><\/p>\n<p>Eldorado l\u00e0 m\u1ed9t ransomware m\u1edbi v\u00e0 ho\u00e0n to\u00e0n \u0111\u1ed9c l\u1eadp. N\u00f3 s\u1eed d\u1ee5ng ng\u00f4n ng\u1eef Go \u0111\u1ec3 t\u1ea5n c\u00f4ng \u0111a n\u1ec1n t\u1ea3ng. Ph\u1ea7n m\u1ec1m \u0111\u1ed9c h\u1ea1i n\u00e0y m\u00e3 h\u00f3a file b\u1eb1ng thu\u1eadt to\u00e1n ChaCha20 v\u00e0 t\u1ea1o m\u1ed9t kh\u00f3a duy nh\u1ea5t d\u00e0i 32 byte v\u00e0 m\u1ed9t nonce d\u00e0i 12 byte cho m\u1ed7i t\u1ec7p b\u1ecb kh\u00f3a. C\u00e1c kh\u00f3a sau \u0111\u00f3 \u0111\u01b0\u1ee3c m\u00e3 h\u00f3a b\u1eb1ng RSA-OAEP.<\/p>\n<p>Sau khi m\u00e3 h\u00f3a, file s\u1ebd b\u1ecb \u0111\u1ed5i \u0111u\u00f4i th\u00e0nh &#8220;.00000001&#8221; v\u00e0 ghi ch\u00fa t\u1ed1ng ti\u1ec1n c\u00f3 t\u00ean \u201cHOW_RETURN_YOUR_DATA.TXT\u201d s\u1ebd \u0111\u01b0\u1ee3c th\u00eam v\u00e0o th\u01b0 m\u1ee5c Documents v\u00e0 Desktop.<\/p>\n<p>\u0110\u1eb7c bi\u1ec7t, Eldorado c\u00f3 kh\u1ea3 n\u0103ng t\u00f9y bi\u1ebfn \u0111\u1ec3 t\u1ea5n c\u00f4ng v\u00e0o c\u00e1c th\u01b0 m\u1ee5c c\u1ee5 th\u1ec3. Th\u1eadm ch\u00ed m\u00e3 \u0111\u1ed9c n\u00e0y \u0111\u01b0\u1ee3c c\u00e0i \u0111\u1eb7t m\u1eb7c \u0111\u1ecbnh \u1edf ch\u1ebf \u0111\u1ed9 t\u1ef1 x\u00f3a \u0111\u1ec3 tr\u00e1nh b\u1ecb ng\u01b0\u1eddi d\u00f9ng ph\u00e1t hi\u1ec7n v\u00e0 ph\u00e2n t\u00edch b\u1edfi c\u00e1c nh\u00f3m \u1ee9ng c\u1ee9u s\u1ef1 c\u1ed1.<\/p>\n<div id=\"articleads\" class=\"adbox adsense in-article\"><ins class=\"adsbygoogle\" style=\"text-align:center\" data-ad-format=\"fluid\" data-ad-layout=\"in-article\" data-ad-client=\"ca-pub-9275417305531302\" data-ad-slot=\"2079243249\"><\/ins><\/div>\n<p>\u0110\u1ec3 ph\u00f2ng tr\u00e1nh ransomware n\u00f3i chung v\u00e0 Eldorado n\u00f3i ri\u00eang, c\u00e1c chuy\u00ean gia khuy\u1ebfn c\u00e1o ng\u01b0\u1eddi d\u00f9ng kh\u1ea9n tr\u01b0\u01a1ng tri\u1ec3n khai c\u00e1c bi\u1ec7n ph\u00e1p ph\u00f2ng th\u1ee7 sau:<\/p>\n<ul>\n<li>Th\u1ef1c hi\u1ec7n gi\u1ea3i ph\u00e1p x\u00e1c th\u1ef1c \u0111a y\u1ebfu t\u1ed1 (MFA) v\u00e0 truy c\u1eadp d\u1ef1a tr\u00ean th\u00f4ng tin x\u00e1c th\u1ef1c.<\/li>\n<li>Sao l\u01b0u d\u1eef li\u1ec7u th\u01b0\u1eddng xuy\u00ean \u0111\u1ec3 gi\u1ea3m thi\u1ec3u thi\u1ec7t h\u1ea1i v\u00e0 tr\u00e1nh m\u1ea5t d\u1eef li\u1ec7u.<\/li>\n<li>Th\u01b0\u1eddng xuy\u00ean update c\u00e1c b\u1ea3n v\u00e1 b\u1ea3o m\u1eadt \u0111\u1ec3 kh\u1eafc ph\u1ee5c c\u00e1c l\u1ed7 h\u1ed5ng.<\/li>\n<li>Ph\u00e1t hi\u1ec7n v\u00e0 ng\u0103n ch\u1eb7n x\u00e2m nh\u1eadp nhanh ch\u00f3ng b\u1eb1ng c\u00e1ch s\u1eed d\u1ee5ng ph\u00e2n t\u00edch d\u1ef1a tr\u00ean AI v\u00e0 gi\u1ea3i ph\u00e1p ph\u00e1t hi\u1ec7n ph\u1ea7n m\u1ec1m \u0111\u1ed9c h\u1ea1i n\u00e2ng cao.<\/li>\n<li>Nhanh ch\u00f3ng x\u00e1c \u0111\u1ecbnh v\u00e0 ph\u1ea3n \u1ee9ng v\u1edbi c\u00e1c d\u1ea5u hi\u1ec7u ransomware b\u1eb1ng c\u00e1ch s\u1eed d\u1ee5ng Endpoint Detection and Response (EDR).<\/li>\n<li>\u0110\u00e0o t\u1ea1o nh\u00e2n vi\u00ean c\u00e1ch nh\u1eadn bi\u1ebft v\u00e0 b\u00e1o c\u00e1o c\u00e1c m\u1ed1i \u0111e d\u1ecda an ninh m\u1ea1ng.<\/li>\n<li>Ti\u1ebfn h\u00e0nh ki\u1ec3m tra k\u1ef9 thu\u1eadt ho\u1eb7c \u0111\u00e1nh gi\u00e1 b\u1ea3o m\u1eadt th\u01b0\u1eddng xuy\u00ean v\u00e0 \u0111\u1ecbnh k\u1ef3.<\/li>\n<li>T\u1eeb ch\u1ed1i tr\u1ea3 ti\u1ec1n chu\u1ed9c v\u00ec vi\u1ec7c ph\u1ee5c h\u1ed3i d\u1eef li\u1ec7u r\u1ea5t kh\u00f3 kh\u0103n v\u00e0 c\u00f3 th\u1ec3 d\u1eabn \u0111\u1ebfn nhi\u1ec1u cu\u1ed9c t\u1ea5n c\u00f4ng h\u01a1n.<\/li>\n<\/ul>\n<\/div>\n","protected":false},"excerpt":{"rendered":"<p>M\u1ed9t d\u1ecbch v\u1ee5 ransomware (m\u00e3 \u0111\u1ed9c t\u1ed1ng ti\u1ec1n) m\u1edbi c\u00f3 t\u00ean Eldorado xu\u1ea5t hi\u1ec7n d\u01b0\u1edbi d\u1ea1ng cung c\u1ea5p d\u1ecbch v\u1ee5 cho c\u00e1c \u0111\u1ed1i t\u00e1c li\u00ean k\u1ebft \u0111ang t\u1ea5n c\u00f4ng h\u1ec7 th\u1ed1ng Windows v\u00e0 m\u00e1y \u1ea3o VMware ESXi. M\u00e3 \u0111\u1ed9c n\u00e0y xu\u1ea5t hi\u1ec7n t\u1eeb th\u00e1ng 3 v\u00e0 \u0111\u00e3 c\u00f3 16 n\u1ea1n nh\u00e2n b\u1ecb t\u1ea5n c\u00f4ng, ch\u1ee7 [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":2285,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-2284","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-khong-phan-loai"],"_links":{"self":[{"href":"https:\/\/tastycounter.net\/index.php\/wp-json\/wp\/v2\/posts\/2284","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/tastycounter.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/tastycounter.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/tastycounter.net\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/tastycounter.net\/index.php\/wp-json\/wp\/v2\/comments?post=2284"}],"version-history":[{"count":0,"href":"https:\/\/tastycounter.net\/index.php\/wp-json\/wp\/v2\/posts\/2284\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/tastycounter.net\/index.php\/wp-json\/wp\/v2\/media\/2285"}],"wp:attachment":[{"href":"https:\/\/tastycounter.net\/index.php\/wp-json\/wp\/v2\/media?parent=2284"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/tastycounter.net\/index.php\/wp-json\/wp\/v2\/categories?post=2284"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/tastycounter.net\/index.php\/wp-json\/wp\/v2\/tags?post=2284"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}