{"id":3079,"date":"2024-11-24T00:38:27","date_gmt":"2024-11-24T00:38:27","guid":{"rendered":"https:\/\/tastycounter.net\/index.php\/2024\/11\/24\/canh-bao-chien-dich-tan-cong-ma-doc-nguy-hiem-moi-nham-vao-linux\/"},"modified":"2024-11-24T00:38:27","modified_gmt":"2024-11-24T00:38:27","slug":"canh-bao-chien-dich-tan-cong-ma-doc-nguy-hiem-moi-nham-vao-linux","status":"publish","type":"post","link":"https:\/\/tastycounter.net\/index.php\/2024\/11\/24\/canh-bao-chien-dich-tan-cong-ma-doc-nguy-hiem-moi-nham-vao-linux\/","title":{"rendered":"C\u1ea3nh b\u00e1o chi\u1ebfn d\u1ecbch t\u1ea5n c\u00f4ng m\u00e3 \u0111\u1ed9c nguy hi\u1ec3m m\u1edbi nh\u1eafm v\u00e0o Linux"},"content":{"rendered":"<\/p>\n<div class=\"content-detail textview\">\n<div class=\"audio\"><audio controls><\/audio><\/div>\n<p>C\u00e1c chuy\u00ean gia \u0111\u1ebfn t\u1eeb c\u00f4ng ty b\u1ea3o m\u1eadt ESET g\u1ea7n \u0111\u00e2y \u0111\u00e3 ph\u00e1t hi\u1ec7n ra m\u1ed9t backdoor Linux m\u1edbi c\u00f3 t\u00ean WolfsBane, \u0111ang \u0111\u01b0\u1ee3c nh\u00f3m hacker Gelsemium APT c\u00f3 li\u00ean k\u1ebft v\u1edbi Trung Qu\u1ed1c s\u1eed d\u1ee5ng \u0111\u1ec3 tri\u1ec3n khai c\u00e1c ho\u1ea1t \u0111\u1ed9ng \u0111\u1ed9c h\u1ea1i. \u0110\u00e2y c\u0169ng l\u00e0 tr\u01b0\u1eddng h\u1ee3p \u0111\u01b0\u1ee3c ghi nh\u1eadn \u0111\u1ea7u ti\u00ean v\u1ec1 vi\u1ec7c nh\u00f3m Gelsemium s\u1eed d\u1ee5ng ph\u1ea7n m\u1ec1m \u0111\u1ed9c h\u1ea1i Linux. Backdoor n\u00e0y \u0111\u01b0\u1ee3c thi\u1ebft k\u1ebf \u0111\u1ec3 \u0111\u00e1nh c\u1eafp d\u1eef li\u1ec7u nh\u1ea1y c\u1ea3m, bao g\u1ed3m th\u00f4ng tin h\u1ec7 th\u1ed1ng, th\u00f4ng tin \u0111\u0103ng nh\u1eadp c\u1ee7a ng\u01b0\u1eddi d\u00f9ng v\u00e0 c\u00e1c t\u1ec7p v\u00e0 th\u01b0 m\u1ee5c c\u1ee5 th\u1ec3.<\/p>\n<p>WolfsBane tr\u00ean th\u1ef1c t\u1ebf l\u00e0 phi\u00ean b\u1ea3n Linux c\u1ee7a Gelsevirine, m\u1ed9t backdoor Windows m\u00e0 Gelsemium \u0111\u00e3 s\u1eed d\u1ee5ng t\u1eeb n\u0103m 2014. Backdoor n\u00e0y \u0111\u01b0\u1ee3c ph\u00e2n ph\u1ed1i b\u1eb1ng m\u1ed9t tr\u00ecnh th\u1ea3 xu\u1ed1ng \u0111\u00f3ng gi\u1ea3 l\u00e0 c\u00f4ng c\u1ee5 l\u1eadp l\u1ecbch l\u1ec7nh \u201cchu\u1ea9n auth\u201d. Sau khi th\u1ef1c thi, tr\u00ecnh th\u1ea3 xu\u1ed1ng s\u1ebd c\u00e0i \u0111\u1eb7t tr\u00ecnh kh\u1edfi ch\u1ea1y WolfsBane v\u00e0 backdoor tr\u00ean h\u1ec7 th\u1ed1ng m\u1ee5c ti\u00eau. Tr\u00ecnh kh\u1edfi ch\u1ea1y \u0111\u01b0\u1ee3c ng\u1ee5y trang th\u00e0nh m\u1ed9t th\u00e0nh ph\u1ea7n desktop KDE, trong khi backdoor \u0111\u01b0\u1ee3c \u1ea9n d\u01b0\u1edbi d\u1ea1ng m\u1ed9t d\u1ecbch v\u1ee5 h\u1ec7 th\u1ed1ng.<\/p>\n<p>Backdoor WolfsBane giao ti\u1ebfp v\u1edbi m\u00e1y ch\u1ee7 ch\u1ec9 huy v\u00e0 \u0111i\u1ec1u khi\u1ec3n (C&amp;C) th\u00f4ng qua m\u1ed9t giao th\u1ee9c m\u1ea1ng t\u00f9y ch\u1ec9nh. N\u00f3 c\u00f3 th\u1ec3 ch\u1ea1y l\u1ec7nh, t\u1ea3i xu\u1ed1ng t\u1ec7p v\u00e0 t\u1ea3i ch\u00fang l\u00ean m\u00e1y ch\u1ee7 C&amp;C. WolfsBane c\u0169ng c\u00f3 th\u1ec3 \u1ea9n s\u1ef1 t\u1ed3n t\u1ea1i c\u1ee7a n\u00f3 tr\u00ean h\u1ec7 th\u1ed1ng b\u1eb1ng c\u00e1ch thay \u0111\u1ed5i c\u00e1c t\u1ec7p c\u1ea5u h\u00ecnh c\u1ee7a h\u1ec7 th\u1ed1ng.<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" style=\"margin-left:auto;margin-right:auto\" src=\"https:\/\/st.quantrimang.com\/photos\/image\/holder.png\" alt=\"C\u1ea3nh b\u00e1o chi\u1ebfn d\u1ecbch t\u1ea5n c\u00f4ng m\u00e3 \u0111\u1ed9c nguy hi\u1ec3m m\u1edbi nh\u1eafm v\u00e0o Linux\" width=\"640\" height=\"360\" class=\"lazy\" data-src=\"https:\/\/st.quantrimang.com\/photos\/image\/2024\/11\/23\/ma-doc-nham-vao-linux1.jpg\"><\/p>\n<div id=\"articleads\" class=\"adbox adsense in-article\"><ins class=\"adsbygoogle\" style=\"text-align:center\" data-ad-format=\"fluid\" data-ad-layout=\"in-article\" data-ad-client=\"ca-pub-9275417305531302\" data-ad-slot=\"2079243249\"><\/ins><\/div>\n<p>Ngo\u00e0i WolfsBane, c\u00e1c nh\u00e0 nghi\u00ean c\u1ee9u ESET \u0111\u00e3 x\u00e1c \u0111\u1ecbnh \u0111\u01b0\u1ee3c m\u1ed9t backdoor Linux kh\u00e1c, g\u1ecdi l\u00e0 FireWood, c\u00f3 li\u00ean quan \u0111\u1ebfn ph\u1ea7n m\u1ec1m \u0111\u1ed9c h\u1ea1i Project Wood. Tr\u01b0\u1edbc \u0111\u00e2y, Gelsemium \u0111\u00e3 s\u1eed d\u1ee5ng Project Wood l\u00e0m backdoor Windows. FireWood l\u00e0 phi\u00ean b\u1ea3n Linux c\u1ee7a Project Wood v\u00e0 c\u0169ng \u0111\u01b0\u1ee3c thi\u1ebft k\u1ebf \u0111\u1ec3 \u0111\u00e1nh c\u1eafp th\u00f4ng tin nh\u1ea1y c\u1ea3m tr\u00ean h\u1ec7 th\u1ed1ng m\u1ee5c ti\u00eau.<\/p>\n<p>C\u00e1c nh\u00e0 nghi\u00ean c\u1ee9u tin r\u1eb1ng s\u1ef1 chuy\u1ec3n \u0111\u1ed5i sang ph\u1ea7n m\u1ec1m \u0111\u1ed9c h\u1ea1i Linux l\u00e0 do nh\u1eefng c\u1ea3i ti\u1ebfn trong b\u1ea3o m\u1eadt \u0111i\u1ec3m cu\u1ed1i c\u1ee7a Windows. Do \u0111\u00f3, c\u00e1c t\u00e1c nh\u00e2n \u0111e d\u1ecda \u0111ang kh\u00e1m ph\u00e1 nh\u1eefng h\u01b0\u1edbng t\u1ea5n c\u00f4ng m\u1edbi, ng\u00e0y c\u00e0ng t\u1eadp trung v\u00e0o vi\u1ec7c khai th\u00e1c c\u00e1c l\u1ed7 h\u1ed5ng trong c\u00e1c h\u1ec7 th\u1ed1ng k\u1ebft n\u1ed1i internet, h\u1ea7u h\u1ebft trong s\u1ed1 \u0111\u00f3 ch\u1ea1y tr\u00ean Linux.<\/p>\n<p>Vi\u1ec7c ph\u00e1t hi\u1ec7n ra WolfsBane v\u00e0 FireWood l\u00e0 l\u1eddi nh\u1eafc nh\u1edf r\u1eb1ng c\u00e1c h\u1ec7 th\u1ed1ng Linux c\u00f3 k\u1ebft n\u1ed1i internet hi\u1ec7n v\u1ec1 c\u01a1 b\u1ea3n r\u1ea5t d\u1ec5 b\u1ecb t\u1ea5n c\u00f4ng. C\u00e1c t\u1ed5 ch\u1ee9c, doanh nghi\u1ec7p ph\u1ea3i hi\u1ec3u \u0111\u01b0\u1ee3c m\u1ed1i nguy hi\u1ec3m m\u00e0 ph\u1ea7n m\u1ec1m \u0111\u1ed9c h\u1ea1i Linux g\u00e2y ra v\u00e0 \u00e1p d\u1ee5ng c\u00e1c bi\u1ec7n ph\u00e1p an to\u00e0n c\u1ea7n thi\u1ebft \u0111\u1ec3 b\u1ea3o v\u1ec7 h\u1ec7 th\u1ed1ng c\u1ee7a h\u1ecd. \u0110i\u1ec1u n\u00e0y bao g\u1ed3m s\u1eed d\u1ee5ng m\u1eadt kh\u1ea9u m\u1ea1nh, c\u1eadp nh\u1eadt ph\u1ea7n m\u1ec1m v\u00e0 th\u1eadn tr\u1ecdng khi t\u1ea3i xu\u1ed1ng v\u00e0 ch\u1ea1y c\u00e1c t\u1ec7p c\u1ee5 th\u1ec3.<\/p>\n<\/div>\n","protected":false},"excerpt":{"rendered":"<p>C\u00e1c chuy\u00ean gia \u0111\u1ebfn t\u1eeb c\u00f4ng ty b\u1ea3o m\u1eadt ESET g\u1ea7n \u0111\u00e2y \u0111\u00e3 ph\u00e1t hi\u1ec7n ra m\u1ed9t backdoor Linux m\u1edbi c\u00f3 t\u00ean WolfsBane, \u0111ang \u0111\u01b0\u1ee3c nh\u00f3m hacker Gelsemium APT c\u00f3 li\u00ean k\u1ebft v\u1edbi Trung Qu\u1ed1c s\u1eed d\u1ee5ng \u0111\u1ec3 tri\u1ec3n khai c\u00e1c ho\u1ea1t \u0111\u1ed9ng \u0111\u1ed9c h\u1ea1i. \u0110\u00e2y c\u0169ng l\u00e0 tr\u01b0\u1eddng h\u1ee3p \u0111\u01b0\u1ee3c ghi nh\u1eadn \u0111\u1ea7u ti\u00ean [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-3079","post","type-post","status-publish","format-standard","hentry","category-khong-phan-loai"],"_links":{"self":[{"href":"https:\/\/tastycounter.net\/index.php\/wp-json\/wp\/v2\/posts\/3079","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/tastycounter.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/tastycounter.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/tastycounter.net\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/tastycounter.net\/index.php\/wp-json\/wp\/v2\/comments?post=3079"}],"version-history":[{"count":0,"href":"https:\/\/tastycounter.net\/index.php\/wp-json\/wp\/v2\/posts\/3079\/revisions"}],"wp:attachment":[{"href":"https:\/\/tastycounter.net\/index.php\/wp-json\/wp\/v2\/media?parent=3079"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/tastycounter.net\/index.php\/wp-json\/wp\/v2\/categories?post=3079"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/tastycounter.net\/index.php\/wp-json\/wp\/v2\/tags?post=3079"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}