'I-US National Security Agency (Insa) ishicilele isixwayiso sokuphepha segagasi elisha lama-cyberattacks ngokumelene namaseva we-imeyili, Ukuhlaselwa okwenziwe ngelinye lamayunithi ase-cyber-espitage athuthuke kakhulu eRussia.
I-NSA ithi amalungu eyunithi 74455 kwesikhungo esikhulu se-GRU se-technologies ekhethekile (Gtsst), Ukwahlukaniswa Kwenkonzo Yezempi YaseRussia, bahlasele amaseva we-imeyili asebenzisa i-ejenti yokudlulisa imeyili ye-Exim Mail (I-mta).
Obeye aziwe njengo “Isibhamu,” Leli qembu belilokhu linama-Serving Servers kusukela ngo-Agasti 2019 Ngokuxhaphaza ubungozi obucayi bokulandela njenge-CVE-2019-10149.
Lapho isandworm exhaphaza i-CVE-2019-10149, Umshini wesisulu wawusanda kulanda futhi wenze iskripthi le-Shell kusuka kusizinda esilawulwa se-sandworm. Lo mbhalo wegobolondo uzokwazi:
Abasebenzisi abanelungelo elifanele
Izilungiselelo ze-Network Security Security
Ukuhlelwa kwe-SSH ye-SSH ukuvumela ukufinyelela okukude okuphezulu
⚠️Execute Isikripthi esingeziwe ukuze sikwazi ukuxhashazwa kokulandela
I-NSA manje isexwayisa izinhlangano ezizimele futhi zikahulumeni ukuvuselela amaseva awo we-Exim kwinguqulo 4.93 futhi ubheke izimpawu zokuyekethisa.
Iqembu leSandworm lisebenze kusukela maphakathi no-2000s futhi kukholakala ukuthi liyiqembu eliHacker elithuthukisa i-blacyenergargargargargargargargargargargarvag 2015 noDisemba 2016, kanye neqembu elithuthukise i-NotPook Notpereta RanASANPAre ebangele ukulimala kwezigidi zamaRandi ezinkampanini zonke emhlabeni wonke.
Njengamanje kubhekwa njengelinye lamaqembu amabili athuthuke kakhulu aseRussia axhaswe amaRussia, kanye noTurla.
