Detaje t\u00eb reja kan\u00eb dal\u00eb n\u00eb drit\u00eb nga sulmi kibernetik i nj\u00eb grupi hakerash ndaj serverave t\u00eb shtetit shqiptar.<\/p>\n
K\u00ebrkuesit e firm\u00ebs amerikane p\u00ebr sigurin\u00eb kibernetike \u201cMandiant\u201d vler\u00ebsojn\u00eb \u201cme besim t\u00eb moderuar\u201d se sulmi u krye nga aktor\u00eb q\u00eb kan\u00eb vepruar n\u00eb mb\u00ebshtetje t\u00eb q\u00ebllimeve iraniane.<\/p>\n
Sulmi p\u00ebrfshiu nj\u00eb lloj t\u00eb ri \u201cransom\u00ebare\u201d t\u00eb quajtur Roadsweep, \u201cspyware\u201d t\u00eb quajtur Chimneysweep dhe ndoshta nj\u00eb variant t\u00eb ri t\u00eb \u201cmalware\u201d i quajtur Zeroclear wiper.<\/p>\n
\u201cRansomware\u201d i p\u00ebrdorur n\u00eb sulm \u00ebsht\u00eb nj\u00eb mjet i sapo zbuluar dhe p\u00ebrdor shifr\u00ebn e transmetimit RC4 p\u00ebr t\u00eb enkriptuar skedar\u00ebt me q\u00ebllim t\u00eb keq. Me fjal\u00eb t\u00eb thjeshta do t\u00eb thot\u00eb se hakerat e kan\u00eb p\u00ebrdorur k\u00ebt\u00eb program p\u00ebr t\u00eb bllokuar aksesin e dokumenteve n\u00eb serverat e shtetit shqiptar.<\/p>\n
Zeroclear tashm\u00eb ka nj\u00eb lidhje t\u00eb raportuar edhe m\u00eb par\u00eb me aktor\u00eb iranian\u00eb q\u00eb e kan\u00eb p\u00ebrdorur at\u00eb p\u00ebr t\u00eb fshir\u00eb sektor\u00ebt industrial\u00eb dhe energjetik\u00eb n\u00eb Lindjen e Mesme deri n\u00eb vitin 2020. Zeroclear \u00ebsht\u00eb programi q\u00eb hakerat pretendojn\u00eb se e kan\u00eb p\u00ebrdorur n\u00eb sulmin ndaj serverave shqiptar\u00eb p\u00ebr t\u00eb fshir\u00eb dokumentet.<\/p>\n
N\u00ebse do t\u00eb p\u00ebrfshiheshin haker\u00ebt iranian\u00eb, p\u00ebr nj\u00eb nd\u00ebrprerje t\u00eb motivuar politikisht n\u00eb sh\u00ebrbimet e qytetar\u00ebve t\u00eb nj\u00eb shteti an\u00ebtar t\u00eb NATO-s \u201cdo t\u00eb ishte nj\u00eb operacion jasht\u00ebzakonisht keqdash\u00ebs\u201d, thot\u00eb kompania e siguris\u00eb kibernetike Mandiant. Ve\u00e7an\u00ebrisht kur bisedimet midis Uashingtonit dhe Teheranit p\u00ebr nj\u00eb marr\u00ebveshje b\u00ebrthamore jan\u00eb t\u00eb bllokuara, mesa duket \u201cIrani mund t\u00eb ndihet m\u00eb pak i p\u00ebrmbajtur n\u00eb kryerjen e operacioneve t\u00eb sulmeve kibernetike n\u00eb vijim\u00ebsi\u201d<\/p>\n
P\u00ebrdorimi i fshir\u00ebsit dhe \u201cder\u00ebs s\u00eb pasme\u201d (Backdoor)<\/p>\n
Sulmuesit ka t\u00eb ngjar\u00eb t\u00eb injektojn\u00eb nj\u00eb spy\u00ebare t\u00eb quajtur Chimneysweep dhe ndoshta nj\u00eb variant t\u00eb ri t\u00eb fshir\u00ebsit Zeroclear n\u00eb sulm, thot\u00eb Mandiant.<\/p>\n
Zeroclear korrupton sistemin e skedar\u00ebve duke p\u00ebrdorur RawDisk, nj\u00eb drejtues komercial legjitim q\u00eb p\u00ebrdoret p\u00ebr nd\u00ebrveprim me skedar\u00ebt, disqet dhe ndarjet.<\/p>\n
Mandiant nuk mund t\u00eb provonte ose t\u00eb kund\u00ebrshtonte n\u00eb m\u00ebnyr\u00eb t\u00eb pavarur n\u00ebse mostra e Zeroclear q\u00eb ekzaminoi ishte p\u00ebrdorur p\u00ebr t\u00eb sulmuar faqet e internetit t\u00eb qeveris\u00eb shqiptare, por thot\u00eb se m\u00eb par\u00eb ishte raportuar se kishte lidhje me aktor\u00eb iranian\u00eb.<\/p>\n
P\u00ebrmbajtja e kodimit t\u00eb Chimneysweep e lidh at\u00eb me p\u00ebrfshirjen e mundshme t\u00eb Iranit. Ky program u vu re n\u00eb gusht t\u00eb vitit 2021 duke p\u00ebrdorur nj\u00eb imazh t\u00eb ish-udh\u00ebheq\u00ebsit t\u00eb MEK Massoud Rajavi p\u00ebr t\u00eb krijuar konfuzion. Programi gjithashtu ndau kodin me nj\u00eb tjet\u00ebr aplikacion spyware t\u00eb quajtur Roadsweep q\u00eb ka targetuar fol\u00ebsit farsi dhe arabisht q\u00eb nga viti 2021.<\/p>\n
Aplikacioni \u00ebsht\u00eb n\u00eb gjendje t\u00eb marr\u00eb pamje nga ekrani, t\u00eb listoj\u00eb dhe t\u00eb mbledh\u00eb skedar\u00eb dhe t\u00eb krijoj\u00eb nj\u00eb guask\u00eb, dhe ka aft\u00ebsi \u201ckeylogging\u201d apo t\u00eb regjistrimit t\u00eb butonave t\u00eb q\u00eb shtypen mbi tastjer\u00eb.<\/p>","protected":false},"excerpt":{"rendered":"
Detaje t\u00eb reja kan\u00eb dal\u00eb n\u00eb drit\u00eb nga sulmi kibernetik i nj\u00eb grupi hakerash ndaj serverave t\u00eb shtetit shqiptar. K\u00ebrkuesit e firm\u00ebs amerikane p\u00ebr sigurin\u00eb kibernetike \u201cMandiant\u201d vler\u00ebsojn\u00eb \u201cme besim t\u00eb moderuar\u201d se sulmi u krye nga aktor\u00eb q\u00eb kan\u00eb vepruar n\u00eb mb\u00ebshtetje t\u00eb q\u00ebllimeve iraniane. Sulmi p\u00ebrfshiu nj\u00eb lloj t\u00eb ri \u201cransom\u00ebare\u201d t\u00eb quajtur […]<\/p>\n","protected":false},"author":2031,"featured_media":275914,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[241,231,235],"tags":[],"class_list":{"0":"post-275913","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-aktualitet","8":"category-lajme","9":"category-vendi"},"_links":{"self":[{"href":"https:\/\/zjarr.tv\/en\/wp-json\/wp\/v2\/posts\/275913","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/zjarr.tv\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/zjarr.tv\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/zjarr.tv\/en\/wp-json\/wp\/v2\/users\/2031"}],"replies":[{"embeddable":true,"href":"https:\/\/zjarr.tv\/en\/wp-json\/wp\/v2\/comments?post=275913"}],"version-history":[{"count":0,"href":"https:\/\/zjarr.tv\/en\/wp-json\/wp\/v2\/posts\/275913\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/zjarr.tv\/en\/wp-json\/wp\/v2\/media\/275914"}],"wp:attachment":[{"href":"https:\/\/zjarr.tv\/en\/wp-json\/wp\/v2\/media?parent=275913"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/zjarr.tv\/en\/wp-json\/wp\/v2\/categories?post=275913"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/zjarr.tv\/en\/wp-json\/wp\/v2\/tags?post=275913"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}