{"id":6501,"date":"2021-01-04T12:19:00","date_gmt":"2021-01-04T11:19:00","guid":{"rendered":"https:\/\/webhosting.de\/?p=6501"},"modified":"2025-02-19T18:54:25","modified_gmt":"2025-02-19T17:54:25","slug":"homens-machoques-linux-e-windowservers-to-monero-miners","status":"publish","type":"post","link":"https:\/\/webhosting.de\/pt\/malware-macht-linux-und-windowsserver-zu-monero-minern\/","title":{"rendered":"Malware transforma servidores Linux e Windows em mineiros Monero"},"content":{"rendered":"<p class=\"wp-block-paragraph\">Os funcion\u00e1rios da empresa de an\u00e1lise de malware Intezer t\u00eam, de acordo com uma <a href=\"https:\/\/www.intezer.com\/blog\/research\/new-golang-worm-drops-xmrig-miner-on-servers\/\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">Publica\u00e7\u00e3o no blog<\/a>s descobriram um novo worm que ataca servidores Linux e Windows para usar seu poder computacional para extrair a moeda criptogr\u00e1fica Monero. Como regra, Monero, ao contr\u00e1rio de muitas outras moedas criptogr\u00e1ficas, n\u00e3o \u00e9 calculado com asics especiais, mas com as GPUs e CPUs convencionais. Os servidores x86 sequestrados atingem, portanto, um alto rendimento.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Segundo o Intezer, o worm \u00e9 distribu\u00eddo centralmente e controlado atrav\u00e9s de um servidor de comando e controle. Regular <a href=\"https:\/\/webhosting.de\/pt\/taegliche-updates-auf-facebook\/\">Actualiza\u00e7\u00f5es<\/a> no servidor sugere que a rede de minera\u00e7\u00e3o \u00e9 administrada por um grupo de hacking ativo.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"h-mysql-tomcat-und-jenkins-als-angriffsvektoren\">MySQL, Tomcat e Jenkins como vetores de ataque<\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">O worm espalha-se atrav\u00e9s de interfaces de servi\u00e7os publicamente vis\u00edveis, tais como <a href=\"https:\/\/webhosting.de\/pt\/mysql\/\">MySQL<\/a>Tomcat e Jenkins (portos como 8080, 7001 e 3306). O verme tenta adivinhar senhas fracas para estes servi\u00e7os atrav\u00e9s de um ataque de for\u00e7a bruta. Inicialmente, \u00e9 utilizada uma abordagem de dicion\u00e1rio, na qual as senhas freq\u00fcentemente utilizadas s\u00e3o testadas de forma priorizada.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Uma vez que o malware tenha descoberto uma senha, ele distribui um script dropper via bash ou powerhell que instala um minerador MXRig. Al\u00e9m disso, a minhoca ent\u00e3o tenta <a href=\"https:\/\/webhosting.de\/pt\/existenzgruendung-online-chancen-und-stolpersteine\/\">independente<\/a> na rede do servidor infectado, a fim de explorar mais recursos para criptominas. Atualmente, o malware n\u00e3o \u00e9 detectado por software antiv\u00edrus e, portanto, \u00e9 muito perigoso, de acordo com a Intezer.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Portanto, apenas senhas fortes e, se poss\u00edvel, autentica\u00e7\u00e3o de dois fatores podem fornecer prote\u00e7\u00e3o. A empresa de seguran\u00e7a tamb\u00e9m recomenda desligar os servi\u00e7os que n\u00e3o est\u00e3o sendo utilizados e restringir a acessibilidade dos servi\u00e7os necess\u00e1rios do exterior. Al\u00e9m disso, de acordo com o Intezer, software que \u00e9 mantido atualizado pode muitas vezes evitar a infec\u00e7\u00e3o por malware.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><\/p>","protected":false},"excerpt":{"rendered":"<p>Um worm recentemente descoberto infiltra-se em servidores Windows e Linux para usar seu poder para minerar Monero. <\/p>","protected":false},"author":2,"featured_media":6502,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"inline_featured_image":false,"footnotes":""},"categories":[685],"tags":[951,963,962],"class_list":["post-6501","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-allgemein","tag-hacker","tag-kryptowaehrung","tag-monero"],"acf":[],"_wp_attached_file":null,"_wp_attachment_metadata":null,"litespeed-optimize-size":null,"litespeed-optimize-set":null,"_elementor_source_image_hash":null,"_wp_attachment_image_alt":null,"stockpack_author_name":null,"stockpack_author_url":null,"stockpack_provider":null,"stockpack_image_url":null,"stockpack_license":null,"stockpack_license_url":null,"stockpack_modification":null,"color":null,"original_id":null,"original_url":null,"original_link":null,"unsplash_location":null,"unsplash_sponsor":null,"unsplash_exif":null,"unsplash_attachment_metadata":null,"_elementor_is_screenshot":null,"surfer_file_name":null,"surfer_file_original_url":null,"envato_tk_source_kit":null,"envato_tk_source_index":null,"envato_tk_manifest":null,"envato_tk_folder_name":null,"envato_tk_builder":null,"envato_elements_download_event":null,"_menu_item_type":null,"_menu_item_menu_item_parent":null,"_menu_item_object_id":null,"_menu_item_object":null,"_menu_item_target":null,"_menu_item_classes":null,"_menu_item_xfn":null,"_menu_item_url":null,"_trp_menu_languages":null,"rank_math_primary_category":"685","rank_math_title":null,"inline_featured_image":null,"_yoast_wpseo_primary_category":"692","rank_math_schema_blogposting":null,"rank_math_schema_videoobject":null,"_oembed_049c719bc4a9f89deaead66a7da9fddc":null,"_oembed_time_049c719bc4a9f89deaead66a7da9fddc":null,"_yoast_wpseo_focuskw":null,"_yoast_wpseo_linkdex":null,"_oembed_27e3473bf8bec795fbeb3a9d38489348":null,"_oembed_c3b0f6959478faf92a1f343d8f96b19e":null,"_trp_translated_slug_en_us":null,"_wp_desired_post_slug":null,"_yoast_wpseo_title":null,"tldname":null,"tldpreis":null,"tldrubrik":null,"tldpolicylink":null,"tldsize":null,"tldregistrierungsdauer":null,"tldtransfer":null,"tldwhoisprivacy":null,"tldregistrarchange":null,"tldregistrantchange":null,"tldwhoisupdate":null,"tldnameserverupdate":null,"tlddeletesofort":null,"tlddeleteexpire":null,"tldumlaute":null,"tldrestore":null,"tldsubcategory":null,"tldbildname":null,"tldbildurl":null,"tldclean":null,"tldcategory":null,"tldpolicy":null,"tldbesonderheiten":null,"tld_bedeutung":null,"_oembed_d167040d816d8f94c072940c8009f5f8":null,"_oembed_b0a0fa59ef14f8870da2c63f2027d064":null,"_oembed_4792fa4dfb2a8f09ab950a73b7f313ba":null,"_oembed_33ceb1fe54a8ab775d9410abf699878d":null,"_oembed_fd7014d14d919b45ec004937c0db9335":null,"_oembed_21a029d076783ec3e8042698c351bd7e":null,"_oembed_be5ea8a0c7b18e658f08cc571a909452":null,"_oembed_a9ca7a298b19f9b48ec5914e010294d2":null,"_oembed_f8db6b27d08a2bb1f920e7647808899a":null,"_oembed_168ebde5096e77d8a89326519af9e022":null,"_oembed_cdb76f1b345b42743edfe25481b6f98f":null,"_oembed_87b0613611ae54e86e8864265404b0a1":null,"_oembed_27aa0e5cf3f1bb4bc416a4641a5ac273":null,"_oembed_time_27aa0e5cf3f1bb4bc416a4641a5ac273":null,"_tldname":null,"_tldclean":null,"_tldpreis":null,"_tldcategory":null,"_tldsubcategory":null,"_tldpolicy":null,"_tldpolicylink":null,"_tldsize":null,"_tldregistrierungsdauer":null,"_tldtransfer":null,"_tldwhoisprivacy":null,"_tldregistrarchange":null,"_tldregistrantchange":null,"_tldwhoisupdate":null,"_tldnameserverupdate":null,"_tlddeletesofort":null,"_tlddeleteexpire":null,"_tldumlaute":null,"_tldrestore":null,"_tldbildname":null,"_tldbildurl":null,"_tld_bedeutung":null,"_tldbesonderheiten":null,"_oembed_ad96e4112edb9f8ffa35731d4098bc6b":null,"_oembed_8357e2b8a2575c74ed5978f262a10126":null,"_oembed_3d5fea5103dd0d22ec5d6a33eff7f863":null,"_eael_widget_elements":null,"_oembed_0d8a206f09633e3d62b95a15a4dd0487":null,"_oembed_time_0d8a206f09633e3d62b95a15a4dd0487":null,"_aioseo_description":null,"_eb_attr":null,"_eb_data_table":null,"_oembed_819a879e7da16dd629cfd15a97334c8a":null,"_oembed_time_819a879e7da16dd629cfd15a97334c8a":null,"_acf_changed":null,"_wpcode_auto_insert":null,"_edit_last":"1","_edit_lock":"1609759142:1","_oembed_e7b913c6c84084ed9702cb4feb012ddd":null,"_oembed_bfde9e10f59a17b85fc8917fa7edf782":null,"_oembed_time_bfde9e10f59a17b85fc8917fa7edf782":null,"_oembed_03514b67990db061d7c4672de26dc514":"<iframe title=\"Gaia X\" width=\"800\" height=\"450\" src=\"https:\/\/www.youtube.com\/embed\/NhqLt_NJ6FA?feature=oembed\" frameborder=\"0\" allow=\"accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture\" allowfullscreen><\/iframe>","_oembed_time_03514b67990db061d7c4672de26dc514":"1609759144","rank_math_news_sitemap_robots":"index","rank_math_robots":["index"],"_eael_post_view_count":"4509","_trp_automatically_translated_slug_ru_ru":null,"_trp_automatically_translated_slug_et":"malware-makes-linux-and-windowservers-to-monero-miners","_trp_automatically_translated_slug_lv":"malware-makes-linux-and-windowservers-to-monero-miners","_trp_automatically_translated_slug_fr_fr":null,"_trp_automatically_translated_slug_en_us":null,"_wp_old_slug":null,"_trp_automatically_translated_slug_da_dk":null,"_trp_automatically_translated_slug_pl_pl":null,"_trp_automatically_translated_slug_es_es":null,"_trp_automatically_translated_slug_hu_hu":null,"_trp_automatically_translated_slug_fi":"malware-makes-linux-and-windowservers-to-monero-miners","_trp_automatically_translated_slug_ja":"%e3%83%9e%e3%83%ab%e3%82%a6%e3%82%a7%e3%82%a2%e3%81%8clinux%e3%82%84windowservers%e3%82%92%e3%83%a2%e3%83%8d%e3%83%ad%e3%83%9e%e3%82%a4%e3%83%8a%e3%81%ab%e3%81%99%e3%82%8b","_trp_automatically_translated_slug_lt_lt":null,"_elementor_edit_mode":null,"_elementor_template_type":null,"_elementor_version":null,"_elementor_pro_version":null,"_wp_page_template":null,"_elementor_page_settings":null,"_elementor_data":null,"_elementor_css":null,"_elementor_conditions":null,"_happyaddons_elements_cache":null,"_oembed_75446120c39305f0da0ccd147f6de9cb":null,"_oembed_time_75446120c39305f0da0ccd147f6de9cb":null,"_oembed_3efb2c3e76a18143e7207993a2a6939a":"<blockquote class=\"twitter-tweet\" data-width=\"550\" data-dnt=\"true\"><p lang=\"en\" dir=\"ltr\"><a href=\"https:\/\/twitter.com\/hashtag\/BREAKING?src=hash&amp;ref_src=twsrc%5Etfw\">#BREAKING<\/a>: Texas takes the lead once more! Today, we\u2019re filing a lawsuit against <a href=\"https:\/\/twitter.com\/hashtag\/Google?src=hash&amp;ref_src=twsrc%5Etfw\">#Google<\/a> for anticompetitive conduct.<br><br>This internet Goliath used its power to manipulate the market, destroy competition, and harm YOU, the consumer. Stay tuned\u2026 <a href=\"https:\/\/t.co\/fdEVEWQb0e\">pic.twitter.com\/fdEVEWQb0e<\/a><\/p>&mdash; Texas Attorney General (@TXAG) <a href=\"https:\/\/twitter.com\/TXAG\/status\/1339283520099856384?ref_src=twsrc%5Etfw\">December 16, 2020<\/a><\/blockquote><script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script>","_oembed_time_3efb2c3e76a18143e7207993a2a6939a":"1609759143","_oembed_59808117857ddf57e478a31d79f76e4d":"<blockquote class=\"twitter-tweet\" data-width=\"550\" data-dnt=\"true\"><p lang=\"en\" dir=\"ltr\">Happy to follow-on report that a huge chunk of <a href=\"https:\/\/twitter.com\/Flickr?ref_src=twsrc%5Etfw\">@Flickr<\/a> compute just successfully made the transition to Graviton2 <a href=\"https:\/\/twitter.com\/Arm?ref_src=twsrc%5Etfw\">@ARM<\/a> in <a href=\"https:\/\/twitter.com\/awscloud?ref_src=twsrc%5Etfw\">@awscloud<\/a> this afternoon. More services coming shortly. My aim is to get to 100% of non-GPU <a href=\"https:\/\/twitter.com\/SmugMug?ref_src=twsrc%5Etfw\">@SmugMug<\/a> and <a href=\"https:\/\/twitter.com\/Flickr?ref_src=twsrc%5Etfw\">@Flickr<\/a> compute on ARM within the year. <a href=\"https:\/\/t.co\/fwXWdg06xx\">https:\/\/t.co\/fwXWdg06xx<\/a><\/p>&mdash; Don MacAskill (@DonMacAskill) <a href=\"https:\/\/twitter.com\/DonMacAskill\/status\/1314050996486561792?ref_src=twsrc%5Etfw\">October 8, 2020<\/a><\/blockquote><script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script>","_oembed_time_59808117857ddf57e478a31d79f76e4d":"1609759143","_oembed_965c5b49aa8d22ce37dfb3bde0268600":"<blockquote class=\"twitter-tweet\" data-width=\"550\" data-dnt=\"true\"><p lang=\"de\" dir=\"ltr\">Der <a href=\"https:\/\/twitter.com\/hashtag\/Finanzausschuss?src=hash&amp;ref_src=twsrc%5Etfw\">#Finanzausschuss<\/a> im <a href=\"https:\/\/twitter.com\/hashtag\/Bundestag?src=hash&amp;ref_src=twsrc%5Etfw\">#Bundestag<\/a> hat das <a href=\"https:\/\/twitter.com\/hashtag\/Jahressteuergesetz?src=hash&amp;ref_src=twsrc%5Etfw\">#Jahressteuergesetz<\/a> beschlossen. Damit wurde auch die <a href=\"https:\/\/twitter.com\/hashtag\/Gemeinn%C3%BCtzigkeit?src=hash&amp;ref_src=twsrc%5Etfw\">#Gemeinn\u00fctzigkeit<\/a> f\u00fcr <a href=\"https:\/\/twitter.com\/hashtag\/Freifunk?src=hash&amp;ref_src=twsrc%5Etfw\">#Freifunk<\/a> Initiativen beschlossen. Das ganze geht jetzt in der kommenden Woche ins Plenum zur Abstimmung und direkt in den <a href=\"https:\/\/twitter.com\/hashtag\/Bundesrat?src=hash&amp;ref_src=twsrc%5Etfw\">#Bundesrat<\/a><\/p>&mdash; Jens Zimmermann (@JensZSPD) <a href=\"https:\/\/twitter.com\/JensZSPD\/status\/1336581821706989568?ref_src=twsrc%5Etfw\">December 9, 2020<\/a><\/blockquote><script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script>","_oembed_time_965c5b49aa8d22ce37dfb3bde0268600":"1609759143","_oembed_81002f7ee3604f645db4ebcfd1912acf":"<iframe title=\"Netzetag bei der Telekom: Antennen, Breitband, Glasfaser\" width=\"800\" height=\"450\" src=\"https:\/\/www.youtube.com\/embed\/6_NTa3VCRFo?feature=oembed\" frameborder=\"0\" allow=\"accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture\" allowfullscreen><\/iframe>","_oembed_time_81002f7ee3604f645db4ebcfd1912acf":"1609759143","_elementor_screenshot":null,"_oembed_7ea3429961cf98fa85da9747683af827":null,"_oembed_time_7ea3429961cf98fa85da9747683af827":null,"_elementor_controls_usage":null,"_elementor_page_assets":[],"_elementor_screenshot_failed":null,"theplus_transient_widgets":["tp-video-player"],"_eael_custom_js":null,"_wp_old_date":null,"_trp_automatically_translated_slug_it_it":null,"_trp_automatically_translated_slug_pt_pt":null,"_trp_automatically_translated_slug_zh_cn":null,"_trp_automatically_translated_slug_nl_nl":null,"_trp_automatically_translated_slug_pt_br":null,"_trp_automatically_translated_slug_sv_se":null,"rank_math_analytic_object_id":"490","rank_math_internal_links_processed":null,"_trp_automatically_translated_slug_ro_ro":null,"_trp_automatically_translated_slug_sk_sk":null,"_trp_automatically_translated_slug_bg_bg":null,"_trp_automatically_translated_slug_sl_si":null,"litespeed_vpi_list":["webhostinglogo.png"],"litespeed_vpi_list_mobile":["webhostinglogo.png"],"rank_math_seo_score":null,"rank_math_contentai_score":null,"ilj_limitincominglinks":null,"ilj_maxincominglinks":null,"ilj_limitoutgoinglinks":null,"ilj_maxoutgoinglinks":null,"ilj_limitlinksperparagraph":null,"ilj_linksperparagraph":null,"ilj_blacklistdefinition":null,"ilj_linkdefinition":[],"_eb_reusable_block_ids":null,"rank_math_focus_keyword":null,"rank_math_og_content_image":null,"_yoast_wpseo_metadesc":"Eine k\u00fcrzlich entdeckter Wurm infiltriert Windows- und Linuxserver, um deren Leistung zum Mining von Monero zu nutzen.","_yoast_wpseo_content_score":"30","_yoast_wpseo_focuskeywords":"[]","_yoast_wpseo_keywordsynonyms":"[\"\"]","_yoast_wpseo_estimated-reading-time-minutes":null,"rank_math_description":"Eine k\u00fcrzlich entdeckter Wurm infiltriert Windows- und Linuxserver, um deren Leistung zum Mining von Monero zu nutzen.","surfer_last_post_update":null,"surfer_last_post_update_direction":null,"surfer_keywords":null,"surfer_location":null,"surfer_draft_id":null,"surfer_permalink_hash":null,"surfer_scrape_ready":null,"_thumbnail_id":"6502","footnotes":null,"_links":{"self":[{"href":"https:\/\/webhosting.de\/pt\/wp-json\/wp\/v2\/posts\/6501","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/webhosting.de\/pt\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/webhosting.de\/pt\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/webhosting.de\/pt\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/webhosting.de\/pt\/wp-json\/wp\/v2\/comments?post=6501"}],"version-history":[{"count":1,"href":"https:\/\/webhosting.de\/pt\/wp-json\/wp\/v2\/posts\/6501\/revisions"}],"predecessor-version":[{"id":8443,"href":"https:\/\/webhosting.de\/pt\/wp-json\/wp\/v2\/posts\/6501\/revisions\/8443"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/webhosting.de\/pt\/wp-json\/wp\/v2\/media\/6502"}],"wp:attachment":[{"href":"https:\/\/webhosting.de\/pt\/wp-json\/wp\/v2\/media?parent=6501"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/webhosting.de\/pt\/wp-json\/wp\/v2\/categories?post=6501"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/webhosting.de\/pt\/wp-json\/wp\/v2\/tags?post=6501"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}