{"id":507967,"date":"2022-12-12T20:51:06","date_gmt":"2022-12-12T22:51:06","guid":{"rendered":"https:\/\/teknomers.com\/fr\/la-campagne-dextraction-de-crypto-monnaie-frappe-les-utilisateurs-de-linux-avec-le-logiciel-malveillant-chaos-base-sur-go\/"},"modified":"2022-12-12T20:51:07","modified_gmt":"2022-12-12T22:51:07","slug":"la-campagne-dextraction-de-crypto-monnaie-frappe-les-utilisateurs-de-linux-avec-le-logiciel-malveillant-chaos-base-sur-go","status":"publish","type":"post","link":"https:\/\/teknomers.com\/fr\/la-campagne-dextraction-de-crypto-monnaie-frappe-les-utilisateurs-de-linux-avec-le-logiciel-malveillant-chaos-base-sur-go\/","title":{"rendered":"La campagne d&#8217;extraction de crypto-monnaie frappe les utilisateurs de Linux avec le logiciel malveillant CHAOS bas\u00e9 sur Go"},"content":{"rendered":"<p> <br \/>\n<\/p>\n<div>\n<p><span class=\"p-author\"><i class=\"icon-font icon-calendar\">\ue802<\/i><span class=\"author\">12 d\u00e9cembre 2022<\/span><i class=\"icon-font icon-user\">\ue804<\/i><span class=\"author\">Ravie Lakshmanan<\/span><\/span><span class=\"p-tags\">S\u00e9curit\u00e9 du serveur \/ Linux<\/span><\/p>\n<\/div>\n<div id=\"articlebody\">\n<div class=\"separator\" style=\"clear: both;\"><\/div>\n<p>Une attaque de minage de crypto-monnaie ciblant le syst\u00e8me d&#8217;exploitation Linux impliquait \u00e9galement l&#8217;utilisation d&#8217;un cheval de Troie d&#8217;acc\u00e8s \u00e0 distance (RAT) open source surnomm\u00e9 <a rel=\"nofollow noopener\" href=\"https:\/\/github.com\/tiagorlampert\/CHAOS\" target=\"_blank\">LE CHAOS<\/a>.<\/p>\n<p>La menace, qui a \u00e9t\u00e9 rep\u00e9r\u00e9e par Trend Micro en novembre 2022, reste pratiquement inchang\u00e9e dans tous les autres aspects, y compris lorsqu&#8217;il s&#8217;agit de mettre fin aux logiciels malveillants concurrents, aux logiciels de s\u00e9curit\u00e9 et au d\u00e9ploiement du mineur de crypto-monnaie Monero (XMR).<\/p>\n<p>&#8220;Le logiciel malveillant atteint sa persistance en alt\u00e9rant <a rel=\"nofollow noopener\" href=\"https:\/\/en.wikipedia.org\/wiki\/Cron\" target=\"_blank\">\/etc\/crontab fichier<\/a>un planificateur de t\u00e2ches UNIX qui, dans ce cas, se t\u00e9l\u00e9charge toutes les 10 minutes depuis Pastebin \u00bb, les chercheurs David Fiser et Alfredo Oliveira <a rel=\"nofollow noopener\" href=\"https:\/\/www.trendmicro.com\/en_us\/research\/22\/l\/linux-cryptomining-enhanced-via-chaos-rat-.html\" target=\"_blank\">a dit<\/a>.<\/p>\n<div class=\"ad_two clear\"><center class=\"cf\"><a rel=\"nofollow noopener\" href=\"https:\/\/go.thn.li\/uptycs-inside\" target=\"_blank\" title=\"CyberSecurity\"><img decoding=\"async\" alt=\"La cyber-s\u00e9curit\u00e9\" class=\"lazyload\" loading=\"lazy\" src=\"https:\/\/teknomers.com\/fr\/wp-content\/uploads\/2022\/11\/Des-chercheurs-detaillent-la-vulnerabilite-inter-locataire-dAppSync-dans-Amazon-Web.jpg\" width=\"728\" height=\"90\"\/><\/a><\/center><\/div>\n<p>Cette \u00e9tape est r\u00e9ussie en t\u00e9l\u00e9chargeant les charges utiles de la prochaine \u00e9tape qui se composent du mineur XMRig et du CHAOS RAT bas\u00e9 sur Go.<\/p>\n<p>La soci\u00e9t\u00e9 de cybers\u00e9curit\u00e9 a d\u00e9clar\u00e9 que le script de t\u00e9l\u00e9chargement principal et d&#8217;autres charges utiles sont h\u00e9berg\u00e9s \u00e0 plusieurs endroits pour s&#8217;assurer que la campagne reste active et que de nouvelles infections continuent de se produire.<\/p>\n<p>Le CHAOS RAT, une fois t\u00e9l\u00e9charg\u00e9 et lanc\u00e9, transmet des m\u00e9tadonn\u00e9es syst\u00e8me d\u00e9taill\u00e9es \u00e0 un serveur distant, tout en offrant des capacit\u00e9s pour effectuer des op\u00e9rations sur les fichiers, prendre des captures d&#8217;\u00e9cran, \u00e9teindre et red\u00e9marrer l&#8217;ordinateur et ouvrir des URL arbitraires.<\/p>\n<p>&#8220;En surface, l&#8217;incorporation d&#8217;un RAT dans la routine d&#8217;infection d&#8217;un malware d&#8217;extraction de crypto-monnaie peut sembler relativement mineure&#8221;, ont d\u00e9clar\u00e9 les chercheurs.<\/p>\n<p>&#8220;Cependant, \u00e9tant donn\u00e9 la gamme de fonctions de l&#8217;outil et le fait que cette \u00e9volution montre que les acteurs de la menace bas\u00e9e sur le cloud font encore \u00e9voluer leurs campagnes, il est important que les organisations et les individus restent tr\u00e8s vigilants en mati\u00e8re de s\u00e9curit\u00e9.&#8221;<\/p>\n<p><\/p>\n<div class=\"cf note-b\">Vous avez trouv\u00e9 cet article int\u00e9ressant ?  Suivez-nous sur <a rel=\"nofollow noopener\" href=\"https:\/\/twitter.com\/thehackersnews\" target=\"_blank\">Twitter <i class=\"icon-font icon-twitter\">\uf099<\/i><\/a>  et <a rel=\"nofollow noopener\" href=\"https:\/\/www.linkedin.com\/company\/thehackernews\/\" target=\"_blank\">LinkedIn<\/a> pour lire plus de contenu exclusif que nous publions.<\/div>\n<\/div>\n<p><script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><br \/>\n<br \/><br \/>\n<br \/><a href=\"https:\/\/thehackernews.com\/2022\/12\/cryptocurrency-mining-campaign-hits.html\" rel=\"nofollow noopener\" target=\"_blank\">ttn-fr-57<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>\ue80212 d\u00e9cembre 2022\ue804Ravie LakshmananS\u00e9curit\u00e9 du serveur \/ Linux Une attaque de minage de crypto-monnaie ciblant le syst\u00e8me d&#8217;exploitation Linux impliquait \u00e9galement l&#8217;utilisation d&#8217;un cheval de Troie d&#8217;acc\u00e8s \u00e0 distance (RAT) open source surnomm\u00e9 LE CHAOS. La menace, qui a \u00e9t\u00e9 rep\u00e9r\u00e9e par Trend Micro en novembre 2022, reste pratiquement inchang\u00e9e dans tous les autres aspects, [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":507968,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[6],"tags":[84,3283,2930,5314,4168,1966,4158,4165,4161,51145,1986,4157,4159,4171,4170,65,18088,6816,4167,7733,4160,4163,4162,4172,4169,60,7529,4166,4164],"class_list":["post-507967","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-technologie","tag-avec","tag-base","tag-campagne","tag-chaos","tag-comment-pirater","tag-cryptomonnaie","tag-cyber-actualites","tag-cyber-attaques","tag-cyber-mises-a-jour","tag-dextraction","tag-frappe","tag-lactualite-de-la-cybersecurite","tag-lactualite-de-la-cybersecurite-aujourdhui","tag-lactualite-des-hackers","tag-la-securite-des-informations","tag-les","tag-linux","tag-logiciel","tag-logiciel-malveillant-de-ransomware","tag-malveillant","tag-mises-a-jour-de-la-cybersecurite","tag-nouvelles-de-piratage","tag-nouvelles-de-pirates","tag-securite-informatique","tag-securite-internet","tag-sur","tag-utilisateurs","tag-violation-de-donnees","tag-vulnerabilite-logicielle"],"_links":{"self":[{"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/posts\/507967","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/comments?post=507967"}],"version-history":[{"count":0,"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/posts\/507967\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/media\/507968"}],"wp:attachment":[{"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/media?parent=507967"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/categories?post=507967"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/tags?post=507967"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}