{"id":53703,"date":"2017-12-03T17:38:22","date_gmt":"2017-12-03T09:38:22","guid":{"rendered":"https:\/\/blog.trendmicro.com.tw\/?p=53703"},"modified":"2017-12-14T17:42:43","modified_gmt":"2017-12-14T09:42:43","slug":"%e6%83%a1%e5%90%8d%e6%98%ad%e5%bd%b0mirai-%e3%80%8c%e7%89%a9%e8%81%af%e7%b6%b2%e6%ae%ad%e5%b1%8d%e7%97%85%e6%af%92%e3%80%8d%e6%96%b0%e8%ae%8a%e7%a8%ae%e7%99%bc%e5%8b%95%e9%80%be3-7-%e8%90%ac%e6%ac%a1","status":"publish","type":"post","link":"https:\/\/blog.trendmicro.com.tw\/?p=53703","title":{"rendered":"\u60e1\u540d\u662d\u5f70Mirai \u300c\u7269\u806f\u7db2\u6bad\u5c4d\u75c5\u6bd2\u300d\u65b0\u8b8a\u7a2e,\u767c\u52d5\u903e3.7 \u842c\u6b21\u653b\u64ca"},"content":{"rendered":"

\u60e1\u540d\u662d\u5f70\u7684\u300cMirai<\/a>\u300d\u7269\u806f\u7db2 (IoT) \u6bad\u5c4d\u7db2\u8def\u75c5\u6bd2 (\u8da8\u52e2\u79d1\u6280\u547d\u540d\u70ba ELF_MIRAI \u5bb6\u65cf) \u53c8\u518d\u5ea6\u51fa\u73fe\u5728\u4e00\u6ce2\u65b0\u7684\u653b\u64ca\u884c\u52d5\u7576\u4e2d<\/a>\uff0c\u6b64\u6b21\u7684\u76ee\u6a19\u662f\u963f\u6839\u5ef7\uff0c\u653b\u64ca\u7684\u5fb5\u5146\u662f\u9023\u63a5\u57e0\u300c2323\u300d\u548c\u300c23\u300d\u6d41\u91cf\u66b4\u589e\u3002\u96a8\u5f8c\uff0c\u653b\u64ca\u884c\u52d5\u53c8\u64f4\u6563\u81f3\u5357\u7f8e\u548c\u5317\u975e\u570b\u5bb6\uff0c\u8da8\u52e2\u79d1\u6280<\/a>\u5728\u54e5\u502b\u6bd4\u4e9e\u3001\u5384\u74dc\u591a\u723e\u3001\u5df4\u62ff\u99ac\u3001\u57c3\u53ca\u3001\u7a81\u5c3c\u897f\u4e9e\u7b49\u570b\u5075\u6e2c\u5230\u4e00\u7cfb\u5217\u653b\u64ca\u8207\u5927\u91cf Mirai \u75c5\u6bd2\u6d3b\u52d5\u3002\u540c\u6642\uff0c\u5728\u963f\u6839\u5ef7\u5883\u5167\u7684\u6d3b\u52d5\u4e5f\u589e\u52a0\u3002<\/p>\n

\u91dd\u5c0d\u9019\u6700\u65b0\u7684\u7b2c\u4e8c\u6ce2\u653b\u64ca\uff0c\u6211\u5011\u7e3d\u5171\u8490\u96c6\u5230\u516d\u500b\u570b\u5bb6\u7684\u8cc7\u6599\u3002\u5f9e UTC \u6642\u9593 11 \u6708 29 \u65e5 2:00 \u81f3 11 \u6708 29 \u65e5 8:00 \u9019\u6bb5\u671f\u9593\uff0c\u6211\u5011\u7e3d\u5171\u5075\u6e2c\u5230 371,640 \u6b21\u653b\u64ca (\u4f86\u81ea 9,000 \u500b\u5de6\u53f3\u7684\u975e\u91cd\u8907 IP \u4f4d\u5740)\u3002\u6b64\u6ce2\u653b\u64ca\u7684\u4e3b\u8981\u76ee\u6a19\u70ba\u54e5\u502b\u6bd4\u4e9e\uff0c\u6b64\u5916\uff0c\u5384\u74dc\u591a\u723e\u3001\u963f\u6839\u5ef7\u3001\u57c3\u53ca\u548c\u7a81\u5c3c\u897f\u4e9e\u7684\u60c5\u6cc1\u4e5f\u985e\u4f3c\u3002\u552f\u4e00\u7684\u4f8b\u5916\u662f\u5df4\u62ff\u99ac\uff0c\u5176\u53d7\u653b\u64ca\u7684\u6642\u9593\u8f03\u665a\uff0c\u6578\u91cf\u4e5f\u8f03\u5176\u4ed6\u570b\u5bb6\u5c11\u3002\u4e0b\u5716\u986f\u793a\u7b2c\u4e00\u6ce2\u653b\u64ca (\u91dd\u5c0d\u963f\u6839\u5ef7) \u8207\u7b2c\u4e8c\u6ce2\u653b\u64ca (\u91dd\u5c0d\u54e5\u502b\u6bd4\u4e9e\u548c\u5df4\u62ff\u99ac) \u7684\u653b\u64ca\u6578\u91cf\u6bd4\u8f03\uff1a<\/p>\n

\"<\/p>\n

\"<\/p>\n

\u5716 1 \u548c\u5716 2\uff1a\u7b2c\u4e00\u6ce2\u548c\u7b2c\u4e8c\u6ce2\u653b\u64ca\u7684\u6642\u9593\u548c\u6578\u91cf (\u7686\u70ba UTC \u6642\u9593)\u3002<\/em><\/p>\n

\u5f9e\u4e0a\u5716\u53ef\u770b\u51fa\u6e05\u695a\u7684\u653b\u64ca\u6a21\u5f0f\uff1a\u7b2c\u4e00\u6ce2\u6700\u65e9\u5927\u7d04\u662f\u5f9e 11 \u6708 22 \u65e5\u7684 16:00 \u5de6\u53f3\u958b\u59cb\uff0c\u4e00\u76f4\u6301\u7e8c\u5230 11 \u6708 25 \u65e5 1:00 \u5de6\u53f3\uff0c\u653b\u64ca\u6578\u91cf\u624d\u4e0b\u964d\u81f3 1,000\u3002\u7b2c\u4e8c\u6ce2\u6700\u65e9\u958b\u59cb\u65bc 11 \u6708 29 \u65e5 4:00 \u5de6\u53f3\uff0c\u8207\u91dd\u5c0d\u963f\u6839\u5ef7\u90a3\u4e00\u6ce2\u653b\u64ca\u4e0d\u540c\u7684\u662f\uff0c\u7b2c\u4e8c\u6ce2\u653b\u64ca\u7684\u6578\u91cf\u5206\u5e03\u8f03\u70ba\u5e73\u5747\u3002\u54e5\u502b\u6bd4\u4e9e\u6240\u627f\u53d7\u7684\u653b\u64ca\u6578\u91cf\u6700\u591a\u3002\u9019\u6ce2\u653b\u64ca\u7b2c\u4e00\u500b\u9ad8\u5cf0\u51fa\u73fe\u5728 11 \u6708 29 \u65e5\u96a8\u5f8c\u9010\u6f38\u6d88\u9000\u3002\u7dca\u63a5\u8457\u5728 12 \u6708 1 \u65e5 8:00 \u81f3 9:00\uff0c\u53c8\u51fa\u73fe\u7b2c\u4e8c\u6b21\u9ad8\u5cf0\uff0c\u800c\u4e14\u5275\u4e0b\u54e5\u502b\u6bd4\u4e9e\u55ae\u4e00\u5c0f\u6642\u653b\u64ca\u91cf\u6700\u9ad8\u7d00\u9304 (80,825 \u6b21\uff0c\u5728 7:00 \u5de6\u53f3)\u3002<\/p>\n

\u9664\u6b64\u4e4b\u5916\uff0c\u6211\u5011\u4e5f\u8490\u96c6\u5230\u4e86\u653b\u64ca\u7aef\u7684\u975e\u91cd\u8907 IP \u4f4d\u5740\u3002\u5728\u7b2c\u4e00\u6ce2\u653b\u64ca\u7576\u4e2d\uff0c\u653b\u64ca\u7aef IP \u4f4d\u5740\u540c\u6a23\u4e5f\u4f4d\u65bc\u963f\u6839\u5ef7\u5883\u5167\uff0c\u63db\u53e5\u8a71\u8aaa\uff0c\u653b\u64ca\u8005\u8207\u53d7\u5bb3\u76ee\u6a19\u5927\u591a\u4f4d\u65bc\u76f8\u540c\u5730\u5340\u3002\u7b2c\u4e8c\u6ce2\u653b\u64ca\u7684\u6a21\u5f0f\u4e5f\u985e\u4f3c\uff0c\u653b\u64ca\u8005\u8207\u53d7\u5bb3\u8005\u7686\u5747\u52fb\u5206\u6563\u5728\u4e94\u500b\u4e3b\u8981\u570b\u5bb6\u5883\u5167\uff0c\u5176\u4e2d\uff0c\u5df4\u62ff\u99ac\u7684\u6578\u91cf\u8f03\u5c11\u3002<\/p>\n

\"<\/p>\n

\"<\/p>\n

\u5716 3 \u548c\u5716 4\uff1a\u7b2c\u4e00\u6ce2\u8207\u7b2c\u4e8c\u6ce2\u7684\u653b\u64ca\u7aef\u975e\u91cd\u8907 IP \u4f4d\u5740\u6578\u91cf (\u7686 UTC \u6642\u9593)\u3002<\/em><\/p>\n

\u5118\u7ba1\u7b2c\u4e8c\u6ce2\u653b\u64ca\u7684\u6578\u91cf\u5c11\u65bc\u91dd\u5c0d\u963f\u6839\u5ef7\u7684\u7b2c\u4e00\u6ce2\u653b\u64ca\uff0c\u4f46\u653b\u64ca\u7bc4\u570d\u537b\u66f4\u5ee3\uff0c\u5c24\u5176\u4ee5\u54e5\u502b\u6bd4\u4e9e\u6700\u70ba\u56b4\u91cd\u3002\u9664\u4e86\u524d\u9762\u63d0\u5230\u7684\u7b2c\u4e8c\u500b\u9ad8\u5cf0\u4e4b\u5916\uff0c\u55ae\u4e00\u5c0f\u6642\u653b\u64ca\u6578\u91cf\u5728 11 \u6708 29 \u65e5 5:00 \u5de6\u53f3\u4e5f\u76f8\u7576\u9ad8\uff1a56,748 \u6b21\u3002\u81f3\u65bc\u7b2c\u4e00\u6ce2\u91dd\u5c0d\u963f\u6839\u5ef7\u7684\u653b\u64ca\uff0c\u5176\u9ad8\u5cf0\u5247\u662f\u51fa\u73fe\u5728 11 \u6708 22 \u65e5 23:00 \u5de6\u53f3\uff1a24,716 \u6b21\u3002<\/p>\n

\u5c31\u53d7\u5bb3\u76ee\u6a19\u4f86\u770b\uff0c\u6b79\u5f92\u653b\u64ca\u7684\u88dd\u7f6e\u76f8\u7576\u591a\u6a23\uff0c\u5305\u62ec\uff1aIP \u651d\u5f71\u6a5f\u3001\u6578\u4f4d\u9304\u5f71\u6a5f (DVR)\u3001\u7db2\u8def\u8996\u8a0a\u9304\u5f71\u6a5f (NVR)\uff0c\u4ee5\u53ca\u6578\u64da\u6a5f (modem)\u3002\u5f9e\u4ee5\u4e0b\u6b79\u5f92\u7528\u4f86\u767b\u5165\u88dd\u7f6e\u7684\u5e33\u865f\u5bc6\u78bc\u90e8\u5206\u6e05\u55ae\u4e5f\u53ef\u770b\u51fa\u9019\u500b\u73fe\u8c61\uff0c\u6db5\u84cb\u4e0a\u8ff0\u6240\u6709\u88dd\u7f6e\u985e\u578b\u53ca\u591a\u7a2e\u5ee0\u724c\uff0c\u5982\uff1aZyXEL \u548c Dahua\u3002\u4ee5\u4e0b\u8cc7\u6599\u53d6\u81ea\u91dd\u5c0d\u54e5\u502b\u6bd4\u4e9e\u7684\u653b\u64ca\uff1a<\/p>\n\n\n\n\n\n\n\n\n
\u767b\u5165\u5e33\u865f<\/strong><\/td>\n\u5bc6\u78bc<\/strong><\/td>\n\u88dd\u7f6e<\/strong><\/td>\n<\/tr>\n
admin<\/td>\nCenturyL1nk<\/td>\nZyXEL PK5001Z<\/td>\n<\/tr>\n
admin<\/td>\nQwestM0dem<\/td>\nZyXEL PK5001Z<\/td>\n<\/tr>\n
root<\/td>\nvizxv<\/td>\nDahua IPC-HFW4300S<\/td>\n<\/tr>\n
root<\/td>\nxc3511<\/td>\nXiong Mai Technology \u7684 IP \u651d\u5f71\u6a5f\u3001DVR \u53ca NVR<\/td>\n<\/tr>\n
Wproot<\/td>\ncat1029<\/td>\nTenvis TH692 \u6236\u5916 P2P HD \u9632\u6c34 IP \u651d\u5f71\u6a5f<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n

\u5982\u540c\u524d\u4e00\u6ce2\u653b\u64ca\u4e00\u6a23\uff0c\u9019\u6b21\u99ed\u5ba2\u4f9d\u7136\u8a66\u5716\u653b\u64ca ZyXEL \u6578\u64da\u6a5f\u7684\u5b89\u5168\u6f0f\u6d1e\uff0c\u518d\u52a0\u4e0a\u4e00\u4e9b\u524d\u4e00\u6ce2\u91dd\u5c0d\u963f\u6839\u5ef7\u7684\u653b\u64ca\u6240\u672a\u898b\u904e\u7684\u88dd\u7f6e\uff0c\u6700\u660e\u986f\u7684\u5c31\u662f Tenvis TH692 \u6236\u5916 P2P HD \u9632\u6c34 IP \u651d\u5f71\u6a5f\u3002\u6211\u5011\u6aa2\u67e5\u4e86\u6240\u6709\u5f9e 11 \u6708 1 \u65e5\u81f3 12 \u6708 1 \u65e5\u6240\u8490\u96c6\u5230\u7684\u767b\u5165\u5e33\u865f\uff0c\u5728 11 \u6708 28 \u65e5\u4e4b\u524d\uff0c\u300cWproot\u300d\u9019\u500b\u5e33\u865f (Tenvis TH692 \u6236\u5916 P2P HD \u9632\u6c34 IP \u651d\u5f71\u6a5f\u7684\u9810\u8a2d\u767b\u5165\u5e33\u865f) \u5f9e\u672a\u51fa\u73fe\u904e\u3002\u6839\u64da\u6211\u5011\u8490\u96c6\u5230\u7684\u76e3\u63a7\u8cc7\u6599\uff0c\u300cWproot\u300d\u9019\u500b\u5e33\u865f\u7b2c\u4e00\u6b21\u51fa\u73fe\u662f\u5728 11 \u6708 29 \u65e5 3:00 \u5de6\u53f3\u3002<\/p>\n

\u76ee\u524d\u8da8\u52e2\u79d1\u6280<\/a>\u4ecd\u5728\u7814\u7a76\u6b79\u5f92\u70ba\u4f55\u9396\u5b9a\u9019\u4e9b\u570b\u5bb6\uff0c\u4ee5\u53ca\u9019\u5169\u6ce2\u653b\u64ca\u4e4b\u9593\u662f\u5426\u6709\u4efb\u4f55\u95dc\u806f\u3002\u6211\u5011\u5c07\u6301\u7e8c\u76e3\u63a7\u9019\u4e9b\u653b\u64ca\uff0c\u4e26\u4e14\u9069\u6642\u63d0\u4f9b\u6700\u65b0\u6d88\u606f\u3002<\/p>\n

 <\/p>\n

\u539f\u6587\u51fa\u8655\uff1aNew Mirai Attack Attempts Detected in South America and North African Countries<\/a><\/p>\n

 <\/p>\n

 <\/p>\n","protected":false},"excerpt":{"rendered":"

\u60e1\u540d\u662d\u5f70\u7684\u300cMirai\u300d\u7269\u806f\u7db2 (IoT) \u6bad\u5c4d\u7db2\u8def\u75c5\u6bd2 (\u8da8\u52e2\u79d1\u6280\u547d\u540d\u70ba ELF_MIRAI \u5bb6\u65cf) \u53c8\u518d\u5ea6 […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":"","_wpscppro_dont_share_socialmedia":false,"_wpscppro_custom_social_share_image":0,"_facebook_share_type":"","_twitter_share_type":"","_linkedin_share_type":"","_pinterest_share_type":"","_linkedin_share_type_page":"","_instagram_share_type":"","_medium_share_type":"","_threads_share_type":"","_google_business_share_type":"","_selected_social_profile":[],"_wpsp_enable_custom_social_template":false,"_wpsp_social_scheduling":{"enabled":false,"datetime":null,"platforms":[],"status":"template_only","dateOption":"today","timeOption":"now","customDays":"","customHours":"","customDate":"","customTime":"","schedulingType":"absolute"},"_wpsp_active_default_template":true},"categories":[1],"tags":[1599,3088,24,3626,23,1593],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/blog.trendmicro.com.tw\/index.php?rest_route=\/wp\/v2\/posts\/53703"}],"collection":[{"href":"https:\/\/blog.trendmicro.com.tw\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blog.trendmicro.com.tw\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blog.trendmicro.com.tw\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/blog.trendmicro.com.tw\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=53703"}],"version-history":[{"count":0,"href":"https:\/\/blog.trendmicro.com.tw\/index.php?rest_route=\/wp\/v2\/posts\/53703\/revisions"}],"wp:attachment":[{"href":"https:\/\/blog.trendmicro.com.tw\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=53703"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blog.trendmicro.com.tw\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=53703"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blog.trendmicro.com.tw\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=53703"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}