{"id":54852,"date":"2018-03-21T09:00:22","date_gmt":"2018-03-21T01:00:22","guid":{"rendered":"https:\/\/blog.trendmicro.com.tw\/?p=54852"},"modified":"2018-03-21T14:15:18","modified_gmt":"2018-03-21T06:15:18","slug":"%e8%99%9b%e6%93%ac%e8%b2%a8%e5%b9%a3%e5%85%a8%e7%90%83%e6%b7%98%e9%87%91%e6%bd%ae-2017%e5%b9%b4%e6%8c%96%e7%a4%a6%e6%83%a1%e6%84%8f%e7%a8%8b%e5%bc%8f-%e5%8f%b0%e7%81%a3%e6%8e%92%e5%85%a8%e7%90%83","status":"publish","type":"post","link":"https:\/\/blog.trendmicro.com.tw\/?p=54852","title":{"rendered":"\u865b\u64ec\u8ca8\u5e63\u5168\u7403\u6dd8\u91d1\u6f6e, 2017\u5e74\u6316\u7926\u60e1\u610f\u7a0b\u5f0f, \u53f0\u7063\u6392\u5168\u7403\u7b2c\u4e09"},"content":{"rendered":"<h3><a href=\"https:\/\/blog.trendmicro.com.tw\/wp-content\/uploads\/2018\/03\/bitcoin-mining3.jpg\"><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter size-full wp-image-54758\" src=\"https:\/\/blog.trendmicro.com.tw\/wp-content\/uploads\/2018\/03\/bitcoin-mining3.jpg\" alt=\"\" width=\"1382\" height=\"911\" srcset=\"https:\/\/blog.trendmicro.com.tw\/wp-content\/uploads\/2018\/03\/bitcoin-mining3.jpg 1382w, https:\/\/blog.trendmicro.com.tw\/wp-content\/uploads\/2018\/03\/bitcoin-mining3-300x198.jpg 300w, https:\/\/blog.trendmicro.com.tw\/wp-content\/uploads\/2018\/03\/bitcoin-mining3-768x506.jpg 768w, https:\/\/blog.trendmicro.com.tw\/wp-content\/uploads\/2018\/03\/bitcoin-mining3-1024x675.jpg 1024w, https:\/\/blog.trendmicro.com.tw\/wp-content\/uploads\/2018\/03\/bitcoin-mining3-600x396.jpg 600w, https:\/\/blog.trendmicro.com.tw\/wp-content\/uploads\/2018\/03\/bitcoin-mining3-30x20.jpg 30w, https:\/\/blog.trendmicro.com.tw\/wp-content\/uploads\/2018\/03\/bitcoin-mining3-800x527.jpg 800w\" sizes=\"(max-width: 1382px) 100vw, 1382px\" \/><\/a><\/h3>\n<h3><img decoding=\"async\" class=\"alignleft\" src=\"https:\/\/blog.trendmicro.com\/trendlabs-security-intelligence\/files\/2018\/01\/coinminer-4-200x200.jpg\" \/><\/h3>\n<p><a href=\"https:\/\/blog.trendmicro.com.tw\/?p=50965\">\u865b\u64ec\u8ca8\u5e63<\/a>\u6316\u7926\u60e1\u610f\u7a0b\u5f0f\u6703\u4e0d\u6703\u6210\u70ba\u4e0b\u4e00\u500b<a href=\"https:\/\/blog.trendmicro.com.tw\/?p=12412\">\u52d2\u7d22\u75c5\u6bd2<\/a>\uff1f\u96a8\u8457\u52a0\u5bc6\u865b\u64ec\u8ca8\u5e63\u5728\u771f\u5be6\u4e16\u754c\u9010\u6f38\u6d41\u884c\u4e14\u6f38\u5f62\u91cd\u8981\uff0c\u9019\u985e\u8ca8\u5e63\u5728\u7db2\u8def\u72af\u7f6a\u9818\u57df\u4e5f\u958b\u59cb\u53d7\u5230\u91cd\u8996\uff0c\u800c\u4e14\u4f3c\u4e4e\u6709\u548c<a href=\"https:\/\/blog.trendmicro.com.tw\/?p=12412\">\u52d2\u7d22\u75c5\u6bd2 Ransomware<\/a> (\u52d2\u7d22\u8edf\u9ad4\/\u7d81\u67b6\u75c5\u6bd2)\u4e26\u99d5\u9f4a\u9a45\u7684\u614b\u52e2\u3002\u5176\u5be6\uff0c\u52a0\u5bc6\u865b\u64ec\u8ca8\u5e63\u6316\u7926\u6d3b\u52d5\u662f 2017 \u5e74\u5bb6\u7528\u8def\u7531\u5668\u9023\u63a5\u7684\u88dd\u7f6e\u6700\u5e38\u5075\u6e2c\u5230\u7684\u7db2\u8def\u4e8b\u4ef6\u3002<\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<h4>\u52a0\u5bc6\u865b\u64ec\u8ca8\u5e63\u6316\u7926\u60e1\u610f\u7a0b\u5f0f\uff1a2018 \u5e74\u6700\u65b0\u5a01\u8105\uff1f<\/h4>\n<figure class=\"thumbnail wp-caption alignnone\" style=\"width: 1110px\"><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/blog.trendmicro.com\/trendlabs-security-intelligence\/files\/2018\/02\/cryptocurrency-mining-malware-1-1.png\" alt=\"2017 \u5e74\uff0c\u52a0\u5bc6\u865b\u64ec\u8ca8\u5e63\u6316\u7926\u6d3b\u52d5\u662f\u5bb6\u7528\u8def\u7531\u5668\u9023\u63a5\u7684\u88dd\u7f6e\u6700\u5e38\u5075\u6e2c\u5230\u7684\u7db2\u8def\u4e8b\u4ef6 (\u6839\u64da\u8da8\u52e2\u79d1\u6280 Smart Home Network \u667a\u6167\u5bb6\u5ead\u7db2\u8def\u7522\u54c1\u56de\u5831\u8cc7\u6599)\u3002\" width=\"1100\" height=\"600\" \/><figcaption class=\"caption wp-caption-text\">\u57161:2017 \u5e74\uff0c\u52a0\u5bc6\u865b\u64ec\u8ca8\u5e63\u6316\u7926\u6d3b\u52d5\u662f\u5bb6\u7528\u8def\u7531\u5668\u9023\u63a5\u7684\u88dd\u7f6e\u6700\u5e38\u5075\u6e2c\u5230\u7684\u7db2\u8def\u4e8b\u4ef6 (\u6839\u64da\u8da8\u52e2\u79d1\u6280 Smart Home Network \u667a\u6167\u5bb6\u5ead\u7db2\u8def\u7522\u54c1\u56de\u5831\u8cc7\u6599)\u3002<\/figcaption><\/figure>\n<p>\u6316\u7926\u60e1\u610f\u7a0b\u5f0f\u6700\u65e9\u51fa\u73fe\u65bc <a href=\"https:\/\/blog.trendmicro.com\/trendlabs-security-intelligence\/bitcoin-mining-botnet-found-with-ddos-capabilities\/\">2011 \u5e74\u4e2d\u671f<\/a>\uff0c\u76f8\u8f03\u65bc\u7576\u6642\u6700\u6d41\u884c\u7684\u8815\u87f2\u3001\u5f8c\u9580\u7a0b\u5f0f\u7b49\u60e1\u610f\u7a0b\u5f0f\u4f86\u8aaa\uff0c\u53ea\u80fd\u7b97\u662f\u500b\u914d\u89d2\uff0c\u4f46\u76ee\u524d\u5df2\u6f14\u8b8a\u6210\u751a\u81f3\u6bd4<a href=\"https:\/\/www.zdnet.com\/article\/espionage-malware-snoops-for-passwords-mines-bitcoin-on-the-side\/\">\u7db2\u8def\u9593\u8adc\u6d3b\u52d5<\/a>\u9084\u8981\u8cfa\u9322\u7684\u9014\u5f91\uff0c\u4e00\u4e9b<a href=\"https:\/\/www.trendmicro.com\/vinfo\/us\/security\/news\/cyber-attacks\/black-ruby-ransomware-targets-non-iranian-users-adds-coinminer\">\u52d2\u7d22\u75c5\u6bd2<\/a>\u72af\u7f6a\u96c6\u5718\u3001<a href=\"https:\/\/blog.trendmicro.com\/trendlabs-security-intelligence\/lazarus-campaign-targeting-cryptocurrencies-reveals-remote-controller-tool-evolved-ratankba\/\">\u99ed\u5ba2\u5718\u9ad4<\/a>\u7b49\u7b49\u90fd\u7d1b\u7d1b\u8df3\u69fd\u52a0\u5165\u6b64\u4e00\u884c\u5217\u3002<\/p>\n<p>\u5c31\u4ee5 <a href=\"https:\/\/blog.trendmicro.com.tw\/?p=8103\">\u6bd4\u7279\u5e63(Bitcoin)<\/a> \u00a0\u70ba\u4f8b\uff0c2017 \u5e74 1 \u6708\u6bcf\u4e00\u6bd4\u7279\u5e63\u7684\u50f9\u683c\u9084\u5728 1,000 \u7f8e\u5143\u5de6\u53f3\uff0c\u4f46\u4eca\u65e5\u5df2\u8d85\u904e 11,000 \u7f8e\u5143\uff0c\u751a\u81f3\u66fe\u7d93\u4e00\u5ea6\u5347\u7834 <a href=\"https:\/\/coinmarketcap.com\/currencies\/bitcoin\/#charts\">20,000<\/a> \u7f8e\u5143\u5927\u95dc\u3002\u9580\u7f85\u5e63 (XMR) \u7684\u60c5\u6cc1\u4e5f\u662f\u985e\u4f3c\uff0c\u5f9e 2017 \u5e74 1 \u6708\u7684 13 \u7f8e\u5143\u66b4\u6f32\u81f3 2018 \u5e74 2 \u6708\u7684 325 \u7f8e\u5143\u3002\u800c\u5de8\u5e45\u7684\u50f9\u683c\u6ce2\u52d5\u4e5f\u958b\u59cb\u8b93\u5a01\u8105\u60c5\u52e2\u7522\u751f\u8b8a\u5316\uff1a\u53ea\u8981\u662f\u6709\u9322\u8cfa\u7684\u5730\u65b9\uff0c\u6b79\u5f92\u5c31\u6703\u8702\u64c1\u800c\u81f3\u3002<\/p>\n<p>\u6700\u4ee4\u4eba\u77da\u76ee\u7684\u662f\uff0c<a href=\"https:\/\/blog.trendmicro.com.tw\/?p=50965\">\u52a0\u5bc6\u865b\u64ec\u8ca8\u5e63\u6316\u7926\u60e1\u610f\u7a0b\u5f0f<\/a>\u5e7e\u4e4e\u5448<a href=\"https:\/\/www.trendmicro.com\/vinfo\/us\/security\/research-and-analysis\/threat-reports\/roundup\/the-cost-of-compromise\">\u7206\u70b8\u6027\u6210\u9577<\/a>\u3002\u5982\u4e0b\u5716\u6240\u793a\uff0c\u52a0\u5bc6\u865b\u64ec\u8ca8\u5e63\u6316\u7926\u60e1\u610f\u7a0b\u5f0f\u6578\u91cf\u5728 2017 \u5e74\u4e00\u76f4\u6301\u7e8c\u6709\u6240\u6210\u9577\uff0c\u4f46\u537b\u5728 10 \u6708\u7a81\u7136\u98c6\u9ad8 (116,361)\uff0c\u63a5\u8457\u5728 11\u300112 \u6708\u7a0d\u6e1b\u4e4b\u5f8c\u7dad\u6301\u7a69\u5b9a\u3002\u52a0\u5bc6\u865b\u64ec\u8ca8\u5e63\u6316\u7926\u60e1\u610f\u7a0b\u5f0f\u5075\u6e2c\u6578\u91cf\u6700\u591a\u7684\u662f\uff1a\u65e5\u672c\u3001\u5370\u5ea6\u3001\u53f0\u7063\u3001\u7f8e\u570b\u548c\u6fb3\u6d32\u3002<\/p>\n<figure class=\"thumbnail wp-caption alignnone\" style=\"width: 941px\"><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/blog.trendmicro.com\/trendlabs-security-intelligence\/files\/2018\/02\/cryptocurrency-mining-malware-2.png\" alt=\"\u52a0\u5bc6\u865b\u64ec\u8ca8\u5e63\u6316\u7926\u60e1\u610f\u7a0b\u5f0f\u5075\u6e2c\u6578\u91cf (2017 \u5e74\uff0c \u6839\u64da\u8da8\u52e2\u79d1\u6280 Smart Protection Network \u5168\u7403\u5a01\u8105\u60c5\u5831\u7db2\u7684\u8cc7\u6599)\u3002\" width=\"931\" height=\"502\" \/><figcaption class=\"caption wp-caption-text\">\u5716 2\uff1a\u52a0\u5bc6\u865b\u64ec\u8ca8\u5e63\u6316\u7926\u60e1\u610f\u7a0b\u5f0f\u5075\u6e2c\u6578\u91cf (2017 \u5e74\uff0c \u6839\u64da\u8da8\u52e2\u79d1\u6280 Smart Protection Network \u5168\u7403\u5a01\u8105\u60c5\u5831\u7db2\u7684\u8cc7\u6599)\u3002<\/figcaption><\/figure>\n<figure class=\"thumbnail wp-caption alignnone\" style=\"width: 1110px\"><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/blog.trendmicro.com\/trendlabs-security-intelligence\/files\/2018\/02\/cryptocurrency-mining-malware-3-2.png\" alt=\"\u52a0\u5bc6\u865b\u64ec\u8ca8\u5e63\u6316\u7926\u60e1\u610f\u7a0b\u5f0f\u5206\u5e03\u570b\u5bb6 \u53f0\u7063\u540d\u7b2c\u4e09 (2017 \u5e74\uff0c \u6839\u64da\u8da8\u52e2\u79d1\u6280 Smart Protection Network \u5168\u7403\u5a01\u8105\u60c5\u5831\u7db2\u7684\u8cc7\u6599)\u3002\" width=\"1100\" height=\"600\" \/><figcaption class=\"caption wp-caption-text\">\u5716 3\uff1a\u52a0\u5bc6\u865b\u64ec\u8ca8\u5e63\u6316\u7926\u60e1\u610f\u7a0b\u5f0f\u5206\u5e03\u570b\u5bb6 \u53f0\u7063\u540d\u7b2c\u4e09 (2017 \u5e74\uff0c \u6839\u64da\u8da8\u52e2\u79d1\u6280 Smart Protection Network \u5168\u7403\u5a01\u8105\u60c5\u5831\u7db2\u7684\u8cc7\u6599)\u3002<\/figcaption><\/figure>\n<p>&nbsp;<\/p>\n<p>\u9664\u6b64\u4e4b\u5916\uff0c\u7db2\u8def\u72af\u7f6a\u96c6\u5718\u958b\u63a1\u52a0\u5bc6\u865b\u64ec\u8ca8\u5e63\u7684\u624b\u6cd5\u4e5f\u958b\u59cb\u6709\u4e9b\u6539\u8b8a\uff0c\u5305\u62ec\uff1a\u6feb\u7528\u5408\u6cd5\u5de5\u5177\u6216\u7070\u8272\u5de5\u5177 (\u5982 Coinhive)\u3001\u7279\u5225\u504f\u597d\u9580\u7f85\u5e63\u4ee5\u53ca\u63a1\u7528<a href=\"https:\/\/blog.trendmicro.com.tw\/?p=12422\">\u7121\u6a94\u6848\u5f0f<\/a>\u52a0\u5bc6\u865b\u64ec\u8ca8\u5e63\u6316\u7926\u7a0b\u5f0f\u3002<\/p>\n<h4>\u5f9e\u6bd4\u7279\u5e63\u81f3\u9580\u7f85\u5e63<\/h4>\n<p>Coinhive \u63d0\u4f9b\u4e86\u4e00\u7a2e\u8b93\u4e00\u822c\u4f7f\u7528\u8005\u548c\u4f01\u696d\u85c9\u7531\u5728\u7db2\u7ad9\u5167\u5d4c JavaScript \u7a0b\u5f0f\u78bc\u7684\u65b9\u5f0f\u4f86\u958b\u62d3\u53e6\u4e00\u7a2e\u8ca1\u6e90\uff0c\u5176\u539f\u7406\u5c31\u662f\u85c9\u7531\u9019\u5957\u7a0b\u5f0f\u78bc\u4f86\u4f7f\u7528\u7db2\u7ad9\u700f\u89bd\u8005\u7684 CPU \u8cc7\u6e90\u4f86\u958b\u63a1\u9580\u7f85\u5e63\u3002\u4e0d\u904e\u9019\u5957\u65b9\u4fbf\u53c8\u80fd\u5ba2\u88fd\u5316\u7684\u8cfa\u9322\u65b9\u6cd5\u4e5f\u9003\u4e0d\u904e\u7db2\u8def\u72af\u7f6a\u96c6\u5718\u7684\u9b54\u638c\u3002\u4e8b\u5be6\u4e0a\uff0c\u6839\u64da<a href=\"https:\/\/blog.trendmicro.com.tw\/?p=53407\">\u5831\u5c0e<\/a>\uff0c\u5f9e Coinhive \u884d\u751f\u51fa\u4f86\u7684\u6316\u7926\u60e1\u610f\u7a0b\u5f0f\u5df2\u6210\u70ba\u5168\u7403\u7b2c\u516d\u5927\u71b1\u9580\u60e1\u610f\u7a0b\u5f0f\uff0c\u751a\u81f3\u9023\u7f8e\u3001\u82f1\u5169\u570b\u653f\u5e9c\u6a5f\u95dc\u7684\u7db2\u7ad9\u90fd\u662f<a href=\"https:\/\/blog.trendmicro.com.tw\/?p=54521\">\u53d7\u5bb3\u8005<\/a>\uff0c\u6b64\u5916\u9084\u6709\u4e00\u4e9b\u77e5\u540d\u4f01\u696d\u7684<a href=\"https:\/\/blog.trendmicro.com.tw\/?p=54597\">\u96f2\u7aef\u4f3a\u670d\u5668<\/a>\uff0c\u751a\u81f3\u900f\u904e<a href=\"https:\/\/blog.trendmicro.com.tw\/?p=54207\">\u60e1\u610f\u5ee3\u544a<\/a>\u4f86\u6563\u5e03\u3002<\/p>\n<p>&nbsp;<\/p>\n<blockquote><p>\u300a\u5ef6\u4f38\u95b1\u8b80\u300b<\/p>\n<p><a href=\"https:\/\/blog.trendmicro.com.tw\/?p=54597\">\u7279\u65af\u62c9 ( Tesla ) \u8207 Jenkins \u4f3a\u670d\u5668\u6210\u99ed\u5ba2\u6316\u7926\u6a5f!\u907f\u514d\u300c\u4f3a\u670d\u5668\u8b8a\u6316\u7926\u6a5f\u300d\u56db\u5b88\u5247\u00a0<\/a><\/p>\n<p><a href=\"https:\/\/blog.trendmicro.com.tw\/?p=54207\">Youtube \u770b\u5f71\u7247\u96fb\u8166\u8b8a\u597d\u6162?\u7576\u5fc3\u99ed\u5ba2\u6b63\u5728\u6316\u7926\u8cfa\u5916\u5feb!<\/a><\/p>\n<p>&nbsp;<\/p><\/blockquote>\n<p>\u9580\u7f85\u5e63\u548c Coinhive \u6703\u53d7\u5230\u7db2\u8def\u72af\u7f6a\u96c6\u5718\u9752\u775e\u5176\u5be6\u4e0d\u4ee4\u4eba\u610f\u5916\u3002\u7531\u65bc\u958b\u63a1\u9580\u7f85\u5e63\u7684\u6f14\u7b97\u6cd5\u300cCryptoNight\u300d\u5728\u8a2d\u8a08\u4e0a\u4e0d\u9069\u5408\u5728\u7279\u6b8a\u61c9\u7528\u6676\u7247 (ASIC) \u4e0a\u57f7\u884c\u3002\u56e0\u6b64\uff0c\u6bd4\u8f03\u9069\u5408\u5229\u7528\u6d88\u8cbb\u6027\u96fb\u8166 CPU \u4f86\u6316\u7926\u3002<\/p>\n<p>\u9019\u4e00\u9ede\u6709\u5225\u65bc\u6bd4\u7279\u5e63\uff0c\u6bd4\u7279\u5e63\u96d6\u7136\u4e5f\u53ef\u4ee5\u7528\u4e00\u822c\u7684\u96fb\u8166 CPU \u548c\u986f\u793a\u5361\u7684 GPU (\u6216\u5169\u8005\u7d50\u5408) \u4f86\u6316\u7926\uff0c\u4f46\u6548\u679c\u5df2\u6bd4\u4e0d\u4e0a\u63a1\u7528\u5c08\u7528\u7684\u7279\u6b8a\u61c9\u7528\u6676\u7247\u548c\u96f2\u7aef\u6316\u7926\u4f3a\u670d\u5668\u3002\u76ee\u524d\uff0c\u4e00\u53f0\u6316\u7926\u6a5f\u53ef\u80fd 7 \u5929 24 \u5c0f\u6642\u8dd1\u4e00\u6574\u5e74\u9084\u6316\u4e0d\u5230 1 \u500b\u6bd4\u7279\u5e63\u3002<\/p>\n<p>\u6b64\u5916\uff0c\u9580\u7f85\u5e63\u7684\u96b1\u79c1\u6027\u4e5f\u512a\u65bc\u6bd4\u7279\u5e63\u3002\u7531\u65bc\u5b83\u63a1\u7528\u74b0\u72c0\u7c3d\u540d (ring signature) \u4f86\u4fdd\u8b77\u96b1\u79c1\uff0c\u56e0\u6b64\u5176\u5340\u584a\u93c8\u4ea4\u6613\u7684\u4f4d\u5740\u3001\u91d1\u984d\u3001\u4f86\u6e90\u3001\u76ee\u7684\u5730\u3001\u767c\u9001\u8005\u3001\u63a5\u6536\u8005\u7b49\u7b49\u66f4\u4e0d\u6613\u8ffd\u67e5\u3002<\/p>\n<h4>\u7121\u6a94\u6848\u5f0f\u52a0\u5bc6\u6578\u4f4d\u8ca8\u5e63\u6316\u7926\u60e1\u610f\u7a0b\u5f0f<\/h4>\n<p>\u5982\u540c\u52d2\u7d22\u75c5\u6bd2\u4e00\u6a23\uff0c\u96a8\u8457\u6316\u7926\u7a0b\u5f0f\u8d8a\u4f86\u8d8a\u6210\u719f\uff0c<a href=\"https:\/\/www.facebook.com\/trendmicrotaiwan\">\u8da8\u52e2\u79d1\u6280<\/a>\u4e5f\u958b\u59cb\u770b\u5230\u4e00\u4e9b\u5229\u7528\u77e5\u540d\u6f0f\u6d1e\u6216\u5176\u4ed6\u65b9\u6cd5\u4ee5\u7121\u6a94\u6848\u65b9\u5f0f\u5728\u7cfb\u7d71\u690d\u5165\u6316\u7926\u7a0b\u5f0f\u7684\u624b\u6cd5\u3002\u4f8b\u5982\u6839\u64da Coinhive <a href=\"https:\/\/coinhive.com\/#hash-rate\">\u6307\u51fa<\/a>\uff0c\u4e00\u500b\u7db2\u7ad9\u53ea\u8981\u6709 10 \u81f3 20 \u500b\u6d3b\u8e8d\u4e2d\u7684\u6316\u7926\u7a0b\u5f0f\uff0c\u6bcf\u500b\u6708\u5c31\u6709 0.3 \u9580\u7f85\u5e63\u7684\u6536\u5165 (\u6839\u64da 2018 \u5e74 2 \u6708 22 \u65e5\u532f\u7387\u7d04\u5408 97 \u7f8e\u5143)\u3002\u6240\u4ee5\u53ea\u8981\u5efa\u7acb\u4e00\u500b\u9f90\u5927\u7684<a href=\"https:\/\/blog.trendmicro.com.tw\/?p=106\">\u300cBotnet<em>\u5080\u5121<\/em>\u6bad\u5c4d\u7db2\u8def\u300d<\/a>\uff0c\u5c31\u80fd\u7372\u5f97\u53ef\u89c0\u7684\u4e0d\u6cd5\u7372\u5229\u3002<\/p>\n<p>\u4e00\u500b\u4f8b\u5b50\u5c31\u662f\u53bb\u5e74\u6211\u5011\u767c\u73fe\u7684\u4e00\u500b<a href=\"https:\/\/blog.trendmicro.com.tw\/?p=51904\">\u52a0\u5bc6\u865b\u64ec\u8ca8\u5e63\u6316\u7926\u60e1\u610f\u7a0b\u5f0f<\/a>\u6703\u4f7f\u7528 <a href=\"https:\/\/blog.trendmicro.com\/trendlabs-security-intelligence\/ms17-010-eternalblue\/\">EternalBlue<\/a> \u6f0f\u6d1e\u653b\u64ca\u6280\u5de7\u4f86\u6563\u5e03\uff0c\u4e26\u5229\u7528 <a href=\"https:\/\/la.trendmicro.com\/media\/misc\/understanding-wmi-malware-research-paper-en.pdf\">Windows Management Instrumentation<\/a> (WMI) \u4f86\u9577\u671f\u6f5b\u4f0f\u5728\u7cfb\u7d71\u4e2d\u3002\u4e8b\u5be6\u4e0a\uff0c\u5c08\u9580\u958b\u63a1\u9580\u7f85\u5e63\u7684 <a href=\"https:\/\/blog.trendmicro.com\/trendlabs-security-intelligence\/wannacry-uiwix-ransomware-monero-mining-malware-follow-suit\/\">Adylkuzz<\/a> \u60e1\u610f\u7a0b\u5f0f\u64da\u7a31\u751a\u81f3\u6bd4<a href=\"https:\/\/blog.trendmicro.com.tw\/?cat=3220\">WannaCry(\u60f3\u54ed)<\/a>\u52d2\u7d22\u8815\u87f2\u52d2\u7d22\u75c5\u6bd2\u9084\u66f4\u65e9\u4f7f\u7528 EternalBlue\u3002\u53ea\u8981\u7cfb\u7d71\u8207\u7db2\u8def\u4e00\u5929\u4e0d\u4fee\u88dc\uff0c\u5c31\u6709\u6a5f\u6703\u518d\u5ea6\u53d7\u5230\u611f\u67d3\u3002<\/p>\n<blockquote><p><strong>\u300a\u5ef6\u4f38\u95b1\u8b80\u300b<\/strong><a href=\"https:\/\/blog.trendmicro.com.tw\/?p=51904\">\u7121\u6a94\u6848\u75c5\u6bd2\u653b\u64ca: \u65b0\u6578\u4f4d\u8ca8\u5e63\u63a1\u7926\u75c5\u6bd2, \u4e9e\u592a\u5340\u70ba\u91cd\u5ea6\u611f\u67d3\u5340,\u53f0\u7063\u6392\u540d\u7b2c\u4e09<\/a><\/p><\/blockquote>\n<p>&nbsp;<\/p>\n<p>\u5178\u578b\u7684\u7121\u6a94\u6848\u5f0f\u52a0\u5bc6\u865b\u64ec\u8ca8\u5e63\u6316\u7926\u60e1\u610f\u7a0b\u5f0f\u611f\u67d3\u904e\u7a0b\u5982\u4e0b\u5716\u6240\u793a\uff0c\u57fa\u672c\u4e0a\u5c31\u662f\u76f4\u63a5\u5c07\u60e1\u610f\u7a0b\u5f0f\u78bc\u8f09\u5165\u7cfb\u7d71\u8a18\u61b6\u9ad4\u7576\u4e2d\u3002\u60e1\u610f\u7a0b\u5f0f\u552f\u4e00\u7559\u4e0b\u7684\u611f\u67d3\u75d5\u8de1\u53ea\u6709\uff1a\u4e00\u500b\u60e1\u610f\u7684\u6279\u6b21\u57f7\u884c\u6a94\u3001\u4e00\u500b\u5b89\u88dd\u5230\u7cfb\u7d71\u4e0a\u7684 WMI \u670d\u52d9\uff0c\u4ee5\u53ca\u4e00\u500b PowerShell \u57f7\u884c\u6a94\u3002\u81f3\u65bc\u6563\u5e03\u7684\u65b9\u5f0f\uff0c\u6709\u4e9b\u60e1\u610f\u7a0b\u5f0f\u4f7f\u7528 EternalBlue \u6f0f\u6d1e\u653b\u64ca\u6280\u5de7\uff0c\u6709\u4e9b\u5247\u4f7f\u7528 Mimikatz \u4f86\u8490\u96c6\u4f7f\u7528\u8005\u7684\u767b\u5165\u6191\u8b49\uff0c\u7136\u5f8c\u518d\u767b\u5165\u7cfb\u7d71\uff0c\u4f46\u4e0d\u8ad6\u4f55\u7a2e\u65b9\u5f0f\uff0c\u6700\u5f8c\u90fd\u6703\u5c07\u96fb\u8166\u8b8a\u6210\u5176\u4e2d\u4e00\u500b\u6316\u7926\u7bc0\u9ede\u3002<\/p>\n<p>\u6f0f\u6d1e\u7684\u78ba\u662f\u52a0\u5bc6\u865b\u64ec\u8ca8\u5e63\u6316\u7926\u60e1\u610f\u7a0b\u5f0f\u9032\u5165\u7cfb\u7d71\u7684\u4e3b\u8981\u7ba1\u9053\u4e4b\u4e00\u3002\u9019\u4e00\u9ede\u5f9e\u6700\u8fd1 <a href=\"https:\/\/blog.trendmicro.com\/trendlabs-security-intelligence\/vulnerabilities-apache-couchdb-open-door-monero-miners\/\">Apache CouchDB<\/a> \u8cc7\u6599\u5eab\u7ba1\u7406\u7cfb\u7d71\u906d\u99ed\u5ba2\u8a66\u5716\u5165\u4fb5\u5373\u53ef\u8b49\u660e\u3002<a href=\"https:\/\/www.trendmicro.com\/vinfo\/us\/security\/news\/cybercrime-and-digital-threats\/tesla-and-jenkins-servers-fall-victim-to-cryptominers\">\u6b64\u5916\uff0c\u9060\u7aef\u5b58\u53d6\u6728\u99ac\u7a0b\u5f0f JenkinsMiner<\/a> \u4e5f\u6703\u6563\u5e03\u9580\u7f85\u5e63\u6316\u7926\u7a0b\u5f0f\uff0c\u4e26\u4e14\u5c08\u9580\u653b\u64ca Jenkins \u4f3a\u670d\u5668\uff0c\u5176\u5e55\u5f8c\u96c6\u5718\u64da\u7a31\u5df2\u958b\u63a1\u5230\u50f9\u503c\u8d85\u904e <a href=\"https:\/\/www.csoonline.com\/article\/3256314\/security\/hackers-exploit-jenkins-servers-make-3-million-by-mining-monero.html\">300 \u842c\u7f8e\u5143<\/a>\u7684\u9580\u7f85\u5e63\u3002<\/p>\n<figure class=\"thumbnail wp-caption alignnone\" style=\"width: 822px\"><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/blog.trendmicro.com\/trendlabs-security-intelligence\/files\/2018\/02\/cryptocurrency-mining-malware-4.gif\" alt=\"\u5178\u578b\u7684\u7121\u6a94\u6848\u5f0f\u52a0\u5bc6\u865b\u64ec\u8ca8\u5e63\u6316\u7926\u60e1\u610f\u7a0b\u5f0f\u611f\u67d3\u904e\u7a0b\u3002\" width=\"812\" height=\"570\" \/><figcaption class=\"caption wp-caption-text\">\u5716 4\uff1a\u5178\u578b\u7684\u7121\u6a94\u6848\u5f0f\u52a0\u5bc6\u865b\u64ec\u8ca8\u5e63\u6316\u7926\u60e1\u610f\u7a0b\u5f0f\u611f\u67d3\u904e\u7a0b\u3002<\/figcaption><\/figure>\n<h4>\u5982\u4f55\u9632\u7bc4\u52a0\u5bc6\u865b\u64ec\u8ca8\u5e63\u6316\u7926\u60e1\u610f\u7a0b\u5f0f?<\/h4>\n<p>\u4e26\u975e\u6240\u6709\u570b\u5bb6\u90fd\u7981\u6b62\u52a0\u5bc6\u865b\u64ec\u8ca8\u5e63\u6d41\u901a\uff0c\u81f3\u5c11<a href=\"https:\/\/poseidon01.ssrn.com\/delivery.php?ID=991004073021021072095000072102092091096025095076029067119003125024068092005000000072121042119015047112061082120067114004070005119066064011050071075024105119030002099046054032120014086112094029092102030069119096081027088090079127026094006020084066098127&amp;EXT=pdf\">\u67d0\u4e9b\u570b\u5bb6<\/a>\u5df2\u7d93\u958b\u653e\u3002\u9019\u4e9b\u8ca8\u5e63\u5118\u7ba1\u63a1\u7528\u5206\u6563\u5f0f\u67b6\u69cb\uff0c\u4f46\u4ecd\u6709\u4e00\u4e9b\u76e3\u7ba1\u6a5f\u5236\u53ef\u4ee5\u76e3\u7763\u5176\u4ea4\u6613\u7684\u5408\u6cd5\u6027\uff0c\u4e0d\u904e\uff0c\u85c9\u7531\u4e0d\u6cd5\u65b9\u5f0f\u4f86\u958b\u63a1\u9019\u4e9b\u8ca8\u5e63\u5247\u662f\u53e6\u4e00\u56de\u4e8b\u3002<\/p>\n<p>\u96d6\u7136\u52a0\u5bc6\u865b\u64ec\u8ca8\u5e63\u6316\u7926\u60e1\u610f\u7a0b\u5f0f\u7684\u885d\u64ca\u6216\u8a31\u4e0d\u50cf\u52d2\u7d22\u75c5\u6bd2\u90a3\u9ebc\u5bb9\u6613\u76f4\u63a5\u611f\u53d7\uff0c\u56b4\u91cd\u7a0b\u5ea6\u4e5f\u8f03\u8f15\uff0c\u4f46\u4ecd\u662f\u4e00\u9805\u5a01\u8105\u3002\u53bb\u5e74 12 \u6708\uff0c\u5c08\u9580\u958b\u63a1\u9580\u7f85\u5e63\u7684 Android \u60e1\u610f\u7a0b\u5f0f <a href=\"https:\/\/www.zdnet.com\/article\/this-crypto-mining-android-malware-is-so-demanding-it-burst-a-smartphone\/\">Loapi<\/a> \u5373\u8b49\u660e\u9019\u985e\u7a0b\u78ba\u5be6\u6709\u53ef\u80fd\u76f4\u63a5\u640d\u58de\u884c\u52d5\u88dd\u7f6e\u3002<\/p>\n<p>\u7136\u800c\u7db2\u8def\u72af\u7f6a\u96c6\u5718\u770b\u4e0a\u52a0\u5bc6\u865b\u64ec\u8ca8\u5e63\u6240\u5e36\u4f86\u7684\u5f71\u97ff\uff0c\u4e26\u975e\u53ea\u6709\u88dd\u7f6e\u7684\u8017\u640d\u6216\u96fb\u529b\u7684\u6d88\u8017\u3002\u9019\u540c\u6642\u4e5f\u610f\u5473\u8457\u96a8\u8457\u79d1\u6280\u65e5\u65b0\u6708\u7570\uff0c\u7db2\u8def\u72af\u7f6a\u5a01\u8105\u4e5f\u6703\u96a8\u4e4b\u6f14\u8b8a\u3002\u5c31\u5982\u540c\u52d2\u7d22\u75c5\u6bd2\u4e00\u6a23\uff0c\u6211\u5011\u9810\u6599\uff0c\u96a8\u8457\u52a0\u5bc6\u865b\u64ec\u8ca8\u5e63\u6316\u7926\u60e1\u610f\u7a0b\u5f0f\u7684\u9010\u6f38\u666e\u53ca\uff0c\u5b83\u5011\u4e5f\u5c07\u671d\u591a\u5143\u5316\u767c\u5c55\u4e26\u7d93\u7531\u5404\u5f0f\u5404\u6a23\u7684\u624b\u6cd5\u4f86\u611f\u67d3\u7cfb\u7d71\uff0c\u751a\u81f3\u5c07\u53d7\u5bb3\u8005\u8b8a\u6210\u5171\u72af\u7d50\u69cb\u4e4b\u4e00\u3002\u9019\u6b63\u7a81\u986f\u51fa\u7e31\u6df1\u9632\u79a6\u7684\u91cd\u8981\u6027\uff0c\u6b64\u5916\uff0c<a href=\"https:\/\/blog.trendmicro.com.tw\/?p=50380\">\u6700\u4f73\u5be6\u52d9\u539f\u5247\u4ee5\u53ca\u990a\u6210\u826f\u597d\u8cc7\u5b89\u7fd2\u6163<\/a>\u4e0d\u50c5\u5c0d<a href=\"https:\/\/www.trendmicro.com\/vinfo\/us\/security\/news\/cybercrime-and-digital-threats\/best-practices-securing-sysadmin-tools\">\u4f01\u696d<\/a>\u548c\u4e00\u822c\u4f7f\u7528\u8005\u4f86\u8aaa\u975e\u5e38\u91cd\u8981\uff0c\u5c0d\u65bc<a href=\"https:\/\/blog.trendmicro.com\/trendlabs-security-intelligence\/internet-things-ecosystem-broken-fix\/\">\u88dd\u7f6e<\/a>\u7684\u8a2d\u8a08\u3001\u88fd\u9020\u5546\u4f86\u8aaa\u4e5f\u540c\u6a23\u91cd\u8981\u3002<\/p>\n<figure class=\"thumbnail wp-caption alignnone\" style=\"width: 1443px\"><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/blog.trendmicro.com\/trendlabs-security-intelligence\/files\/2018\/02\/cryptocurrency-mining-malware-5.gif\" alt=\"\u8da8\u52e2\u79d1\u6280\u89e3\u6c7a\u65b9\u6848\u80fd\u4e3b\u52d5\u9632\u7bc4\u7121\u6a94\u6848\u5f0f\u52a0\u5bc6\u865b\u64ec\u8ca8\u5e63\u6316\u7926\u60e1\u610f\u7a0b\u5f0f\u3002\" width=\"1433\" height=\"574\" \/><figcaption class=\"caption wp-caption-text\">\u5716 5\uff1a\u8da8\u52e2\u79d1\u6280\u89e3\u6c7a\u65b9\u6848\u80fd\u4e3b\u52d5\u9632\u7bc4\u7121\u6a94\u6848\u5f0f\u52a0\u5bc6\u865b\u64ec\u8ca8\u5e63\u6316\u7926\u60e1\u610f\u7a0b\u5f0f\u3002<\/figcaption><\/figure>\n<p>\u8da8\u52e2\u79d1\u6280\u7684 <a href=\"https:\/\/t.rend.tw\/?i=NTAyMA\">XGen<\/a>\u5b89\u5168\u9632\u8b77\u878d\u5408\u4e86\u8de8\u4e16\u4ee3\u7684\u5a01\u8105\u9632\u79a6\u6280\u5de7\uff0c\u80fd\u9632\u6b62\u7cfb\u7d71\u611f\u67d3\u52a0\u5bc6\u865b\u64ec\u8ca8\u5e63\u6316\u7926\u60e1\u610f\u7a0b\u5f0f\u3002\u5b83\u85c9\u7531\u9ad8\u6e96\u5ea6\u7684\u6a5f\u5668\u5b78\u7fd2\u4f86\u4fdd\u8b77<a href=\"https:\/\/www.trendmicro.com\/us\/business\/complete-user-protection\/index.html\">\u9598\u9053<\/a>\u8207<a href=\"https:\/\/www.trendmicro.com\/us\/enterprise\/product-security\/vulnerability-protection\/\">\u7aef\u9ede<\/a>\uff0c\u4e26\u4fdd\u8b77\u5be6\u9ad4\u3001\u865b\u64ec\u53ca\u96f2\u7aef\u5de5\u4f5c\u8ca0\u8f09\u3002XGen&#x2122; \u80fd\u85c9\u7531\u7db2\u7ad9\/\u7db2\u5740\u904e\u6ffe\u3001\u884c\u70ba\u5206\u6790\u53ca\u5ba2\u88fd\u5316\u6c99\u76d2\u6a21\u64ec\u5206\u6790\uff0c\u4f86\u9632\u7bc4\u4eca\u65e5\u91dd\u5c0d\u4f01\u696d\u7684\u5a01\u8105\uff0c\u9019\u4e9b\u5a01\u8105\u4e0d\u50c5\u80fd\u907f\u958b\u50b3\u7d71\u8cc7\u5b89\u9632\u79a6\uff0c\u66f4\u80fd\u5229\u7528\u5df2\u77e5\u3001\u672a\u77e5\u6216\u5c1a\u672a\u516c\u958b\u7684\u6f0f\u6d1e\uff0c\u7aca\u53d6\u500b\u4eba\u8eab\u5206\u8b58\u5225\u8cc7\u8a0a\u6216\u57f7\u884c\u4e0d\u8096\u7684\u6316\u7926\u7a0b\u5f0f\u3002\u8070\u660e\u3001\u6700\u4f73\u5316\u3001\u74b0\u74b0\u76f8\u6263\u7684 XGen&#x2122; \u662f\u8da8\u52e2\u79d1\u6280 <a href=\"https:\/\/www.trendmicro.com\/en_us\/business\/products\/hybrid-cloud\/deep-security-for-cloud.html\">Hybrid Cloud Security<\/a> \u6df7\u5408\u96f2\u9632\u8b77\u3001<a href=\"https:\/\/www.trendmicro.com\/en_us\/business\/products\/user-protection.html\">User Protection<\/a> \u4f7f\u7528\u8005\u9632\u8b77\u4ee5\u53ca <a href=\"https:\/\/www.trendmicro.com\/en_us\/business\/products\/network.html\">Network Defense<\/a> \u7db2\u8def\u9632\u79a6\u7b49\u89e3\u6c7a\u65b9\u6848\u7684\u6280\u8853\u57fa\u790e\u3002<\/p>\n<p>\u539f\u6587\u51fa\u8655\uff1a<a href=\"https:\/\/blog.trendmicro.com\/trendlabs-security-intelligence\/cryptocurrency-mining-malware-2018-new-menace\/\">Cryptocurrency-Mining Malware: 2018\u2019s New Menace?<\/a> \u4f5c\u8005\uff1a<a href=\"https:\/\/blog.trendmicro.com\/trendlabs-security-intelligence\/author\/menard-osena\/\">Menard Osena (\u8cc7\u6df1\u7522\u54c1\u7d93\u7406)<\/a><\/p>\n<p>&nbsp;<\/p>\n<p><strong>\u300a\u5ef6\u4f38\u95b1\u8b80 \u300b<\/strong><\/p>\n<p><a href=\"https:\/\/blog.trendmicro.com.tw\/?p=54521\">&lt; \u865b\u64ec\u8ca8\u5e63\u653b\u64ca &gt; \u507d\u88dd\u7375\u4eba\u982d\u516c\u53f8\u7684\u91e3\u9b5a\u90f5\u4ef6,\u9396\u5b9a\u9280\u884c\u9ad8\u968e\u4e3b\u7ba1<\/a><\/p>\n<p><a href=\"https:\/\/blog.trendmicro.com.tw\/?p=54680\">\u201c\u4f60\u7684\u5b57\u578b\u9700\u8981\u66f4\u65b0\u201d \u201c\u95dc\u9589\u7db2\u9801\u5f8c,\u7adf\u9084\u7e7c\u7e8c\u6316\u7926?\u201d \u9019\u4e9b\u9a19\u8853\u8b93\u4f60\u7684\u96fb\u8166\u505a\u725b\u505a\u99ac\u5e6b\u4ed6\u4eba\u8cfa\u5916\u5feb !<\/a><\/p>\n<p><a href=\"https:\/\/t.rend.tw\/?i=NjA0MQ\">\u8da8\u52e2\u79d1\u6280 PC-cillin 2018 \u9632\u6bd2\u8edf\u9ad4\u96f2\u7aef\u7248\u597d\u5f37\u5927\uff01\u8ddf\u5077\u6316\u7926\u3001\u52d2\u7d22\u75c5\u6bd2\u8aaa\u63b0\u63b0<\/a><\/p>\n<p>PC-cillin \u96f2\u7aef\u7248&#x1f534;\u9632\u7bc4\u52d2\u7d22 &#x1f534;\u4fdd\u8b77\u500b\u8cc7 \u2713\u624b\u6a5f\u2713\u96fb\u8166\u2713\u5e73\u677f\uff0c\u8de8\u5e73\u53f0\u9632\u8b77\uff13\u5230\u4f4d<br \/>\n<a href=\"https:\/\/t.rend.tw\/?i=NjA2MQ\"><img decoding=\"async\" class=\"lazy lazy-loaded\" src=\"https:\/\/blog.trendmicro.com.tw\/wp-content\/uploads\/2015\/08\/Windows10Banner-540x90v5.gif\" data-lazy-type=\"image\" data-lazy-src=\"https:\/\/blog.trendmicro.com.tw\/wp-content\/uploads\/2015\/08\/Windows10Banner-540x90v5.gif\" \/><\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>\u865b\u64ec\u8ca8\u5e63\u6316\u7926\u60e1\u610f\u7a0b\u5f0f\u6703\u4e0d\u6703\u6210\u70ba\u4e0b\u4e00\u500b\u52d2\u7d22\u75c5\u6bd2\uff1f\u96a8\u8457\u52a0\u5bc6\u865b\u64ec\u8ca8\u5e63\u5728\u771f\u5be6\u4e16\u754c\u9010\u6f38\u6d41\u884c\u4e14\u6f38\u5f62\u91cd\u8981\uff0c\u9019\u985e\u8ca8\u5e63\u5728\u7db2\u8def\u72af\u7f6a [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":"","_wpscppro_dont_share_socialmedia":false,"_wpscppro_custom_social_share_image":0,"_facebook_share_type":"","_twitter_share_type":"","_linkedin_share_type":"","_pinterest_share_type":"","_linkedin_share_type_page":"","_instagram_share_type":"","_medium_share_type":"","_threads_share_type":"","_google_business_share_type":"","_selected_social_profile":[],"_wpsp_enable_custom_social_template":false,"_wpsp_social_scheduling":{"enabled":false,"datetime":null,"platforms":[],"status":"template_only","dateOption":"today","timeOption":"now","customDays":"","customHours":"","customDate":"","customTime":"","schedulingType":"absolute"},"_wpsp_active_default_template":true},"categories":[3373,3603,3647],"tags":[3575,3563,3723],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/blog.trendmicro.com.tw\/index.php?rest_route=\/wp\/v2\/posts\/54852"}],"collection":[{"href":"https:\/\/blog.trendmicro.com.tw\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blog.trendmicro.com.tw\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blog.trendmicro.com.tw\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/blog.trendmicro.com.tw\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=54852"}],"version-history":[{"count":0,"href":"https:\/\/blog.trendmicro.com.tw\/index.php?rest_route=\/wp\/v2\/posts\/54852\/revisions"}],"wp:attachment":[{"href":"https:\/\/blog.trendmicro.com.tw\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=54852"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blog.trendmicro.com.tw\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=54852"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blog.trendmicro.com.tw\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=54852"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}