手机被入侵有什么征兆

tech2022-08-19  8

手机被入侵有什么征兆

This post was originally published by Oliver Sild on Medium and reposted here with his permission. If you like it, why not go over there and give him some ❤️?

该帖子最初由Oliver Sild在Medium上发布,并在他的允许下在此转发。 如果喜欢,为什么不去那给他一些❤️?



You are an entrepreneur, manager or a marketing pro responsible for the website in a company which is simply meant as a digital business card to introduce the company, its services, and the latest news. Not including any state secrets, right.. so why are they still doing this?

您是负责公司网站的企业家,经理或市场营销专业人士,简称为数字名片,用于介绍公司,其服务和最新消息。 不包括任何国家机密,对..那么他们为什么仍然这样做呢?

赚钱(很多钱)。 (Making money (a lot of money).)

Yes, even a small website hack can generate a substantial amount of money. Cyber criminals can make money with your compromised website by distributing malware, SEO spam, and even set up e-mail spam servers and phishing sites. Money is obviously the most common motivation behind the attacks.

是的,即使是很小的网站黑客攻击也可以产生大量金钱。 网络罪犯可以通过分发恶意软件,SEO垃圾邮件,甚至设置电子邮件垃圾邮件服务器和网络钓鱼站点,来利用受感染网站赚钱。 金钱显然是攻击背后最常见的动机。

SEO垃圾邮件 (SEO Spam)

Screenshot of a pharma-scam from an infected website.

来自受感染网站的pharma骗局的屏幕快照。

This type of spam is making a lot of money. Injecting backlinks and spam to a legitimate sites remains one of the most profitable and popular types of website attacks.

这种垃圾邮件赚了很多钱。 向合法站点注入反向链接和垃圾邮件仍然是最赚钱和最受欢迎的网站攻击类型之一。

After the website has been compromised, a malicious backdoor will be uploaded to the website which gives the attacker the ability to invisibly redirect your visitors to their scam sites any time they want.

网站遭到入侵后,恶意后门将被上载到网站,这使攻击者能够随时根据需要将访问者无形地重定向到他们的欺诈站点。

Apart from generating money for the hacker, your website gets a penalty from search engines, which will ruin your SEO.

除了为黑客赚钱之外,您的网站还受到搜索引擎的罚款,这将破坏您的SEO。

The scam has been traced back to organized crime syndicates operating in what is estimated to be a 431 billion dollar, and growing, market. Its scale, and the danger counterfeit drugs pose to the public health, prompted repeat action from FDA, Interpol, among others. — Incapsula

该骗局可以追溯到有组织的犯罪集团,其市场规模 估计为4,310亿美元,而且这个市场还在不断增长。 它的规模以及假冒药品对公众健康的危害,促使FDA,国际刑警组织(Interpol)等采取了重复行动 。 — 封装

恶意软件 (Malware)

Malware sample from a hacked website.

来自被黑网站的恶意软件样本。

It’s possible to have your operating system, browser, plugins, and applications exposed to exploits looking for vulnerabilities just by visiting an unsafe website. SophosLabs sees tens of thousands of new URLs every day containing drive-by downloads. — Sophoslabs

仅通过访问不安全的网站,就有可能使您的操作系统,浏览器,插件和应用程序暴露于利用漏洞的漏洞中。 SophosLabs每天看到成千上万的新URL,其中包含偷渡式下载。 — Sophoslabs

Yes, it’s the worst case scenario, but your website can be used to infect visitors with ransomware. Between 2014 and 2016 over 100 000 WordPress and Joomla! sites were redirecting visitors to the Neutrino Exploit Kit, which tried to penetrate the browser on the visitor’s computer and when being successful, infected the operating system with CryptXXX ransomware.

是的,这是最坏的情况,但是您的网站可以用来利用勒索软件感染访客。 在2014年至2016年之间,超过100,000个WordPress和Joomla! 网站将访客重定向到Neutrino Exploit Kit,该套件试图渗透访客计算机上的浏览器,成功后,便用CryptXXX勒索软件感染了操作系统。

It’s also a billion dollar market: http://www.nbcnews.com/tech/security/ransomware-now-billion-dollar-year-crime-growing-n704646

这也是一个十亿美元的市场: http : //www.nbcnews.com/tech/security/ransomware-now-billion-dollar-year-crime-growing-n704646

It’s growing, too: according to the latest volume of the Internet Security Threat Report:

它也在增长:根据最新版的《 互联网安全威胁报告》 :

$1,077 = Average amount of money demanded per person in 2016

1,077美元= 2016年每人平均所需资金 $294 = Average amount of money demanded per person in 2015

$ 294 = 2015年每人平均所需资金

There are many other ways to make money with malware. For example, hacked websites can be connected into a large botnet, which then can be used to provide a DDoS service to attack other sites and web services.

还有许多其他方法可以利用恶意软件赚钱。 例如,被黑客入侵的网站可以连接到一个大型僵尸网络中,然后该僵尸网络可以用于提供DDoS服务来攻击其他站点和Web服务。

然后有这些人... (And Then There Are These Guys…)

Angry penguin on a Russian website.

在俄国网站上的恼怒的企鹅。

Vandals, script kiddies, defacers who test their skills and love to show it off on hacking forums and compete with the fanciest defacement. Luckily, these kinds of attacks are usually the easiest to detect and fix.

破坏者,脚本小子,破坏者,他们测试自己的技能,并喜欢在黑客论坛上炫耀自己的技能,并与最愚蠢的冒牌竞争。 幸运的是,这类攻击通常最容易检测和修复。

You can find defaced websites on mirror sites, where defacers actively post their new victims.

您可以在镜像站点上找到污损的网站,污损者会在其中积极发布新的受害者。

这就是现实! 你知道他们有什么共同点吗? (Here’s the reality! Do you know what they all have in common?)

Attacks are automated! This is a critical element as there’s a common misconception on how attacks are being executed.

攻击是自动的! 这是至关重要的元素,因为对于如何执行攻击有一个普遍的误解。

这是您的网站被黑客入侵的示例: (Here’s an Example of How Your Website Gets Hacked:)

Hacker with evil intentions begins with making a list of targets by country and special fingerprinting (Google Dorking). He can use (automated tools available) Google to find every website in the Czech Republic with the default WordPress page “Hello World” like this: site:.cz inurl:/hello-world/. See for yourself.

怀有恶意的黑客始于按国家和特殊指纹(Google Dorking)列出目标列表。 他可以使用Google(可用的自动工具)使用默认的WordPress页面“ Hello World”查找捷克共和国的每个网站,例如: site:.cz inurl:/hello-world/ 。 自己看看 。

Now, with the list of over 5000 WordPress sites, there are many possibilities. He could start fingerprinting (automated) specific vulnerable (oudated) software and try to bruteforce the admin account with different combinations (also automated). This is the step where he can already have the access to a lot of sites (most of the sites are not frequently updated and lack security measures).

现在,拥有超过5000个WordPress网站的列表,有很多可能性。 他可以开始对特定的易受攻击的(过时的)软件进行指纹识别(自动),并尝试使用不同的组合(也可以自动)对管理员帐户进行暴力破解。 这是他已经可以访问许多站点的步骤(大多数站点都不经常更新并且缺乏安全措施)。

As the last step, it’s all about infecting and using the site as the attacker wishes (khm.. also automated).

最后一步,就是按照攻击者的意愿感染和使用该网站(khm ..也是自动的)。

一切都是自动化的-攻击者可能从未访问过该网站或亲眼目睹了该网站,从而入侵了您的网站。 (Everything Is Automated – the Attacker Might Have Hacked Your Website without Ever Visiting the Site or Seeing It with Their Own Eyes.)

And yes, you should worry about it! Keep in mind that similarly to the abandoned buildings that get freaky graffiti and tags in dark corners — it’s just a matter of time when your website will get defaced and infected with malware if you don’t have basic maintenance, security measures and proper monitoring in place.

是的,您应该为此担心! 请记住,就像废弃的建筑物在黑暗的角落里出现怪异的涂鸦和标签一样,如果您没有基本的维护,安全措施和适当的监控,则您的网站将遭到污损和感染恶意软件只是时间问题地点。

好吧好吧..但是问题有多大? (Ok, ok.. But how big is the problem?)

To find out, who better than Google to say what’s going on on the web:

要找出答案,谁会比Google更好地说出网络上发生了什么:

Here’s what Google released on their blog at the end of march 2017:

以下是Google在2017年3月底在其博客上发布的内容:

We’ve seen an increase in the number of hacked sites by approximately 32% in 2016 compared to 2015. We don’t expect this trend to slow down. —Google

与2015年相比,2016年被黑客入侵的网站数量增加了约32%。我们预计这种趋势不会放缓。 — Google

Since there is almost a 1/3 chance that your website is running on WordPress, you should already know that 2017 didn’t even start with a positive tone. Even WiFi routers can hack your website.

由于您的网站在WordPress上运行的可能性几乎为1/3,因此您应该已经知道2017年甚至没有一个积极的基调 。 甚至WiFi路由器也可以入侵您的网站 。

I won’t get into a lot of statistics here, but if you have a WordPress site, you can get some tips from my previous article.

在这里,我不会涉及很多统计数据,但是,如果您有WordPress网站,则可以从上一篇文章中获得一些提示。

Your website is the face of your company on the web, protect it!

您的网站是您公司在网络上的形象,请加以保护!

Loved the article? Help us spread the awareness by sharing it and heading over to the Medium original to give it some love – there’s even a free website monitoring trial waiting for you there!

喜欢这篇文章吗? 通过与他人分享并转到“ 中号”原著上来给予一些爱,帮助我们传播意识–那里甚至有免费的网站监视试用版等待着您!

Stay safe!

注意安全!

翻译自: https://www.sitepoint.com/someone-hack-small-business-website/

手机被入侵有什么征兆

最新回复(0)