Tojsiab
Rockstar Games-tus tsim tawm ntawm Grand Theft Auto series nrov ntawm kev ua si video-yog hacked tsuas yog ob hnub tom qab caij tsheb loj heev Uber cov servers tau tsom mus rau qhov ua txhaum cai zoo sib xws, qhia los ntawm tib tus neeg nyiag nkas uas siv cov txheej txheem hu ua social engineering, hom kev tawm tsam zoo heev uas tso siab rau kev dag ntxias cov neeg ua haujlwm ntawm lub tuam txhab phiaj xwm thiab tuaj yeem nyuaj rau kev tiv thaiv. tawm tsam.
Ib tus tub ntxhais hluas hacker tau liam tias tau ua txhaum cov ntaub ntawv sab hauv ntawm Rockstar Games thiab xau … [+]
AFP ntawm Getty Dluab
Cov Lus Tseem Ceeb
Zoo ib yam li cov Uber hack, tus hacker uas mus los ntawm lub npe "TeaPot" liam tias nws tau nkag mus rau Rockstar Games 'cov lus sab hauv ntawm Slack thiab cov cai ntxov rau lawv qhov tsis tau tshaj tawm Grand Theft Auto sequel los ntawm nkag mus rau tus neeg ua haujlwm tus ID nkag mus daim ntawv pov thawj.
Thaum cov ntsiab lus tseeb ntawm Rockstar ua txhaum cai tsis meej, hauv Uber qhov xwm txheej tus neeg nyiag khoom thov nws masqueraded ua ib lub tuam txhab IT neeg thiab ntxias ib tug neeg ua hauj lwm qhia lawv tus ID nkag mus daim ntawv pov thawj.
Tsis zoo li lwm hom kev tawm tsam uas tso siab rau qhov tsis zoo hauv lub tuam txhab kev ruaj ntseg architecture, social engineering tsom rau tib neeg thiab tso siab rau kev tswj hwm thiab kev dag ntxias.
Kws txawj sib cav sib ceg tias tib neeg tseem nyob hauv "kev sib txuas tsis muaj zog tshaj plaws" hauv cybersecurity vim lawv tuaj yeem raug ntxias tau yooj yim los nyem rau ntawm qhov tsis zoo los yog qhia lawv cov ntawv pov thawj nkag.
Tsis zoo li lwm txoj hauv kev, social engineering kuj tseem muaj txiaj ntsig hauv kev kov yeej qee yam kev txhim kho kev ntsuas kev ruaj ntseg zoo li ib-lub sij hawm passwords thiab lwm yam multifactor authentication txoj kev.
Kev Nkag Siab Hais
Rachel Tobac, CEO ntawm cybersecurity firm SocialProof Security thiab tus kws tshaj lij ntawm social engineering tweeted: “Qhov tseeb nyuaj yog tias feem ntau [cov koom haum]
nyob rau hauv lub ntiaj teb no yuav raug hacked raws li qhov tseeb Uber tsuas yog hacked…Ntau [cov koom haum] tseem tsis siv [Multi Factor Authentication] nyob rau hauv… intruder nkag mus rau hauv). "
Tus Keeb Kwm Tseem Ceeb
Social engineering tau siv los ua ntau qhov kev tshaj lij hacks hauv xyoo tas los no, suav nrog txhoj puab ntawm ntau dua 100 tus account Twitter tseem ceeb - ntawm lawv Elon Musk, yav dhau los Thawj Tswj Hwm Barack Obama, Bill Gates thiab Kanye West - uas tau siv los txhawb kev dag ntxias bitcoin. Cov hacks tau ua los ntawm cov tub ntxhais hluas uas tau tswj kom nkag mus rau Twitter lub network sab hauv los ntawm kev tsom mus rau "cov neeg ua haujlwm tsawg" raws li lub tuam txhab social media. Lub hli tas los, ob qho tib si Cloudflare thiab Twilio kuj tau tsom mus rau hauv hom kev tawm tsam kev sib raug zoo hu ua "phishing" uas cov neeg ua haujlwm raug ntxias kom qhib cov lus uas tau zais kom tshwm sim raws li kev sib txuas lus hauv tuam txhab raug cai tab sis suav nrog kev sib txuas tsis zoo. Twilio, uas muab kev xa xov thiab ob qhov kev lees paub qhov tseeb, qhia tawm tias cov hackers tau tswj kom ua txhaum lub tuam txhab cov ntaub ntawv sab hauv thiab tau txais kev nkag mus rau cov neeg siv nyiaj tsis tau tshaj tawm. Cloudflare, ib qho kev xa khoom hauv online, sau tseg cov hackers tsis tuaj yeem nkag mus rau nws lub network sab hauv.
Contra
Tsis zoo li Twilio, Uber thiab Rockstar, uas muaj lawv cov kev ua txhaum cai sab hauv, Cloudflare tau tswj kom tsis txhob muaj txoj hmoo vim nws siv. hardware-based security keys. Tsis zoo li lwm yam kev lees paub ntau yam xws li cov ntawv xov xwm thiab cov passwords ib zaug, cov yuam sij kho vajtse muaj kev nyab xeeb ntau dua rau kev tawm tsam kev sib raug zoo. Ib tus neeg ua haujlwm raug teeb tsa tuaj yeem raug dag kom sib qhia cov ntsiab lus ntawm cov ntawv xov xwm lossis tus password ib zaug tab sis tus neeg nyiag nkag yuav tsum tau txais lub cev muaj tus yuam sij kho vajtse kom nkag mus rau tus account. Kho vajtse ruaj ntseg yuam sij tuaj nyob rau hauv ntau yam ntaub ntawv xws li USB sticks los yog Bluetooth dongles thiab lawv yuav tsum tau ntsaws rau hauv los yog txuas nrog ib tug ntaus ntawv uas yog sim kom nkag tau mus rau ib tug tiv thaiv account. Hackers uas tau txais kev nkag mus rau cov neeg ua haujlwm daim ntawv pov thawj yuav tsis tuaj yeem nkag mus rau lawv cov nyiaj uas siv daim ntawv pov thawj no yam tsis muaj lub cev nkag mus rau lawv cov yuam sij. Hauv 2018, Google tshaj tawm tias tsis muaj ib qho ntawm nws 85,000 tau ua tiav lub hom phiaj los ntawm kev tawm tsam phishing tom qab nws tau yuam kom siv cov yuam sij kev nyab xeeb lub cev ib xyoos dhau los.
Tus lej Loj
323,972 ib. Qhov ntawd yog tag nrho cov kev tsis txaus siab ntawm social engineering kev tawm tsam tau txais los ntawm FBI hauv 2021 - yuav luag peb npaug ntau dua li qhov nws nyob hauv 2019 - raws li lub koom haum txhua xyoo. Internet Kev Ua Phem Txhaum Cai. Thaum lub sijhawm no, hackers tswj tau nyiag tag nrho ntawm $ 2.4 nphom los ntawm kev cuam tshuam kev lag luam email account los ntawm social engineering cov txheej txheem.
Dab Tsi Los Saib
Bloomberg's Jason Schreier tau kwv yees qhov tsis ntev los no hack yuav ua rau Rockstar mus qhov chaw txwv ntawm kev ua haujlwm nyob deb. Cov kws tshaj lij cybersecurity muaj yav dhau los sib cav tias kev ua haujlwm nyob deb yuav xav tau kev ceev faj ntxiv vim nws ua rau cov neeg ua haujlwm muaj kev cuam tshuam ntau dua rau kev tawm tsam social engineering.
ntxiv nyeem ntawv
Uber hais tias nws tau teb rau 'Cybersecurity Incident' Tom qab liam Hack ntawm Internal Databases (Forbes)
Uber Hacker thov kom muaj Hacked Rockstar Games, tso GTA 6 cov yeeb yaj kiab (Forbes)
FBI Probes Uber & GTA 6 Hacks, UK Cov Hluas Extortion Gang Leader Suspected (Forbes)
Tau qhov twg los: https://www.forbes.com/sites/siladityaray/2022/09/20/social-engineering-how-a-teen-hacker-allegedly-managed-to-breach-both-uber-and-rockstar- ua si/