[{"@context":"https:\/\/schema.org\/","@type":"Article","@id":"https:\/\/www.ecr-cz.cz\/novorocni-utocnik\/#Article","mainEntityOfPage":"https:\/\/www.ecr-cz.cz\/novorocni-utocnik\/","headline":"Novoro\u010dn\u00ed \u00fato\u010dn\u00edk","name":"Novoro\u010dn\u00ed \u00fato\u010dn\u00edk","description":"\u0158eknete si, \u017ee takov\u00fdch vir\u016f tu bylo ji\u017e hromady a v\u017edy se to n\u011bjak dalo. V\u017edy\u0165 po\u010d\u00edta\u010d je pln\u00fd softwaru, kter\u00fd m\u016f\u017ee m\u00edt n\u011bkde slab\u00e9","datePublished":"2023-05-17","dateModified":"2023-05-17","author":{"@type":"Person","@id":"https:\/\/www.ecr-cz.cz\/author\/devene\/#Person","name":"devene","url":"https:\/\/www.ecr-cz.cz\/author\/devene\/","identifier":1,"image":{"@type":"ImageObject","@id":"https:\/\/secure.gravatar.com\/avatar\/69bd9b72104e3ccfb6214cbd23cb226f96c6ecf33a2a351fa1d4682235118df3?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/69bd9b72104e3ccfb6214cbd23cb226f96c6ecf33a2a351fa1d4682235118df3?s=96&d=mm&r=g","height":96,"width":96}},"publisher":{"@type":"Organization","name":"ecr-cz.cz","logo":{"@type":"ImageObject","@id":"\/logo.png","url":"\/logo.png","width":600,"height":60}},"image":{"@type":"ImageObject","@id":"https:\/\/www.ecr-cz.cz\/wp-content\/uploads\/img_a334271_w2729_t1547927186.png","url":"https:\/\/www.ecr-cz.cz\/wp-content\/uploads\/img_a334271_w2729_t1547927186.png","height":0,"width":0},"url":"https:\/\/www.ecr-cz.cz\/novorocni-utocnik\/","wordCount":411,"articleBody":"\u0158eknete si, \u017ee takov\u00fdch vir\u016f tu bylo ji\u017e hromady a v\u017edy se to n\u011bjak dalo. V\u017edy\u0165 po\u010d\u00edta\u010d je pln\u00fd softwaru, kter\u00fd m\u016f\u017ee m\u00edt n\u011bkde slab\u00e9 m\u00edsto a pir\u00e1ti jej na\u0161li. Vir se zachytil, smazal, a byl pokoj. Nu, ov\u0161em nyn\u00ed jde o n\u011bco zcela jin\u00e9ho a zcela nov\u00e9ho. Tento malware m\u00e1 toti\u017e jednu zvl\u00e1\u0161tnost, kter\u00e1 jej \u0159ad\u00ed mezi ty nejhor\u0161\u00ed potvory, kter\u00e9 mohou po\u010d\u00edta\u010d napadnout.Tento se toti\u017e neusad\u00ed do softwaru a t\u00edm m\u00e9n\u011b do po\u010d\u00edta\u010de jako takov\u00e9ho. Kdepak. Usad\u00ed se p\u0159\u00edmo ve firmwaru, a to je prakticky konec.Tento perzistentn\u00ed rootkit dostal jm\u00e9no Lojax. On toti\u017e existuje soft jm\u00e9nem Lojack, kter\u00fd m\u00e1 zabr\u00e1nit ukraden\u00ed va\u0161eho po\u010d\u00edta\u010de.K v\u00e1m se vir dostane p\u0159es pishingov\u00fd mail a usad\u00ed se a\u017e p\u0159\u00edmo v BIOSu. N\u00e1sledn\u011b za\u00fato\u010d\u00ed na ovlada\u010de UEFI. To je nov\u011bj\u0161\u00ed verze d\u0159\u00edv\u011bj\u0161\u00edho standardu. A tam vlastn\u011b za\u010dne svou pr\u00e1ci. UEFI m\u00e1 toti\u017e sv\u00e9 vlastn\u00ed dal\u0161\u00ed ovlada\u010de, kter\u00e9 \u0159\u00edkaj\u00ed, co se m\u00e1 d\u011blat p\u0159i startu va\u0161eho stroje.Je pravd\u011bpodobn\u00e9, \u017ee jde o v\u016fbec prvn\u00ed malware, kter\u00fd dok\u00e1\u017ee do UEFI \u0161oupnout nen\u00e1padn\u011b rootkit.Ochrana? Zat\u00edm je to velmi \u0161patn\u00e9. Vlastn\u011b \u017e\u00e1dn\u00e1, jedin\u011b p\u0159epis cel\u00e9ho firmwaru. Vir se toti\u017e \u0161patn\u011b hled\u00e1, a je\u0161t\u011b h\u016f\u0159e likviduje.Psalo se o tom, \u017ee neum\u00ed \u201evl\u00e9zt\u201c na disky, za\u0161ifrovan\u00fdmi BitLockerem, ov\u0161em pokud se toto auto\u0159i dozv\u011bd\u011bli, jist\u011b jej ji\u017e mohli upravit, aby to nebyl probl\u00e9m.Hodn\u011b se spekulovalo a autorech. Pr\u00fd m\u011blo j\u00edt \u00fadajn\u011b o rusk\u00e9 tajn\u00e9 slu\u017eby, ale nikdo to nepotvrdil. Pou\u017e\u00edv\u00e1 je pr\u00fd hackersk\u00e1 skupina Fancy Bear, nebo Sednit. Ale ani zde nebylo ofici\u00e1ln\u011b nic potvrzeno, co\u017e je v\u00edce m\u00e9n\u011b pochopiteln\u00e9.Na z\u00e1v\u011br tro\u0161ku pro laiky, toti\u017e jak se vyhnout t\u00e9to potvo\u0159e. Jak jsem zm\u00ednil, m\u016f\u017ee k v\u00e1m dorazit pishingem a proto nikdy neklikejte na exe soubory a ani na p\u0159\u00edlohy v mailech, ke kter\u00fdm m\u00e1te jen \u0161petku ned\u016fv\u011bry. Tyto maily rad\u011bji ani neotev\u00edrejte a ihned je zd\u00e1lky mrskn\u011bte do ko\u0161e.Nezb\u00fdv\u00e1 ne\u017e v\u00e1m pop\u0159\u00e1t, abyste se s t\u00edmto \u00fato\u010dn\u00edkem nesetkali v\u016fbec.                                                                                                                                                                                                                                                                                                                                                                                                "},{"@context":"https:\/\/schema.org\/","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Novoro\u010dn\u00ed \u00fato\u010dn\u00edk","item":"https:\/\/www.ecr-cz.cz\/novorocni-utocnik\/#breadcrumbitem"}]}]