Riaan Iqembu lezigelekeqe lika-BianLian lilahla umzila wesihlengo wokubethela-futhi-okufunayo futhi esikhundleni salokho lifuna ukuqolwa ngokugcwele.
Inkampani yeCybersecurity i-Avast khulula ngoJanuwari we-decryptor yamahhala yezisulu ze-BianLian ngokusobala waqinisekisa ababi ukuthi lalingekho ikusasa labo ohlangothini lwe-ransomware yezinto nokuthi ukuphanga okumsulwa kwakuyindlela yokuhamba.
“Esikhundleni sokulandela imodeli evamile yokuqola okukabili yokubethela amafayela nokusongela ngokuputshuka kwedatha, siye sabona u-BianLian ekhetha ukuyeka ukubethela idatha yezisulu futhi esikhundleni salokho agxile ekuqinisekiseni izisulu ukuthi zikhokhe kuphela zisebenzisa isidingo sokuqola ukuze sibuyisele ukuthula kuka-BianLian, “Abacwaningi abasongela inkampani ye-cybersecurity Redacted babhale ku- umbiko.
Inani elikhulayo lamaqembu e-ransomware ukushintsha ekuthembeleni kakhulu ekukhwabaniseni kunokubethelwa kwedatha. Kodwa-ke, kubonakala sengathi umfutho waleli qembu lezigelekeqe bekulelo thuluzi le-Avast.
Ngenkathi isitolo sezokuphepha sikhipha i-decryptor, iqembu le-BianLian emyalezweni endaweni yalo evuzayo laqhosha ngokuthi lenze izihluthulelo ezihlukile zesisulu ngasinye, ukuthi ithuluzi le-Avast lokukhipha ukubethela lalisekelwe ekwakhiweni kwe-malware kusukela ehlobo lika-2022, nokuthi ingabe amafayela onakalise ukufa abethelwe ezinye izakhiwo.
Umlayezo usuyehlisiwe futhi u-BianLian washintsha amanye amaqhinga akhe. Lokho akubandakanyi nje ukuqhela ekuhlengeni idatha, kodwa nokuthi abahlaseli bathumela kanjani imininingwane efihlekile yezisulu endaweni yabo yokuputshuka ukuze bafakazele ukuthi banedatha esandleni ngethemba lokuqhubeka nokugqugquzela izisulu ukuthi zikhokhe.
Ukufihla imininingwane yesisulu
Lelo qhinga lalisendaweni yabo yezikhali ngaphambi kokuba kutholakale ithuluzi le-decryptor, kodwa “ukusetshenziswa kweqembu kwalolu hlelo kuqhume ngemva kokukhululwa kwethuluzi,” abacwaningi abalungisiwe uLauren Fievisohn, uBrad Pittack, noDanny Quist, umqondisi wamaphrojekthi akhethekile, babhala.
Phakathi kukaJulayi 2022 maphakathi noJanuwari, u-BianLian uthumele imininingwane efihlekile ebalelwa ku-16% wezinto ezithunyelwe endaweni yokuputshuka kweqembu. Ezinyangeni ezimbili kusukela kukhululwe i-decryptor, imininingwane yezisulu ezifihle ubuso yayikumaphesenti angama-53 wezinto ezithunyelwe. Baphinde bathola imininingwane efihliwe endaweni evuzayo ngokushesha okukhulu, kwesinye isikhathi phakathi namahora angama-48 okuyekethisa.
Leli qembu nalo lenza ucwaningo lwalo futhi liya ngokuya livumelanisa imiyalezo yalo nezisulu ukuze lenyuse ingcindezi ezinhlanganweni. Eminye yemilayezo yenza izinkomba ezindabeni zomthetho nezokulawula ezibhekene nezinhlangano uma ukwephulwa kwedatha kuba sesidlangalaleni, nemithetho ekhonjiwe ibonakala ihambelana nendawo lapho isisulu sikhona.
“Ngalokhu kushintshwa kwamaqhinga, indawo evuzayo enokwethenjelwa, kanye nokwenyuka kwejubane lokuputshuka kwedatha yezisulu, kubonakala sengathi izinkinga zangaphambilini zokungakwazi kuka-BianLian ukuphatha uhlangothi lwebhizinisi lomkhankaso we-ransomware kubonakala sengathi sezixazululiwe,” abacwaningi babhala. “Ngeshwa, lokhu kuthuthukiswa kwekhono labo lebhizinisi cishe kuwumphumela wokuthola ulwazi oluthe xaxa ngokuyekethisa okuphumelelayo kwezinhlangano zezisulu.”
Ubukhona obukhulayo
Iqembu lezigelekeqe likaBianLian langena endaweni yesigameko ngoJulayi 2022 futhi lazibonakalisa njengosongo oluvela ngokushesha, ikakhulukazi ezimbonini ezinjengokunakekelwa kwezempilo (amaphesenti angu-14, umkhakha ohlukunyezwe kakhulu yiqembu), ezemfundo nobunjiniyela (zombili amaphesenti angu-11), kanye I-IT (amaphesenti angu-9). Ngokusho kweRedacted, kusukela ngoMashi 13, izigilamkhuba zazinezisulu ezingu-118 ezisohlwini lwazo eziputshuzayo.
Cishe amaphesenti angama-71 alezo zisulu ase-US.
Uhlelo olungayilungele ikhompuyutha lubhalwe nge-Go, olunye lwezilimi ezintsha ezifana nokuRust izigebengu ze-inthanethi ezizisebenzisayo ukuze zigweme ukutholwa, zigweme amathuluzi okuvikela indawo yokugcina, futhi zisebenzise izibalo eziningi ngesikhathi esisodwa.
Yize eshintsha amanye amaqhinga akhe, u-BianLian akashintshile kuze kufike ekufinyeleleni kokuqala kanye nokunyakaza okuhlangene ngenethiwekhi yesisulu. Kube nama-tweaks ku-backdoor yangokwezifiso esekelwe ku-Go, kodwa ukusebenza okubalulekile kuyefana, umbiko uyathola.
I-Redacted, elandelele u-BianLian kusukela ngonyaka odlule, futhi ithola umbono wokuhlangana okuqinile phakathi kokuthunyelwa kwe-backdoor kanye neseva ye-Command-and-control (C2), okubonisa ukuthi “ngesikhathi kutholwa i-BianLian C2, isuke kungenzeka ukuthi iqembu selivele lisungule isisekelo esiqinile kunethiwekhi yesisulu,” kubhala abacwaningi.
Iqembu elisongelayo liletha cishe amaseva e-C2 amasha acishe abe ngu-30 ku-inthanethi njalo ngenyanga, futhi i-C2 ngayinye ihlala ku-inthanethi cishe amasonto amabili.
Mayelana nokuthi ubani u-BianLian, abacwaningi be-Redacted babhale ukuthi “banethiyori esebenzayo esekelwe kwezinye izinkomba ezithembisayo,” kodwa ukuthi bebengakakulungeli ukusho ngokuqinisekile. ®
