Crimson Collective thov kom muaj hacked Nintendo: lub tuam txhab tsis kam lees nws thiab ntxiv dag zog rau nws txoj kev ruaj ntseg

Pawg neeg Crimson Collective hais tias tau tawg rau hauv Nintendo systems, nyob rau hauv ib ntu uas ib zaug ntxiv tso lub tsom teeb rau ntawm kev tiv thaiv digital ntawm cov tuam txhab thev naus laus zis lojKev saib xyuas yog tsom mus rau qhov kev iab liam kev tawm tsam thiab kev tshuaj xyuas ntawm cov pov thawj tso tawm, thaum lub ntsiab lus tseem ceeb tshwj xeeb rau kev lag luam cybersecurity.

Kev ceeb toom Nws tau nrov tom qab luam tawm ntawm X (yav tas los Twitter) amplified los ntawm Hackmanac, qhov twg tau qhia capture ntawm tsob ntoo directory (uas koj tuaj yeem pom hauv daim duab hauv qab no) ntawm qhov tshwm sim hauv Nintendo cov peev txheej, nrog rau cov ntaub ntawv xws li "Cov ntaub ntawv thaub qab", "Dev Builds" lossis "Production Assets". Nintendo tsis lees paub qhov kev tawm tsam no thiab kev pov thawj ywj pheej ntawm cov pov thawj ntawd tseem tab tom ua thiab, raws li niaj zaus, qhov tseeb ntawm cov ntaub ntawv raug soj ntsuam nrog ceev faj.

Case timeline thiab official status

Raws li cov ntaub ntawv pov thawj tau sau tseg, qhov kev thov no tau nthuav tawm thawj zaug ntawm kev xa xov thiab kev tshaj xov xwm, nrog Crimson Collective sib koom. ib nrab kev xeem nkag thiab nws cov lus hais txog kev dag ntxias. Cov pab pawg, uas feem ntau ua haujlwm hauv Telegram, feem ntau qhia cov npe ntawm cov folders lossis screenshots los txhawb kev ntseeg siab ntawm nws cov lus tshaj tawm ua ntej sib tham nrog cov neeg raug tsim txom.

Hauv kev hloov tshiab tom qab, Nintendo tsis lees paub meej muaj qhov ua txhaum cai uas cuam tshuam rau tus kheej, kev lag luam, lossis cov ntaub ntawv kev loj hlob. Hauv cov lus tshaj tawm rau Japanese xov xwm tshaj tawm Sankei Shimbun hnub tim 15 Lub Kaum Hli, lub tuam txhab tau hais tias tsis muaj pov thawj ntawm kev nkag mus tob rau nws cov kab ke; tib lub sijhawm, nws tau hais tias qee qhov web servers ntsig txog koj nplooj ntawv yuav tau qhia qhov xwm txheej, tsis muaj kev lees paub cuam tshuam rau cov neeg siv khoom lossis ib puag ncig sab hauv.

Leej twg yog Crimson Collective thiab nws ua haujlwm li cas?

Crimson Collective tau txais lub npe nrov rau lub hom phiaj nws kev tawm tsam ntawm cov tuam txhab technology, software thiab telecommunications. Nws cov qauv rov ua dua feem ntau sib txuas cov kev tshawb fawb lub hom phiaj, tawg mus rau hauv ib puag ncig tsis zoo, thiab tom qab ntawd luam tawm cov pov thawj txwv rau kev ntxhov siab. Feem ntau, cov collective exploits nthuav tawm cov ntaub ntawv pov thawj, huab configuration yuam kev thiab vulnerabilities hauv web applications, kom tshaj tawm kev lag luam lossis xov xwm xav tau.

Kev tshawb fawb tsis ntev los no piav qhia txog huab-txuas mus kom ze: Attackers yog trawling repositories thiab qhib qhov chaw rau cov yawm sij thiab tokens leaked siv cov cuab yeej qhib. tsom mus nrhiav "kev zais cia".

Thaum lawv pom ib tug siv tau vector, Lawv sim tsim kom muaj kev pheej hmoo thiab nce cov cai ntawm huab platforms (piv txwv li, nrog ephemeral tus kheej thiab kev tso cai), nrog rau aim kom exfiltrate cov ntaub ntawv thiab kev nkag tau nyiajCov chaw zov me nyuam zoo li AWS pom zoo cov ntawv pov thawj luv luv, txoj cai ntawm txoj cai tsawg kawg nkaus, thiab kev tso cai txuas ntxiv tshuaj xyuas raws li kab ntawm kev tiv thaiv.

Cov xwm txheej tsis ntev los no tau raug ntaus nqi rau pab pawg

Hauv lub hlis tsis ntev los no, kev tawm tsam raug ntaus nqi rau Crimson Collective suav nrog cov hom phiaj siabRooj plaub ntawm Red Hat sawv tawm, ntawm qhov ntawd Cov pab pawg tau lees tias tau nyiag txog 570 GB ntawm cov ntaub ntawv los ntawm ib puag ncig 28.000 qhov chaw cia khoom sab hauv.. Lawv kuj tau txuas nrog Nintendo site defacement Thaum kawg ntawm lub Cuaj Hli, twb tau muaj kev tawm tsam tawm tsam cov tuam txhab kev sib txuas lus hauv cheeb tsam.

• Lub kaus mom liab: loj extraction ntawm cov ntaub ntawv sab hauv los ntawm nws ecosystem ntawm private tej yaam num.
• Kev sib txuas lus (piv txwv li, Claro Colombia): phiaj xwm nrog extortion thiab xaiv luam tawm pov thawj.
• Nintendo Nplooj ntawv: kev hloov kho tsis raug cai ntawm qhov chaw nyob rau thaum xaus lub Cuaj Hli, ntaus nqi rau tib pab pawg.

Kev cuam tshuam thiab muaj peev xwm txaus ntshai

Yog tias qhov kev cuam tshuam zoo li no yuav raug lees paub, nkag mus rau cov ntaub ntawv thaub qab thiab cov ntaub ntawv txhim kho tuaj yeem nthuav tawm cov cuab yeej tseem ceeb hauv cov saw hlau tsim khoom: Cov ntaub ntawv sab hauv, cov cuab yeej, cov ntsiab lus raug tsim, lossis cov ntaub ntawv hauv vaj tse. Qhov no qhib qhov rooj rau thim rov qab engineering, exploitation ntawm vulnerabilities thiab, nyob rau hauv cov xwm txheej heev, rau piracy los yog tsis muaj kev sib tw kom zoo dua.

Tsis tas li ntawd, kev nkag mus rau cov yuam sij sab hauv, tokens lossis daim ntawv pov thawj yuav pab txhawb kev txav mus rau lwm qhov chaw lossis chaw muab kev pabcuam, nrog rau ua tau domino nyhuv hauv cov khoom sivNtawm lub koob npe nrov thiab kev tswj hwm, qhov cuam tshuam yuav nyob ntawm qhov tseeb ntawm qhov raug thiab qhov xwm txheej ntawm cov ntaub ntawv uas yuav raug cuam tshuam.

Kev cia siab teb thiab kev coj ua zoo hauv kev lag luam

Nyob rau ntawm qhov xwm txheej zoo li no, Qhov tseem ceeb tshaj plaws yog kom muaj thiab tshem tawm kev nkag mus tsis tau tso cai, qhib kev tshawb nrhiav forensic thiab ntxiv dag zog rau tus kheej thiab kev tswj xyuas kev nkag.Nws tseem yog qhov tseem ceeb rau kev tshuaj xyuas huab kev teeb tsa, tshem tawm cov vectors nres, thiab siv telemetry txhawm rau txheeb xyuas cov haujlwm tsis zoo uas yuav qhia tau tias muaj kev tawm tsam tsis tu ncua.

• Kev ntim khoom tam sim: Tshem tawm cov kab ke cuam tshuam, lov tes taw cov ntaub ntawv pov thawj, thiab thaiv txoj kev tawm mus.
• Forensic audit: rov tsim kho lub sijhawm, txheeb xyuas cov vectors thiab sib sau ua pov thawj rau cov pab pawg thiab cov tub ceev xwm.
• Access hardening: Kev sib hloov ntawm qhov tseem ceeb, yuav tsum tau MFA, tsawg kawg yog tsim nyog, thiab kev sib cais hauv lub network.
• Regulatory transparency: Qhia rau cov koom haum thiab cov neeg siv thaum tsim nyog, nrog cov lus qhia meej los txhim kho kev ruaj ntseg ntawm tus kheej.

Nrog rau Nintendo qhov tsis lees paub hais txog qhov sib txawv, Lub hom phiaj hloov mus rau kev txheeb xyuas cov ntaub ntawv pov thawj los ntawm Crimson CollectiveHav, qhov kev txhawb zog ntawm kev tswj kom tsis txhob muaj kev ntshai ntxiv. Yog tsis muaj pov thawj tseeb, Qhov kev ua tau zoo yog ua kom ceev faj, ntxiv dag zog rau huab teeb tsa, thiab ntxiv dag zog rau kev sib koom tes nrog pab pawg teb thiab cov neeg muag khoom., raws li cov pab pawg twb tau pom muaj peev xwm los siv cov ntaub ntawv pov thawj thiab kev teeb tsa tsis raug ntawm qhov loj.

Tsab xov xwm cuam tshuam:

Yuav ua li cas tiv thaiv koj lub PC los ntawm pom tsis pom malware zoo li XWorm thiab NotDoor

Alberto Navarro

Kuv yog ib tus neeg nyiam siv thev naus laus zis uas tau hloov nws txoj kev nyiam "geek" rau hauv txoj haujlwm. Kuv tau siv ntau tshaj 10 xyoo ntawm kuv lub neej siv cov cuab yeej siv thev naus laus zis thiab tinkering nrog txhua yam kev pab cuam tawm ntawm kev xav paub dawb huv. Tam sim no kuv tau tshwj xeeb hauv computer technology thiab video games. Qhov no yog vim ntau tshaj 5 xyoo kuv tau sau rau ntau lub vev xaib ntawm kev siv tshuab thiab kev ua si video, tsim cov ntawv uas nrhiav kom muab cov ntaub ntawv koj xav tau hauv hom lus uas txhua tus neeg nkag siab.

Yog tias koj muaj lus nug, kuv qhov kev paub yog los ntawm txhua yam ntsig txog Windows operating system nrog rau Android rau cov xov tooj ntawm tes. Thiab kuv txoj kev cog lus yog rau koj, Kuv ib txwm kam siv ob peb feeb thiab pab koj daws cov lus nug uas koj muaj nyob hauv lub ntiaj teb no hauv internet.