{"id":105906,"date":"2020-04-05T23:54:31","date_gmt":"2020-04-06T06:54:31","guid":{"rendered":"https:\/\/unit42.paloaltonetworks.com\/?p=105906"},"modified":"2020-04-05T23:54:31","modified_gmt":"2020-04-06T06:54:31","slug":"new-hoaxcalls-ddos-botnet","status":"publish","type":"post","link":"https:\/\/origin-unit42.paloaltonetworks.com\/ja\/new-hoaxcalls-ddos-botnet\/","title":{"rendered":"Grandstream\u304a\u3088\u3073DrayTek\u30c7\u30d0\u30a4\u30b9\u306e\u30a8\u30af\u30b9\u30d7\u30ed\u30a4\u30c8\u3067\u62e1\u5927\u3059\u308b\u65b0\u305f\u306aHoaxcalls DDoS\u30dc\u30c3\u30c8\u30cd\u30c3\u30c8"},"content":{"rendered":"<div class=\"article__content pb-30\">\n<h2>\u6982\u8981<\/h2>\n<p>3\u6708\u306b<a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2020-8515\">CVE-2020-8515<\/a> \u306e\u6982\u5ff5\u5b9f\u8a3c\uff08PoC\uff09\u30b3\u30fc\u30c9\u304c\u4e00\u822c\u516c\u958b\u3055\u308c\u305f\u3068\u305f\u3093\u3001\u540c\u8106\u5f31\u6027\u306f\u65b0\u305f\u306aDDoS\u30dc\u30c3\u30c8\u30cd\u30c3\u30c8\u306e\u62e1\u5927\u306e\u305f\u3081\u306b\u60aa\u7528\u3055\u308c\u306f\u3058\u3081\u307e\u3057\u305f\u3002\u3055\u3089\u306b\u5206\u6790\u3057\u305f\u7d50\u679c\u3001\u540c\u30de\u30eb\u30a6\u30a7\u30a2\u306f\u8106\u5f31\u6027<a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2020-5722\">CVE-2020-5722<\/a>\u3082\u5229\u7528\u3057\u3066\u62e1\u5927\u3059\u308b\u3053\u3068\u304c\u308f\u304b\u3063\u3066\u3044\u307e\u3059\u30022020\u5e743\u670831\u65e5\u4ee5\u964d\u3001\u672c\u7a3f\u57f7\u7b46\u6b21\u70b9\u3067\u691c\u51fa\u3055\u308c\u305f\u653b\u6483\u30c8\u30e9\u30d5\u30a3\u30c3\u30af\u6570\u306f2\u500d\u306b\u306a\u3063\u3066\u304a\u308a\u3001\u591a\u304f\u306eGrandstream UCM6200\u3001Draytek Vigor\u30c7\u30d0\u30a4\u30b9\u304c\u611f\u67d3\u3057\u3066\u3044\u308b\u304b\u3001\u6d3b\u767a\u306b\u653b\u6483\u3092\u53d7\u3051\u3066\u3044\u308b\u72b6\u6cc1\u3068\u306a\u3063\u3066\u3044\u308b\u3088\u3046\u3067\u3059\u3002\u79c1\u305f\u3061\u306f\u3053\u306e\u554f\u984c\u306b\u3064\u3044\u3066\u5553\u8499\u3057\u3001\u4fee\u5fa9\u3092\u4fc3\u3059\u305f\u3081\u3001\u8abf\u67fb\u4e2d\u306b\u7279\u5b9a\u3055\u308c\u305f\u611f\u67d3\u3057\u305f\u53ef\u80fd\u6027\u306e\u3042\u308b\u30c7\u30d0\u30a4\u30b9\u306b\u3064\u3044\u3066\u5730\u57df\u306eCERT\u306b\u901a\u77e5\u3057\u3066\u304b\u3089\u672c\u7a3f\u3092\u516c\u958b\u3057\u307e\u3057\u305f\u3002Grandstream\u30c7\u30d0\u30a4\u30b9\u306f\u30d3\u30b8\u30cd\u30b9\u5411\u3051IP\u96fb\u8a71\u30b7\u30b9\u30c6\u30e0\u3001Draytek Vigor\u30c7\u30d0\u30a4\u30b9\u306f\u30eb\u30fc\u30bf\u3067\u3059\u3002<\/p>\n<p>CVE-2020-8515\u3001CVE-2020-5722\u306f\u3068\u3082\u306b\u60aa\u7528\u304c\u304d\u308f\u3081\u3066\u5bb9\u6613\uff08trivial\uff09\u3067\u3001CVSS v3.1\u30b9\u30b3\u30a2\u306e\u8a55\u4fa1\u306f10\u6bb5\u968e\u30679.8\u306e\u300c\u7dca\u6025\u300d\u304c\u4ed8\u4e0e\u3055\u308c\u3066\u3044\u307e\u3059\u3002\u30a8\u30af\u30b9\u30d7\u30ed\u30a4\u30c8\u306b\u6210\u529f\u3059\u308b\u3068\u3001\u653b\u6483\u8005\u306f\u8106\u5f31\u306a\u30c7\u30d0\u30a4\u30b9\u4e0a\u3067\u4efb\u610f\u306e\u30b3\u30de\u30f3\u30c9\u3092\u5b9f\u884c\u3059\u308b\u3053\u3068\u304c\u3067\u304d\u307e\u3059\u3002\u3053\u306e\u305f\u3081\u3001\u8105\u5a01\u653b\u6483\u8005\u30b0\u30eb\u30fc\u30d7\u304c\u3053\u3046\u3057\u305f\u30a8\u30af\u30b9\u30d7\u30ed\u30a4\u30c8\u3092\u81ea\u8eab\u306e\u5175\u5668\u306e\u3072\u3068\u3064\u306b\u53d6\u308a\u5165\u308c\u3001\u30e2\u30ce\u306e\u30a4\u30f3\u30bf\u30fc\u30cd\u30c3\u30c8\uff08IoT\uff09\u5206\u91ce\u3067\u306e\u5927\u6df7\u4e71\u3092\u5f15\u304d\u8d77\u3053\u3057\u3066\u3082\u4e0d\u601d\u8b70\u3067\u306f\u3042\u308a\u307e\u305b\u3093\u3002\u30d1\u30ed\u30a2\u30eb\u30c8\u30cd\u30c3\u30c8\u30ef\u30fc\u30af\u30b9\u88fd\u54c1\u3092\u3054\u5229\u7528\u4e2d\u306e\u304a\u5ba2\u69d8\u306f\u3053\u308c\u3089\u306b\u3088\u308b\u611f\u67d3\u304b\u3089\u4fdd\u8b77\u3055\u308c\u3066\u3044\u307e\u3059\u304c\u3001\u3067\u304d\u308b\u9650\u308a\u65e9\u304f\u66f4\u65b0\u30d1\u30c3\u30c1\u3092\u9069\u7528\u3059\u308b\u3053\u3068\u304c\u63a8\u5968\u3055\u308c\u307e\u3059\u3002<\/p>\n<p>\u79c1\u305f\u3061\u306f\u3001Gafgyt\/Bashlite\u30de\u30eb\u30a6\u30a7\u30a2 \u30d5\u30a1\u30df\u30ea\u306e\u30b3\u30fc\u30c9\u30d9\u30fc\u30b9\u3067\u30d3\u30eb\u30c9\u3055\u308c\u305f\u672c\u30de\u30eb\u30a6\u30a7\u30a2\u3092\u3001\u30b3\u30de\u30f3\u30c9&amp;\u30b3\u30f3\u30c8\u30ed\u30fc\u30eb\uff08C2\uff09\u901a\u4fe1\u306b\u4f7f\u7528\u3059\u308bIRC\u30c1\u30e3\u30cd\u30eb\u540d\u306b\u3061\u306a\u307f\u3001\u672c\u30de\u30eb\u30a6\u30a7\u30a2\u3092\u300cHoaxcalls\u300d\u3068\u540d\u4ed8\u3051\u307e\u3057\u305f\u3002\u3053\u306e\u30de\u30eb\u30a6\u30a7\u30a2\u306f\u53d7\u4fe1\u3057\u305fC2\u30b3\u30de\u30f3\u30c9\u306b\u57fa\u3065\u3044\u3066\u3055\u307e\u3056\u307e\u306aDDoS\u653b\u6483\u3092\u958b\u59cb\u53ef\u80fd\u3067\u3059\u3002Hoaxcalls\u306f\u9ad8\u5ea6\u306aDDoS\u6a5f\u80fd\u306b\u52a0\u3048\u3001\u524d\u8ff0\u306e\u300c\u7dca\u6025\u300d\u306e\u8106\u5f31\u6027\u3092\u60aa\u7528\u3059\u308b\u3053\u3068\u306b\u3088\u3063\u3066\u30dc\u30c3\u30c8\u30cd\u30c3\u30c8\u3092\u62e1\u5927\u3059\u308b\u3053\u3068\u3082\u3067\u304d\u307e\u3059\u3002<\/p>\n<h2>DDoS\u30dc\u30c3\u30c8Hoaxcalls<\/h2>\n<p>Hoaxcalls\u306fIRC\u7d4c\u7531\u3067C2\u30b5\u30fc\u30d0\u30fc\u3068\u901a\u4fe1\u3059\u308bDDoS\u30dc\u30c3\u30c8\u3067\u3001C2\u30aa\u30da\u30ec\u30fc\u30bf\u306e\u9078\u629e\u306b\u57fa\u3065\u3044\u3066\u5b9f\u884c\u3067\u304d\u308b\u3055\u307e\u3056\u307e\u306aDDoS\u653b\u6483\u6a5f\u80fd\u3092\u5099\u3048\u3066\u3044\u307e\u3059\u3002\u3053\u306e\u30de\u30eb\u30a6\u30a7\u30a2\u306f\u3001\u9069\u5207\u306aC2\u30b3\u30de\u30f3\u30c9\u3092\u53d7\u4fe1\u3059\u308b\u3068\u3001\u8106\u5f31\u306a\u30c7\u30d0\u30a4\u30b9\u3092\u30b9\u30ad\u30e3\u30f3\u3057\u3001CVE-2020-8515\u3084CVE-2020-5722\u306e\u30a8\u30af\u30b9\u30d7\u30ed\u30a4\u30c8\u3092\u4f7f\u7528\u3057\u3066\u611f\u67d3\u3055\u305b\u308b\u3053\u3068\u306b\u3088\u3063\u3066\u5e83\u304c\u308a\u307e\u3059\u3002<\/p>\n<p>Hoaxcalls\u306f\u5b9f\u884c\u3055\u308c\u308b\u3068\u30e1\u30c3\u30bb\u30fc\u30b8\u30c6\u30fc\u30d6\u30eb\u3092\u521d\u671f\u5316\u3057\u3001\u5bfe\u5fdc\u3059\u308b\u30a4\u30f3\u30c7\u30c3\u30af\u30b9\u306b\u57fa\u3065\u3044\u3066\u7279\u5b9a\u306e\u30e1\u30c3\u30bb\u30fc\u30b8\u3092XOR\u5fa9\u53f7\u3057\u3001\u30e1\u30c3\u30bb\u30fc\u30b8\u3092\u30d5\u30a7\u30c3\u30c1\u3057\u3066\u30b3\u30f3\u30bd\u30fc\u30eb\u306b\u51fa\u529b\u3057\u3001\u5fa9\u53f7\u3057\u305f\u30e1\u30c3\u30bb\u30fc\u30b8\u3092\u518d\u5ea6\u6697\u53f7\u5316\u3057\u307e\u3059\u3002\u6697\u53f7\u5316\u3057\u305f\u6587\u5b57\u5217\u306e\u30a4\u30f3\u30c7\u30c3\u30af\u30b9\u306f0x21\u3001\u5fa9\u53f7\u3057\u305f\u30e1\u30c3\u30bb\u30fc\u30b8\u306f\u300cHubnrand vbrxmr was here\u300d\u3067\u3059\u3002<\/p>\n<p>\u4f7f\u7528\u3055\u308c\u308b\u6697\u53f7\u5316\u30b9\u30ad\u30fc\u30e0\u306f\u3001\u307b\u3068\u3093\u3069\u306eMirai\u4e9c\u7a2e\u3067\u63a1\u7528\u3055\u308c\u3066\u3044\u308b\u6a19\u6e96\u7684\u306a\u30d0\u30a4\u30c8\u5358\u4f4d\u306eXOR\u3067\u3059\u304c\u30011\u3064\u3067\u306f\u306a\u304f5\u3064\u306e8\u30d3\u30c3\u30c8\u30c6\u30fc\u30d6\u30eb\u30ad\u30fc\u3092\u4f7f\u7528\u3059\u308b\u3068\u3053\u308d\u306f\u9055\u3063\u3066\u3044\u307e\u3059\u3002<\/p>\n<p style=\"padding-left: 40px;\"><span style=\"font-family: 'courier new', courier, monospace;\">0x1337C0D3<\/span><br \/>\n<span style=\"font-family: 'courier new', courier, monospace;\">0x0420A941<\/span><br \/>\n<span style=\"font-family: 'courier new', courier, monospace;\">0x4578BEAD<\/span><br \/>\n<span style=\"font-family: 'courier new', courier, monospace;\">0x0000A10E<\/span><br \/>\n<span style=\"font-family: 'courier new', courier, monospace;\">0x6531A466<\/span><\/p>\n<p>\u4e0a\u8a18\u306f\u4e8b\u5b9f\u4e0a\u3001\u6697\u53f7\u5316\u3055\u308c\u305f\u6587\u5b57\u5217\u306e\u5404\u30d0\u30a4\u30c8\u3092\u300c0xEC\u300d\u3068XOR\u3059\u308b\u306e\u3068\u540c\u7b49\u3067\u3059\u3002<a href=\"https:\/\/unit42.paloaltonetworks.com\/mirai-compiled-for-new-processor-surfaces\/\">\u4ee5\u524d\u306e\u5225\u306e\u4e9c\u7a2e<\/a>\u3067\u3082\u3053\u308c\u3068\u540c\u69d8\u306b\u8907\u6570\u306eXOR\u30ad\u30fc\u3092\u4f7f\u3046\u69d8\u5b50\u304c\u89b3\u6e2c\u3055\u308c\u3066\u3044\u307e\u3059 \u3002<\/p>\n<p>\u4ee5\u4e0b\u88681\u304c\u5fa9\u53f7\u3055\u308c\u305f\u6587\u5b57\u5217\u3068\u305d\u308c\u306b\u5bfe\u5fdc\u3059\u308b\u30a4\u30f3\u30c7\u30c3\u30af\u30b9\u306e\u5168\u30ea\u30b9\u30c8\u3067\u3059\u3002\u30a4\u30f3\u30c7\u30c3\u30af\u30b90x1\u306e\u5fa9\u53f7\u6587\u5b57\u5217\u306frand_alpha_str()\u3067\u4f7f\u7528\u3055\u308c\u3001\u30a4\u30f3\u30c7\u30c3\u30af\u30b90x2\u30010x3\u30010x4\u30010x5\u30010x6\u30010x7\u30010x8\u30010x9\u30010xa\u306e\u6587\u5b57\u5217\u306f\u30de\u30eb\u30a6\u30a7\u30a2\u304cwatchdog\u30d7\u30ed\u30bb\u30b9\u3092\u958b\u59cb\u3059\u308b\u3055\u3044\u306b\u4f7f\u7528\u3055\u308c\u307e\u3059\u3002<\/p>\n<table>\n<tbody>\n<tr>\n<td>\u30c6\u30fc\u30d6\u30eb \u30a4\u30f3\u30c7\u30c3\u30af\u30b9<\/td>\n<td>\u5fa9\u53f7\u5f8c\u306e\u6587\u5b57\u5217<\/td>\n<\/tr>\n<tr>\n<td>0x21<\/td>\n<td>hubnr and vbrxmr was here<\/td>\n<\/tr>\n<tr>\n<td>0x1<\/td>\n<td>afsadhgqegtx5425<\/td>\n<\/tr>\n<tr>\n<td>0x2<\/td>\n<td>\/dev\/watchdog<\/td>\n<\/tr>\n<tr>\n<td>0x3<\/td>\n<td>\/dev\/misc\/watchdog<\/td>\n<\/tr>\n<tr>\n<td>0x4<\/td>\n<td>\/sbin\/watchdog<\/td>\n<\/tr>\n<tr>\n<td>0x5<\/td>\n<td>\/bin\/watchdog<\/td>\n<\/tr>\n<tr>\n<td>0x6<\/td>\n<td>\/dev\/FTWDT101_watchdog<\/td>\n<\/tr>\n<tr>\n<td>0x7<\/td>\n<td>\/dev\/FTWDT101\/watchdog<\/td>\n<\/tr>\n<tr>\n<td>0x8<\/td>\n<td>\/dev\/watchdog0<\/td>\n<\/tr>\n<tr>\n<td>0x9<\/td>\n<td>\/etc\/default\/watchdog<\/td>\n<\/tr>\n<tr>\n<td>0xa<\/td>\n<td>\/etc\/watchdog<\/td>\n<\/tr>\n<tr>\n<td>0xd<\/td>\n<td>\/dev\/netslink\/<\/td>\n<\/tr>\n<tr>\n<td>0xe<\/td>\n<td>STD<\/td>\n<\/tr>\n<tr>\n<td>0xf<\/td>\n<td>\/usr\/bin\/python<\/td>\n<\/tr>\n<tr>\n<td>0x11<\/td>\n<td>\/status<\/td>\n<\/tr>\n<tr>\n<td>0x12<\/td>\n<td>\/proc\/<\/td>\n<\/tr>\n<tr>\n<td>0x13<\/td>\n<td>\/exe<\/td>\n<\/tr>\n<tr>\n<td>0x14<\/td>\n<td>\/fd<\/td>\n<\/tr>\n<tr>\n<td>0x15<\/td>\n<td>\/proc\/net\/tcp<\/td>\n<\/tr>\n<tr>\n<td>0x16<\/td>\n<td>\/maps<\/td>\n<\/tr>\n<tr>\n<td>0x17<\/td>\n<td>\/mnt\/<\/td>\n<\/tr>\n<tr>\n<td>0x18<\/td>\n<td>\/root\/<\/td>\n<\/tr>\n<tr>\n<td>0x19<\/td>\n<td>\/tmp\/<\/td>\n<\/tr>\n<tr>\n<td>0x1a<\/td>\n<td>\/var\/<\/td>\n<\/tr>\n<tr>\n<td>0x1b<\/td>\n<td>\/home\/<\/td>\n<\/tr>\n<tr>\n<td>0x1c<\/td>\n<td>UPX!<\/td>\n<\/tr>\n<tr>\n<td>0x1d<\/td>\n<td>PR_SET_NAME<\/td>\n<\/tr>\n<tr>\n<td>0x1e<\/td>\n<td>\/cmdline<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<p><em>\u88681 \u30c7\u30b3\u30fc\u30c9\u3055\u308c\u305f\u8cc7\u683c\u60c5\u5831\u3068\u30b3\u30de\u30f3\u30c9<\/em><\/p>\n<p>\u305d\u306e\u5f8c\u3001\u30dc\u30c3\u30c8\u306fC2\u30b5\u30fc\u30d0\u30fc178[.]32[.]148[.]5\u306bTCP\u30dd\u30fc\u30c81337\u306eIRC\u7d4c\u7531\u3067\u63a5\u7d9a\u3057\u307e\u3059\u3002C2\u306eIRC\u30c1\u30e3\u30cd\u30eb\u306f#hellroom\u3067\u3059\u3002nick\u3001ident\u3001user\u306f\u9577\u305513\u6587\u5b57\u306e\u6587\u5b57\u5217\u3067\u3001\u3064\u306d\u306b\u300cXTC|\u300d\u304b\u3089\u59cb\u307e\u308a\u3001\u5f8c\u308d\u306b\u9577\u30559\u6587\u5b57\u5206\u30e9\u30f3\u30c0\u30e0\u306a\u6587\u5b57\u5217\u304c\u7d9a\u304d\u307e\u3059\u3002\u6b21\u306e\u56f3\u306fIRC\u3092\u4ecb\u3057\u305f\u30dc\u30c3\u30c8\u3068C2\u30b5\u30fc\u30d0\u30fc\u3068\u306eC2\u901a\u4fe1\u3092\u793a\u3057\u3066\u3044\u307e\u3059\u3002<\/p>\n<figure id=\"attachment_105844\" class=\"wp-caption alignnone\" aria-describedby=\"caption-attachment-105844\"><a href=\"https:\/\/unit42-preview.paloaltonetworks.com\/wp-content\/uploads\/2020\/04\/Figure-4.-Connect-to-its-C2-over-IRC.png\" rel=\"wpdevart_lightbox\"><img  class=\"wp-image-105844 lozad\"  data-src=\"https:\/\/unit42-preview.paloaltonetworks.com\/wp-content\/uploads\/2020\/04\/Figure-4.-Connect-to-its-C2-over-IRC.png\" alt=\"Hoaxcalls\u304cC2\u306b\u63a5\u7d9a\" width=\"600\" height=\"243\" \/><\/a><figcaption id=\"caption-attachment-105844\" class=\"wp-caption-text\">\u56f31 IRC\u7d4c\u7531\u3067\u306eC2\u3078\u306e\u63a5\u7d9a<\/figcaption><\/figure>\n<p>C2\u30b5\u30fc\u30d0\u30fc\u304b\u3089\u53d7\u4fe1\u3057\u305f\u30b3\u30de\u30f3\u30c9\u306b\u57fa\u3065\u304dHoaxcalls\u306f\u3055\u307e\u3056\u307e\u306a\u30aa\u30da\u30ec\u30fc\u30b7\u30e7\u30f3\u3092\u5b9f\u884c\u3057\u307e\u3059\u3002\u6b21\u306e\u8868\u306f\u3001\u30dc\u30c3\u30c8\u304c\u30b5\u30dd\u30fc\u30c8\u3059\u308b\u30b3\u30de\u30f3\u30c9\u3068Hoaxcalls\u304c\u63a1\u7528\u3059\u308bDDoS\u653b\u6483\u306e\u7a2e\u985e\u3092\u793a\u3057\u3066\u3044\u307e\u3059\u3002<\/p>\n<table>\n<tbody>\n<tr>\n<td>\u30dc\u30c3\u30c8 \u30b3\u30de\u30f3\u30c9<\/td>\n<td>\u8aac\u660e<\/td>\n<\/tr>\n<tr>\n<td>352<\/td>\n<td>\u507d\u88c5IP\u30a2\u30c9\u30ec\u30b9\u306e\u8a2d\u5b9a<\/td>\n<\/tr>\n<tr>\n<td>376<\/td>\n<td>\u30cb\u30c3\u30af\u30cd\u30fc\u30e0\u3001\u30c1\u30e3\u30f3\u30cd\u30eb\u3001\u30ad\u30fc\u3092\u5831\u544a<\/td>\n<\/tr>\n<tr>\n<td>433<\/td>\n<td>\u65b0\u3057\u3044\u30e9\u30f3\u30c0\u30e0\u306a\u6587\u5b57\u5217\u3067\u30cb\u30c3\u30af\u30cd\u30fc\u30e0\u3092\u30ea\u30bb\u30c3\u30c8<\/td>\n<\/tr>\n<tr>\n<td>422<\/td>\n<td>\u30b3\u30de\u30f3\u30c9376\u3068\u540c\u3058<\/td>\n<\/tr>\n<tr>\n<td>PRIVMSG<\/td>\n<td>\u30d5\u30e9\u30c3\u30c0 \u30b3\u30de\u30f3\u30c9\u3092\u51e6\u7406<\/td>\n<\/tr>\n<tr>\n<td>PING<\/td>\n<td>PONG\u30e1\u30c3\u30bb\u30fc\u30b8\u3067\u5fdc\u7b54<\/td>\n<\/tr>\n<tr>\n<td>NICK<\/td>\n<td>\u6307\u5b9a\u3057\u305f\u5024\u306e\u30cb\u30c3\u30af\u30cd\u30fc\u30e0\u3092\u5272\u308a\u5f53\u3066<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<p><em>\u88682 \u30dc\u30c3\u30c8\u304c\u30b5\u30dd\u30fc\u30c8\u3059\u308b\u30b3\u30de\u30f3\u30c9<\/em><\/p>\n<table>\n<tbody>\n<tr>\n<td>\u30d5\u30e9\u30c3\u30c0 \u30b3\u30de\u30f3\u30c9<\/td>\n<td>\u8aac\u660e<\/td>\n<\/tr>\n<tr>\n<td>UDP<\/td>\n<td>\u6307\u5b9a\u3055\u308c\u305f\u30bf\u30fc\u30b2\u30c3\u30c8\u3078\u306eUDP\u30d5\u30e9\u30c3\u30c9\u3092\u958b\u59cb<\/td>\n<\/tr>\n<tr>\n<td>HEX<\/td>\n<td>\u6307\u5b9a\u3055\u308c\u305f\u30bf\u30fc\u30b2\u30c3\u30c8\u3078\u306eHEX\u30d5\u30e9\u30c3\u30c9\u3092\u958b\u59cb<\/td>\n<\/tr>\n<tr>\n<td>DNS<\/td>\n<td>\u6307\u5b9a\u3055\u308c\u305f\u30bf\u30fc\u30b2\u30c3\u30c8\u3078\u306eDNS\u30d5\u30e9\u30c3\u30c9\u3092\u958b\u59cb<\/td>\n<\/tr>\n<tr>\n<td>DRAYTEK<\/td>\n<td>CVE-2020-8515\u3092\u5229\u7528\u3057\u4ed6\u306eDraytek\u30c7\u30d0\u30a4\u30b9\u3092\u30b9\u30ad\u30e3\u30f3\u3057\u3066\u611f\u67d3<\/td>\n<\/tr>\n<tr>\n<td>UCM<\/td>\n<td>CVE-2020-5722\u3092\u5229\u7528\u3057\u4ed6\u306eGrandstream UCM\u30c7\u30d0\u30a4\u30b9\u3092\u30b9\u30ad\u30e3\u30f3\u3057\u3066\u611f\u67d3<\/td>\n<\/tr>\n<tr>\n<td>HELP<\/td>\n<td>\u30b3\u30de\u30f3\u30c9\u4f7f\u7528\u65b9\u6cd5\u3092\u8868\u793a<\/td>\n<\/tr>\n<tr>\n<td>RULES<\/td>\n<td>\u30dc\u30c3\u30c8\u30cd\u30c3\u30c8\u4f7f\u7528\u30eb\u30fc\u30eb\u3092\u8868\u793a<\/td>\n<\/tr>\n<tr>\n<td>INFO<\/td>\n<td>\u30dc\u30c3\u30c8\u306b\u95a2\u3059\u308b\u7c21\u5358\u306a\u7d39\u4ecb\u3092\u8868\u793a<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<p><em>\u88683 \u30d5\u30e9\u30c3\u30c0 \u30b3\u30de\u30f3\u30c9<\/em><\/p>\n<p>\u6b21\u306e\u56f32\u304a\u3088\u30733\u306f\u3001\u30dc\u30c3\u30c8\u304c\u6f5c\u5728\u7684\u306b\u8106\u5f31\u306a\u88ab\u5bb3\u8005\u3092\u30b9\u30ad\u30e3\u30f3\u3057\u3066\u611f\u67d3\u3092\u5e83\u3052\u308b\u3055\u3044\u306b\u4f7f\u3046\u30a8\u30af\u30b9\u30d7\u30ed\u30a4\u30c8\u30b3\u30fc\u30c9\u3092\u793a\u3057\u3066\u3044\u307e\u3059\u3002<\/p>\n<figure id=\"attachment_105846\" class=\"wp-caption aligncenter\" aria-describedby=\"caption-attachment-105846\"><a href=\"https:\/\/unit42-preview.paloaltonetworks.com\/wp-content\/uploads\/2020\/04\/Figure-5.-CVE-2020-8515-exploit-in-hoaxcalls-group-1.png\" rel=\"wpdevart_lightbox\"><img  class=\"wp-image-105846 size-full lozad\"  data-src=\"https:\/\/unit42-preview.paloaltonetworks.com\/wp-content\/uploads\/2020\/04\/Figure-5.-CVE-2020-8515-exploit-in-hoaxcalls-group-1.png\" alt=\"Hoaxcalls\u306e\u30b5\u30f3\u30d7\u30eb \u30a8\u30af\u30b9\u30d7\u30ed\u30a4\u30c8\" width=\"848\" height=\"332\" \/><\/a><figcaption id=\"caption-attachment-105846\" class=\"wp-caption-text\">\u56f32 \u30b0\u30eb\u30fc\u30d71\u306eHoaxcalls\u306eCVE-2020-8515\u306e\u60aa\u7528<\/figcaption><\/figure>\n<figure id=\"attachment_105825\" class=\"wp-caption aligncenter\" aria-describedby=\"caption-attachment-105825\"><img  class=\"wp-image-105825 lozad\"  data-src=\"https:\/\/unit42-preview.paloaltonetworks.com\/wp-content\/uploads\/2020\/04\/word-image-20.png\" alt=\"\" width=\"826\" height=\"286\" \/><figcaption id=\"caption-attachment-105825\" class=\"wp-caption-text\">\u56f33 \u30b0\u30eb\u30fc\u30d71\u306eHoaxcalls\u306eCVE-2020-5722\u306e\u60aa\u7528<\/figcaption><\/figure>\n<p>\u4e0a\u8a18\u306e\u30d5\u30e9\u30c3\u30c0 \u30b3\u30de\u30f3\u30c9\u306f\u30b0\u30eb\u30fc\u30d71\u306b\u5c5e\u3059\u308bHoaxcalls\u30b5\u30f3\u30d7\u30eb\u304b\u3089\u306e\u3082\u306e\u3067\u3059\u304c\u3001\u3044\u304f\u3064\u304b\u306e\u70b9\u3067\u82e5\u5e72\u7570\u306a\u3063\u3066\u3044\u308b\u4ee5\u5916\u306b\u6a5f\u80fd\u9762\u3067\u306f\u307b\u307c\u540c\u7b49\u306e\u4e9c\u7a2e\u30b0\u30eb\u30fc\u30d7\u304c\u307b\u304b\u306b\u3082\u898b\u3064\u304b\u308a\u307e\u3057\u305f\u3002\u305f\u3068\u3048\u3070\u30b0\u30eb\u30fc\u30d71\u306eHoaxcalls\u30b5\u30f3\u30d7\u30eb\u3067\u306f\u3001C2\u30d5\u30e9\u30c3\u30c0 \u30b3\u30de\u30f3\u30c9\u30bb\u30c3\u30c8\u306e\u4e00\u90e8\u3068\u3057\u3066Draytek\u304a\u3088\u3073UCM\u306e\u30b9\u30ad\u30e3\u30f3\u6a5f\u80fd\u304c\u542b\u307e\u308c\u3066\u3044\u307e\u3059\u304c\u3001\u30b0\u30eb\u30fc\u30d72\u3001\u30b0\u30eb\u30fc\u30d73\u306e\u30b5\u30f3\u30d7\u30eb\u306e\u5834\u5408\u3001\u611f\u67d3\u62e1\u5927\u306e\u6a5f\u80fd\u304c\u30d5\u30e9\u30c3\u30c0 \u30b3\u30de\u30f3\u30c9\u304b\u3089\u79fb\u52d5\u3057\u3066\u3001\u5b9f\u884c\u6642\u306b\u8106\u5f31\u306aUCM\u30c7\u30d0\u30a4\u30b9\u3068Draytek\u30c7\u30d0\u30a4\u30b9\u3078\u306e\u611f\u67d3\u3092\u958b\u59cb\u3057\u307e\u3059\u3002\u611f\u67d3\u30d5\u30a7\u30fc\u30ba\u3067\u9001\u4fe1\u3055\u308c\u308b\u60aa\u610f\u306e\u3042\u308b\u30ea\u30af\u30a8\u30b9\u30c8\u3082\u82e5\u5e72\u7570\u306a\u308a\u307e\u3059\u3002\u4ee5\u4e0b\u306e\u56f3\u306f\u3055\u307e\u3056\u307e\u306a\u30b0\u30eb\u30fc\u30d7\u306b\u5c5e\u3059\u308b\u30b5\u30f3\u30d7\u30eb\u9593\u306e\u9055\u3044\u3092\u793a\u3057\u305f\u3082\u306e\u3067\u3059\u3002<\/p>\n<figure id=\"attachment_105827\" class=\"wp-caption aligncenter\" aria-describedby=\"caption-attachment-105827\"><img  class=\"wp-image-105827 lozad\"  data-src=\"https:\/\/unit42-preview.paloaltonetworks.com\/wp-content\/uploads\/2020\/04\/word-image-21.png\" alt=\"\" width=\"830\" height=\"284\" \/><figcaption id=\"caption-attachment-105827\" class=\"wp-caption-text\">\u56f34 \u30b0\u30eb\u30fc\u30d72\u306eHoaxcalls\u306eCVE-2020-8515\u306e\u60aa\u7528<\/figcaption><\/figure>\n<figure id=\"attachment_105829\" class=\"wp-caption aligncenter\" aria-describedby=\"caption-attachment-105829\"><img  class=\"wp-image-105829 lozad\"  data-src=\"https:\/\/unit42-preview.paloaltonetworks.com\/wp-content\/uploads\/2020\/04\/word-image-22.png\" alt=\"\" width=\"854\" height=\"286\" \/><figcaption id=\"caption-attachment-105829\" class=\"wp-caption-text\">\u56f35 \u30b0\u30eb\u30fc\u30d72\u306eHoaxcalls\u306eCVE-2020-5722\u306e\u60aa\u7528<\/figcaption><\/figure>\n<figure id=\"attachment_105851\" class=\"wp-caption aligncenter\" aria-describedby=\"caption-attachment-105851\"><img  class=\"size-full wp-image-105851 lozad\"  data-src=\"https:\/\/unit42-preview.paloaltonetworks.com\/wp-content\/uploads\/2020\/04\/Figure-9.-CVE-2020-8515-exploit-in-hoaxcalls-group-3-1.png\" alt=\"\" width=\"844\" height=\"336\" \/><figcaption id=\"caption-attachment-105851\" class=\"wp-caption-text\">\u56f36 \u30b0\u30eb\u30fc\u30d73\u306eHoaxcalls\u306eCVE-2020-8515\u306e\u60aa\u7528<\/figcaption><\/figure>\n<figure id=\"attachment_105833\" class=\"wp-caption alignnone\" aria-describedby=\"caption-attachment-105833\"><img  class=\"wp-image-105833 lozad\"  data-src=\"https:\/\/unit42-preview.paloaltonetworks.com\/wp-content\/uploads\/2020\/04\/word-image-24.png\" alt=\"\" width=\"832\" height=\"286\" \/><figcaption id=\"caption-attachment-105833\" class=\"wp-caption-text\">\u56f37 \u30b0\u30eb\u30fc\u30d7\u306eHoaxcalls\u306eCVE-2020-57232\u306e\u60aa\u7528<\/figcaption><\/figure>\n<figure id=\"attachment_105854\" aria-describedby=\"caption-attachment-105854\" style=\"width: 600px\" class=\"wp-caption aligncenter\"><a href=\"https:\/\/unit42-preview.paloaltonetworks.com\/wp-content\/uploads\/2020\/04\/Figure-11.-Comparison-of-samples\u2019-main.png\" rel=\"wpdevart_lightbox\"><img  class=\"wp-image-105854 lozad\"  data-src=\"https:\/\/unit42-preview.paloaltonetworks.com\/wp-content\/uploads\/2020\/04\/Figure-11.-Comparison-of-samples\u2019-main.png\" alt=\"\" width=\"600\" height=\"320\" \/><\/a><figcaption id=\"caption-attachment-105854\" class=\"wp-caption-text\">\u56f38 \u30b5\u30f3\u30d7\u30eb\u3069\u3046\u3057\u306emain()\u306e\u6bd4\u8f03<\/figcaption><\/figure>\n<h2>\u8106\u5f31\u6027\u306e\u5206\u6790<\/h2>\n<h5>CVE-2020-8155<\/h5>\n<p>\u5b9f\u884c\u53ef\u80fd\u30d5\u30a1\u30a4\u30eb\/www\/cgi-bin\/mainfunction.cgi\u306f\u3001\u8a8d\u8a3c\u51e6\u7406\u4e2d\u3001keyPath\u30d1\u30e9\u30e1\u30fc\u30bf\u3092\u9069\u5207\u306b\u30d5\u30a3\u30eb\u30bf\u30ea\u30f3\u30b0\u3057\u3066\u3044\u307e\u305b\u3093\u3002\u3053\u308c\u306b\u3088\u308a\u3001\u60aa\u7528\u53ef\u80fd\u306a\u30b3\u30de\u30f3\u30c9 \u30a4\u30f3\u30b8\u30a7\u30af\u30b7\u30e7\u30f3\u8106\u5f31\u6027\u304c\u767a\u751f\u3057\u307e\u3059\u3002\u653b\u6483\u8005\u304c\u30da\u30a4\u30ed\u30fc\u30c9\u306b\u300c\uff0527\uff050A\u300d\u306a\u3069\u306e\u7279\u6b8a\u6587\u5b57\u5217\u3092\u30d7\u30ea\u30da\u30f3\u30c9\u3059\u308b\u3053\u3068\u306b\u3088\u308a\u3001\u30c1\u30a7\u30c3\u30af\u3092\u30d0\u30a4\u30d1\u30b9\u3057\u3066\u8a8d\u8a3c\u51e6\u7406\u524d\u306e\u30b3\u30de\u30f3\u30c9\u5b9f\u884c\u304c\u53ef\u80fd\u306b\u306a\u308a\u307e\u3059\u3002\u672c\u8106\u5f31\u6027\u306f\u6628\u5e7412\u6708\u4ee5\u964d\u5b9f\u969b\u306e\u60aa\u7528\u304c<a href=\"https:\/\/blog.netlab.360.com\/two-zero-days-are-targeting-draytek-broadband-cpe-devices-en\/\">\u89b3\u5bdf\u3055\u308c\u3066\u3044\u307e\u3059<\/a>\u3002<\/p>\n<h5>CVE-2020-5722<\/h5>\n<p>\u30b7\u30b9\u30c6\u30e0\u304c\u300cuser_name\u300d\u30d1\u30e9\u30e1\u30fc\u30bf\u3092\u9069\u5207\u306b\u691c\u8a3c\u3057\u3066\u304a\u3089\u305a\u300cForgot Password\u300d(\u30d1\u30b9\u30ef\u30fc\u30c9\u3092\u5fd8\u308c\u305f)\u6a5f\u80fd\u304c\u30d0\u30c3\u30af\u30a8\u30f3\u30c9\u306eSQLite\u30c7\u30fc\u30bf\u30d9\u30fc\u30b9\u306b\u30af\u30a8\u30ea\u3092\u9001\u4fe1\u3057\u3066popen()\u7d4c\u7531\u3067sendMail.py\u3092\u8d77\u52d5\u3059\u308b\u3055\u3044\u306b\u7d50\u679c\u3068\u3057\u3066SQL\u30a4\u30f3\u30b8\u30a7\u30af\u30b7\u30e7\u30f3\u8106\u5f31\u6027\u304c\u767a\u751f\u3057\u307e\u3059\u3002\u653b\u6483\u8005\u304cadmin\u306a\u3069\u306e\u30c7\u30d5\u30a9\u30eb\u30c8 \u30e6\u30fc\u30b6\u30fc\u540d\u306e\u5f8c\u308d\u306b\u7279\u5b9a\u306eSQL\u6587\u5b57\u5217\u3068\u30b7\u30a7\u30eb\u30e1\u30bf\u6587\u5b57\u300c' OR 1=1--;\u300d\u3092\u7d9a\u3051\u308b\u3053\u3068\u3067\u3001\u3053\u306e\u8106\u5f31\u6027\u3092\u60aa\u7528\u3057\u305f\u30b3\u30de\u30f3\u30c9\u5b9f\u884c\u304c\u6210\u529f\u3057\u307e\u3059\u3002\u3053\u3061\u3089\u306e<a href=\"https:\/\/www.tenable.com\/security\/research\/tra-2020-15\">\u30a2\u30c9\u30d0\u30a4\u30b6\u30ea<\/a>\u306b\u3088\u308c\u3070\u3001\u672c\u8106\u5f31\u6027\u306fHTML\u30a4\u30f3\u30b8\u30a7\u30af\u30b7\u30e7\u30f3\u7d4c\u7531\u3067\u3082\u60aa\u7528\u53ef\u80fd\u306a\u3088\u3046\u3067\u3059\u30021\u3064\u76ee\u306e\u30a8\u30af\u30b9\u30d7\u30ed\u30a4\u30c8\u65b9\u6cd5\u306f\u73fe\u6642\u70b9\u3067\u5b9f\u969b\u306e\u653b\u6483\u3078\u306e\u60aa\u7528\u304c\u78ba\u8a8d\u3055\u308c\u3066\u3044\u307e\u3059\u3002<\/p>\n<h2>\u5b9f\u969b\u306b\u884c\u308f\u308c\u3066\u3044\u308b\u30a8\u30af\u30b9\u30d7\u30ed\u30a4\u30c8<\/h2>\n<p>\u5f0a\u793e\u306e\u6b21\u4e16\u4ee3\u30d5\u30a1\u30a4\u30a2\u30a6\u30a9\u30fc\u30eb\u306f\u30012020\u5e743\u670831\u65e513:51 (UTC)\u3001\u65e5\u672c\u6642\u9593\u3067\u540c\u65e522:51\u306bCVE-2020-8155\u3092\u60aa\u7528\u3059\u308b\u6700\u521d\u306e\u30a4\u30f3\u30b7\u30c7\u30f3\u30c8\u3092\u691c\u51fa\u3057\u307e\u3057\u305f\u3002\u3053\u306e\u653b\u6483\u306b\u304f\u308f\u3048\u3001\u30dc\u30c3\u30c8\u304cCVE-2020-5722\u3092\u60aa\u7528\u3057\u3066\u611f\u67d3\u3092\u5e83\u3052\u3088\u3046\u3068\u3057\u305f\u3053\u3068\u3082\u540c\u30d5\u30a1\u30a4\u30a2\u30a6\u30a9\u30fc\u30eb\u304c\u691c\u51fa\u3057\u307e\u3057\u305f\u3002CVE-2020-8155\u306e\u30a8\u30af\u30b9\u30d7\u30ed\u30a4\u30c8\u3067\u3053\u306e\u653b\u6483\u8005\u306f\u30b7\u30a7\u30eb\u30b9\u30af\u30ea\u30d7\u30c8\u3092tmp\u30c7\u30a3\u30ec\u30af\u30c8\u30ea\u306b\u30c0\u30a6\u30f3\u30ed\u30fc\u30c9\u3057\u305f\u3042\u3068\u3001\u305d\u308c\u3092\u5b9f\u884c\u3057\u3088\u3046\u3068\u3057\u3066\u3044\u307e\u3057\u305f\uff08\u56f39\u53c2\u7167\uff09\u3002CVE-2020-5722\u306e\u30a8\u30af\u30b9\u30d7\u30ed\u30a4\u30c8\u3067\u306f\u3001\u30da\u30a4\u30ed\u30fc\u30c9\u306farm7\u30d0\u30a4\u30ca\u30ea\u306e\u307f\u3092\u30c0\u30a6\u30f3\u30ed\u30fc\u30c9\u3057\u3066\u5b9f\u884c\u3057\u3066\u3044\u307e\u3057\u305f\uff08\u56f310\u53c2\u7167\uff09\u3002<\/p>\n<figure id=\"attachment_105839\" class=\"wp-caption aligncenter\" aria-describedby=\"caption-attachment-105839\"><a href=\"https:\/\/unit42-preview.paloaltonetworks.com\/wp-content\/uploads\/2020\/04\/Figure-1.-CVE-2020-8155-exploit-spotted-in-the-wild.png\" rel=\"wpdevart_lightbox\"><img  class=\"wp-image-105839 lozad\"  data-src=\"https:\/\/unit42-preview.paloaltonetworks.com\/wp-content\/uploads\/2020\/04\/Figure-1.-CVE-2020-8155-exploit-spotted-in-the-wild.png\" alt=\"\u56f31 \u5b9f\u969b\u306b\u60aa\u7528\u304c\u78ba\u8a8d\u3055\u308c\u3066\u3044\u308bCVE-2020-8155\u306e\u30a8\u30af\u30b9\u30d7\u30ed\u30a4\u30c8\" width=\"600\" height=\"127\" \/><\/a><figcaption id=\"caption-attachment-105839\" class=\"wp-caption-text\">\u56f39 \u5b9f\u969b\u306b\u60aa\u7528\u304c\u78ba\u8a8d\u3055\u308c\u305fCVE-2020-8155\u306e\u30a8\u30af\u30b9\u30d7\u30ed\u30a4\u30c8<\/figcaption><\/figure>\n<figure id=\"attachment_105842\" class=\"wp-caption aligncenter\" aria-describedby=\"caption-attachment-105842\"><a href=\"https:\/\/unit42-preview.paloaltonetworks.com\/wp-content\/uploads\/2020\/04\/Figure-2.-CVE-2020-5722-exploit-spotted-in-the-wild.png\" rel=\"wpdevart_lightbox\"><img  class=\"wp-image-105842 lozad\"  data-src=\"https:\/\/unit42-preview.paloaltonetworks.com\/wp-content\/uploads\/2020\/04\/Figure-2.-CVE-2020-5722-exploit-spotted-in-the-wild.png\" alt=\"\" width=\"600\" height=\"65\" \/><\/a><figcaption id=\"caption-attachment-105842\" class=\"wp-caption-text\">\u56f310 \u5b9f\u969b\u306b\u60aa\u7528\u304c\u78ba\u8a8d\u3055\u308c\u305fCVE-2020-5722\u306e\u30a8\u30af\u30b9\u30d7\u30ed\u30a4\u30c8<\/figcaption><\/figure>\n<p>\u4ee5\u4e0b\u306e\u56f3\u306f\u30c0\u30a6\u30f3\u30ed\u30fc\u30c9\u3057\u305f\u30b7\u30a7\u30eb\u30b9\u30af\u30ea\u30d7\u30c8sh\u306e\u5185\u5bb9\u3067\u3059\u3002\u5b9f\u884c\u3055\u308c\u305fsh\u30b9\u30af\u30ea\u30d7\u30c8\u306f\u3001\u3055\u307e\u3056\u307e\u306a\u30a2\u30fc\u30ad\u30c6\u30af\u30c1\u30e3\u306eDDoS\u30dc\u30c3\u30c8\u3092\u30c0\u30a6\u30f3\u30ed\u30fc\u30c9\u3057\u3066\u305d\u306e\u30d0\u30a4\u30ca\u30ea\u3092\u5b9f\u884c\u3057\u307e\u3059\u3002\u767a\u898b\u6642\u70b9\u3067VirusTotal\u306b\u63d0\u4f9b\u3055\u308c\u3066\u3044\u305f\u30de\u30eb\u30a6\u30a7\u30a2\u306f\u3042\u308a\u307e\u305b\u3093\u3067\u3057\u305f\u304c\u3001\u305d\u306e\u591a\u304f\u306f\u307b\u3069\u306a\u304f\u540c\u30b5\u30a4\u30c8\u306b\u30a2\u30c3\u30d7\u30ed\u30fc\u30c9\u3055\u308c\u307e\u3057\u305f\u3002\u672c\u7a3f\u57f7\u7b46\u6642\u70b9\u3067\u3082\u691c\u51fa\u3055\u308c\u308b\u653b\u6483\u30c8\u30e9\u30d5\u30a3\u30c3\u30af\u6570\u304c\u975e\u5e38\u306b\u5897\u3048\u3066\u3044\u308b\u3053\u3068\u304b\u3089\u3001\u3059\u3067\u306b\u591a\u304f\u306e\u30c7\u30d0\u30a4\u30b9\u304c\u611f\u67d3\u3057\u3066\u3044\u308b\u53ef\u80fd\u6027\u304c\u3042\u308a\u307e\u3059\u3002<\/p>\n<figure id=\"attachment_105819\" class=\"wp-caption aligncenter\" aria-describedby=\"caption-attachment-105819\"><img  class=\"wp-image-105819 lozad\"  data-src=\"https:\/\/unit42-preview.paloaltonetworks.com\/wp-content\/uploads\/2020\/04\/word-image-17.png\" alt=\"\u30dc\u30c3\u30c8\u3092\u30c0\u30a6\u30f3\u30ed\u30fc\u30c9\u3057\u3066\u958b\u59cb\u3059\u308bHoaxcalls\u306e\u30b5\u30f3\u30d7\u30eb\" width=\"600\" height=\"309\" \/><figcaption id=\"caption-attachment-105819\" class=\"wp-caption-text\">\u56f311 \u30dc\u30c3\u30c8\u3092\u30c0\u30a6\u30f3\u30ed\u30fc\u30c9\u3057\u3066\u8d77\u52d5\u3059\u308b\u30b7\u30a7\u30eb\u30b9\u30af\u30ea\u30d7\u30c8<\/figcaption><\/figure>\n<h2>\u7d50\u8ad6 \/ \u7de9\u548c\u7b56<\/h2>\n<p>Hoaxcalls\u306f\u65b0\u3057\u3044DDOS\u30dc\u30c3\u30c8\u30cd\u30c3\u30c8\u3067\u3001\u30b0\u30ed\u30fc\u30d0\u30eb\u3067\u5bfe\u8c61\u3068\u306a\u308b\u53f0\u6570\u306e\u591a\u30442\u3064\u306e\u8106\u5f31\u6027\u3092\u6d3b\u767a\u306b\u60aa\u7528\u3057\u3066\u3044\u307e\u3059\u3002\u4ed6\u306e<a href=\"https:\/\/blog.netlab.360.com\/two-zero-days-are-targeting-draytek-broadband-cpe-devices-en\/\">\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u7814\u7a76\u6a5f\u95a2<\/a>\u306e\u5831\u544a\u306b\u3088\u308c\u3070\u3001\u540c\u3058\u8106\u5f31\u6027\u304c\u5f8c\u306b\u7d9a\u304f\u653b\u6483\u3067\u3082\u7a4d\u6975\u7684\u306b\u60aa\u7528\u3055\u308c\u3066\u3044\u308b\u3088\u3046\u3067\u3059\u3002\u6b8b\u5ff5\u306a\u304c\u3089\u3053\u308c\u3089\u306f\u60aa\u7528\u304c\u304d\u308f\u3081\u3066\u5bb9\u6613\u306a\u306e\u3067\u3001\u30ea\u30e2\u30fc\u30c8\u30b3\u30fc\u30c9\u5b9f\u884c\u306b\u3064\u306a\u304c\u308a\u307e\u3059\u3002\u3067\u3059\u304b\u3089\u3067\u304d\u308b\u3060\u3051\u65e9\u304f\u30d1\u30c3\u30c1\u3092\u9069\u7528\u3059\u308b\u3053\u3068\u3092\u304a\u52e7\u3081\u3057\u307e\u3059\u3002<\/p>\n<p>\u30d1\u30ed\u30a2\u30eb\u30c8\u30cd\u30c3\u30c8\u30ef\u30fc\u30af\u30b9\u88fd\u54c1\u3092\u3054\u5229\u7528\u4e2d\u306e\u304a\u5ba2\u69d8\u306f\u3001\u6b21\u306e\u88fd\u54c1\u3068\u30b5\u30fc\u30d3\u30b9\u306b\u3088\u3063\u3066\u3053\u308c\u3089\u306e\u8106\u5f31\u6027\u304b\u3089\u4fdd\u8b77\u3055\u308c\u3066\u3044\u307e\u3059\u3002<\/p>\n<ul>\n<li>\u30d9\u30b9\u30c8\u30d7\u30e9\u30af\u30c6\u30a3\u30b9\u9075\u5b88\u3068Threat Prevention\u30e9\u30a4\u30bb\u30f3\u30b9\u3092\u6709\u52b9\u306b\u3057\u305f\u6b21\u4e16\u4ee3\u30d5\u30a1\u30a4\u30a2\u30a6\u30a9\u30fc\u30eb\u306e\u8105\u5a01\u9632\u6b62\u30b7\u30b0\u30cd\u30c1\u30e357897\u00a0\u304a\u3088\u3073\u00a057892\u306b\u3088\u308a\u653b\u6483\u306f\u30d6\u30ed\u30c3\u30af\u3055\u308c\u307e\u3059\u3002<\/li>\n<li>WildFire\u306f\u9759\u7684\u30b7\u30b0\u30cd\u30c1\u30e3\u691c\u51fa\u306b\u3088\u308a\u540c\u30de\u30eb\u30a6\u30a7\u30a2\u3092\u963b\u6b62\u3057\u307e\u3059\u3002<\/li>\n<li>PAN-DB\u304c\u653b\u6483\u8005\u306e\u30de\u30eb\u30a6\u30a7\u30a2\u306e\u30c9\u30e1\u30a4\u30f3\u3092\u906e\u65ad\u3057\u307e\u3059\u3002<\/li>\n<\/ul>\n<h3>IoC<\/h3>\n<h4>\u30d5\u30a1\u30a4\u30eb\uff08Sha256\u5024\uff09<\/h4>\n<h5>\u30b0\u30eb\u30fc\u30d71:<\/h5>\n<ul>\n<li>762ba1a2f7d62b8fc206ffb1bf39e89db651a1abb584402f9939d91a5b7899d3 arm4<\/li>\n<li>ae447f9cad4f4909c576c577a94aa3d38be7b9636c9b7fb04a181caca42ea92b arm5<\/li>\n<li>8777e47ab84fb681379b2253735aa1490d69e94201d57f06334c9ddfb1063637 arm6<\/li>\n<li>695a0b2ef0d46027d2f106c060dade52b34e3bb7342a8eae906c7d2b15a99fc3 arm7<\/li>\n<li>53aaee7d0de64b71ea0c61ec62b4fb509850f915b574b2560e98692057d32a1c i486<\/li>\n<li>df5ba0630a0fe701afccc129be7e9612cb4016dcc70273b748dad66dc152b6e9 i586<\/li>\n<li>e2dc3e0956a818fb22a77c50d9cfe91b7639c727db8a6838efd368ba277664b1 i686<\/li>\n<li>f4cf6a033aac287ff0b5171ce6f64836691b822f76705b04445f52f643da8c10 m68k<\/li>\n<li>72492605815c59579170adef1519231a5e3f17ada26428d20bd7948041c812a3 mips<\/li>\n<li>9a62763da3dc8c1de87b50271a7b446e753016f72f5631e1c6eb17ff5425e7ab mips64<\/li>\n<li>b7b94fac1067217914d99f2d98b34c310a6c53eb36d3a430eea5df8217c4d1f8 mpsl<\/li>\n<li>41ef0133acaca395ea957e796dc1b939b9825b1414541c616b8ca8bdfadb8d16 ppc<\/li>\n<li>c3ea39b0cc786dcda73821f60b42d84c9557e9e590d7f3b4a328eb7a6e6559f4 ppc440<\/li>\n<li>19270639537a2241861eae2bbf4b4095fc6e1915e4dee476d2e4f277992733fd sh<\/li>\n<li>82bb86e2041f4e37187ceb93bcbc48bd8311274ef33a166c6a8e0e9ffe33b585 sh4<\/li>\n<li>b32dcd47377b781c17a6ae7c88d4e1a4294d539ba8f452d980b78a9611d1cb6f spc<\/li>\n<li>aa69b3ac7b55fff5dde4491e4153954b31c36d528fdb390495b9bd7bc1a0c77b x86<\/li>\n<\/ul>\n<h5>\u30b0\u30eb\u30fc\u30d72:<\/h5>\n<ul>\n<li>f31c7e7be06d8d6ec13337c76ca86b3692b3f5d7632e20b725d3542b3e316e62 arm4<\/li>\n<li>e31d945930048f0c06a84942212e5a14b75cee7538fbf0c9c0e1759546c7f6b9 arm5<\/li>\n<li>ded7ce9588d47885fc6a9a360e1d3561478d4be71d0971aaf76995621eb94db3 arm6<\/li>\n<li>0820eba0c16325b9cd24c54d6655f6d9aeb2e28b4fc82d6da598b71139aceb5e arm7<\/li>\n<li>df4e8168357559280db011eaf88088a8493b6e20df4ace06069b93c6d28af3ee i486<\/li>\n<li>931b1e85e19b138a4a3bf3890749b8884a5ff4a6b34c1df3b9083d7f304e5694 i586<\/li>\n<li>06d019d1266bb345fc85df991b419474026d3e21a8b8a1328bad77fbfeb8cb00 m68k<\/li>\n<li>6be47cf2f418d9729cdb1eb03885ab14e07a5955e63b06062fec97b567f959de mips<\/li>\n<li>3c66db7df3f84633dbe6ed7b84911d7202c53968b88861f2463a152c839e89bf mips64<\/li>\n<li>8a77f9843174a53a5909554589177ce7e32d6a36a6c6ef868e4c118f98069641 mpsl<\/li>\n<li>7a5d8752049afdc8060d6a27407dcddfd9d7642c14600f586767c67afe0ef64b ppc<\/li>\n<li>c0df164ac0af7cca5cb02e66d181bc80ed9d58cec038b82ed170ebb75b78645f ppc440<\/li>\n<li>72d6846b9e004662cd7f2d10fdc66d02ca9b5eb545582529a935f6ff5cd2a9e7 sh4<\/li>\n<li>02eb5d0d8ddbd68ff459b3bb388484b841ac23cb9604b9a9e503f9dcf9c49186 spc<\/li>\n<li>27fc18936f445fc0d2ede1d6fb301594d352d86268b4b1590dad535c7051c5ef x86<\/li>\n<\/ul>\n<h5>\u30b0\u30eb\u30fc\u30d73:<\/h5>\n<ul>\n<li>f62819deb8fe2a96fa34137f6eb1d5e2e0a8e52594f9a51e78f4a2c13f5a7b96 arm4<\/li>\n<li>c0a958ea24c585d1bc99b562835e95f7d2c4a57674085df668dbbf7baa2b9fe8 arm5<\/li>\n<li>b6619dbeb420f4ee824115987c116540604356b115641d1f3c740846689b6a7b arm6<\/li>\n<li>65100dbe19870b6be1b398c6185b25d3a502dfb2b5166ba0d1a938b607ea1880 arm7<\/li>\n<li>527bd14dfec20820e84c64b0f0924ae1272d9d3920b38c998a131a21e53a5789 i486<\/li>\n<li>a27c04ce5769953e860ed473641c1a562293d01b75230bbcb803d66df4512daf i586<\/li>\n<li>3ffc07cb1c7c08a5b43e4acfefbab9cb45df88bc9bd8dc2bcb489d350e18c8a1 i686<\/li>\n<li>59f71ff3d2df1f8c3f12e2844b78545de1fdfdabc1d80a7221ad75b24af986e2 m68k<\/li>\n<li>9fe8885439dec03cc0056324b5e2910d363ea139e7167bc9257c2cf7a9e1ba33 mips<\/li>\n<li>0a210410ef5f5cb85b2aa0e0530cb7763f354850f25cd9763b1154126f92c699 mips64<\/li>\n<li>ef7b2e41bf4cbb4d99ca37f028ccae3f47a2b8e21b6fd46f15fe34d3bcf1395a mpsl<\/li>\n<li>20d1e4ee888c2af8ee9b169f6c32290f3c378aa616519e374c7b15b6f7e4e3cf ppc<\/li>\n<li>eb225d38828ae996463586554ddc2d30507e9e472667ae92a61ccb13c39a42f4 ppc440<\/li>\n<li>73bbf4b38904cc17b5267064dda940a080965aa55a1a9d93dd36d21720ea91dc sh<\/li>\n<li>388acd6a1a2ce446247f88b2370fda71092bbc28f7af3cbd759d6f97b9ab26fd sh4<\/li>\n<li>5dbf6618d2d5e54d209f2befd4873c1c361893e822ca614cca9bad18aca75e01 spc<\/li>\n<li>54df5531d1fdd8bb4f1d499ccbe055506a840860fcc08bf4d31bcc8a02296113 x86<\/li>\n<\/ul>\n<h5>\u3053\u308c\u3089\u3068\u540c\u30582\u7a2e\u985e\u306e\u30a8\u30af\u30b9\u30d7\u30ed\u30a4\u30c8\u3092\u4f7f\u3046\u307b\u304b\u306e\u30b5\u30f3\u30d7\u30eb:<\/h5>\n<ul>\n<li>02eb5d0d8ddbd68ff459b3bb388484b841ac23cb9604b9a9e503f9dcf9c49186<\/li>\n<li>06d019d1266bb345fc85df991b419474026d3e21a8b8a1328bad77fbfeb8cb00<\/li>\n<li>07b71cd9093e22fd89e2e0ce9c4a67f93675bb227724b4f7542ab66c67097d45<\/li>\n<li>0820eba0c16325b9cd24c54d6655f6d9aeb2e28b4fc82d6da598b71139aceb5e<\/li>\n<li>0a1951d5488b70e5f9c504c8134adfff5cbd52c5bee87b41a69ba46c978751aa<\/li>\n<li>0de057cd8075a7a95dc7ce18632c2a342d69fa26700c52ccc256dc0bf37198c7<\/li>\n<li>0deb223ebb948619f0f6de334c2f7e0390547e0f905d54556c29605b3d6b8a26<\/li>\n<li>19409cb3169c3bfad4e65a1c4d18df855c87eff63683bd2b93aa36dee746cef8<\/li>\n<li>256db410dcc76f2ada308a20a6cfa489a26a5b7aac44ed122d12ac66c8070c7f<\/li>\n<li>27fc18936f445fc0d2ede1d6fb301594d352d86268b4b1590dad535c7051c5ef<\/li>\n<li>293d534fca05c2383849d50eb77a4e61c0b30b91f02dc9dd89fb7bf826eb83e5<\/li>\n<li>2cac4daa388fbacc05ae0f99e9c146c18e70e89ab95b6ae649abddca9f801267<\/li>\n<li>302af2e17c4ecdc468ab59b8f86d5b3adb824406685027d297f63bd7a7c80685<\/li>\n<li>323fb07dfd54a485665468d97a94dcdbdb4c469c5a1a7af9e15f83a7d667f4ea<\/li>\n<li>34322b2641c5dba9e044d3acd855da3943fc456dc9be05cc402f1ab730d97321<\/li>\n<li>3a2138786d012af66ac49e4ae3de97efb852006ecdd356da40a5c98d1cfbd872<\/li>\n<li>3b9d527d7e67465d78b14e4a628e68903de01127e7409afce61d4ca7ba0dfbbf<\/li>\n<li>3c66db7df3f84633dbe6ed7b84911d7202c53968b88861f2463a152c839e89bf<\/li>\n<li>3d96d12f434173e0c5691f26c980b1157dd84f77df98de61f2f214fbb34c0a84<\/li>\n<li>41ef0133acaca395ea957e796dc1b939b9825b1414541c616b8ca8bdfadb8d16<\/li>\n<li>41f98a985173d4f92f97f7b6d679b3078b0288caafcbf3033209b9e08aacd721<\/li>\n<li>488821f7809673e380e50a8eec24db5bb00b4cfe9176ec85bdf8b17eca13ebcf<\/li>\n<li>48a595e19720dcd6a57aa8647422a21a4680a3642e4bee8975a5f17da71b6994<\/li>\n<li>49344ceb14a65041a09530d5d21498c0efb7c52acb8b0f06b6983922e4edfe41<\/li>\n<li>50cff66f9e2a20f78d7e76c8db316c6e9bd09c019f80ac91c9e3016d26abfeb4<\/li>\n<li>51138ebb4e773e822ceace1b571d4a72269ada92d6ddec8639ba1d558ffa7d35<\/li>\n<li>523cfd05d0b10607bccf1a76bc9dc208a267be18dc274653a2300fb73d805e3b<\/li>\n<li>53aaee7d0de64b71ea0c61ec62b4fb509850f915b574b2560e98692057d32a1c<\/li>\n<li>5d9e24cdd842e6f8439c86b533c842ab41c4ddb6909301b52cda9430f7bb86a7<\/li>\n<li>6330b698bca0fcfbf2883c597454dcec7ade3a5bf6d25f5770e4f37100e17bde<\/li>\n<li>66e65a7273221bed3a7bd34d01ba87182e4940cf8d61ce6a440cfb4a88496855<\/li>\n<li>695a0b2ef0d46027d2f106c060dade52b34e3bb7342a8eae906c7d2b15a99fc3<\/li>\n<li>6be47cf2f418d9729cdb1eb03885ab14e07a5955e63b06062fec97b567f959de<\/li>\n<li>72492605815c59579170adef1519231a5e3f17ada26428d20bd7948041c812a3<\/li>\n<li>72d6846b9e004662cd7f2d10fdc66d02ca9b5eb545582529a935f6ff5cd2a9e7<\/li>\n<li>762ba1a2f7d62b8fc206ffb1bf39e89db651a1abb584402f9939d91a5b7899d3<\/li>\n<li>77d3d79c2c53b88b557f1aad6bae6f9d6ec92c1b1c043a95894620bbbbfce4be<\/li>\n<li>79f59593d4a1a669bf8e2ef8749eb556303fbcaed032c67a52b03b696fe2f8de<\/li>\n<li>7a5d8752049afdc8060d6a27407dcddfd9d7642c14600f586767c67afe0ef64b<\/li>\n<li>7dc6eea0dd325291a06c7769b268fca01bb3d89f0e86ba4c4633bc17751a383f<\/li>\n<li>822dd6afb32059b6235ad56f931457bf82b824c977f47abc446102fe7c0647b3<\/li>\n<li>82bb86e2041f4e37187ceb93bcbc48bd8311274ef33a166c6a8e0e9ffe33b585<\/li>\n<li>837cf1d050c89e28d0a847307641c2ad9ffc94d31f692dbdf496982e951e0fdf<\/li>\n<li>84492d0457a2a1f57afd965c64c40ee63fcb3054754bdfae5046c0b940750582<\/li>\n<li>8777e47ab84fb681379b2253735aa1490d69e94201d57f06334c9ddfb1063637<\/li>\n<li>8a77f9843174a53a5909554589177ce7e32d6a36a6c6ef868e4c118f98069641<\/li>\n<li>8f5543556ed0929a755b512d58fc97643d4f3685b7b01f6e18c291e35ceb54cf<\/li>\n<li>931b1e85e19b138a4a3bf3890749b8884a5ff4a6b34c1df3b9083d7f304e5694<\/li>\n<li>97694a5bf3585ef6d1a4cb8841872fedc557bd19ee159015a74bf964fa73dde0<\/li>\n<li>97b13f8e073bf88557cf4263f5dabded8e9979e0f1aadae449241655ed0d8499<\/li>\n<li>992b72da60cc4f1756b0a6342e5e71979f54ef6eba22c4faf7106e894ca062cd<\/li>\n<li>9a62763da3dc8c1de87b50271a7b446e753016f72f5631e1c6eb17ff5425e7ab<\/li>\n<li>9e4bf806a3f6986a981fd2fb8a14f99008fda1fd38738316d12d2a742096b6e9<\/li>\n<li>aa69b3ac7b55fff5dde4491e4153954b31c36d528fdb390495b9bd7bc1a0c77b<\/li>\n<li>ae447f9cad4f4909c576c577a94aa3d38be7b9636c9b7fb04a181caca42ea92b<\/li>\n<li>ae692f3134e0fddbdf0cc41e176ede7d2a525fa8155b7b4724956ba2d51d7589<\/li>\n<li>aef1d674b7b21e3210dba61028083a6537406922b87730b9494f3a3f75eb07a3<\/li>\n<li>b32dcd47377b781c17a6ae7c88d4e1a4294d539ba8f452d980b78a9611d1cb6f<\/li>\n<li>b3afdfdd65e8d21e5a6d35969c9d315ee6f937364adaabebb5913e642d6feede<\/li>\n<li>b7b94fac1067217914d99f2d98b34c310a6c53eb36d3a430eea5df8217c4d1f8<\/li>\n<li>b8fefd64070ae89ac7d6e9f1423bcf14785d7c5ff2d7417451264710f30b54cc<\/li>\n<li>c0df164ac0af7cca5cb02e66d181bc80ed9d58cec038b82ed170ebb75b78645f<\/li>\n<li>c3ea39b0cc786dcda73821f60b42d84c9557e9e590d7f3b4a328eb7a6e6559f4<\/li>\n<li>cf0ec3f0ee8f7d538e3fa2d678d90fea26907ccf56a9dd77a7056d57b0c63bdb<\/li>\n<li>d183596356b00d86bd6a3b647b170978e47d39a3e8cb33d6e30fbb8af111e314<\/li>\n<li>d48b0c35cc931dd84664824a14b1675978b40bcaeee8aab2b06eaa0a7b41d8f3<\/li>\n<li>ded7ce9588d47885fc6a9a360e1d3561478d4be71d0971aaf76995621eb94db3<\/li>\n<li>df4e8168357559280db011eaf88088a8493b6e20df4ace06069b93c6d28af3ee<\/li>\n<li>df5ba0630a0fe701afccc129be7e9612cb4016dcc70273b748dad66dc152b6e9<\/li>\n<li>e07fe92781177ca0baf00bd456e9dabe6496ae86df1db2bd5ff5e2dcbbbee158<\/li>\n<li>e11ca4bde56d2c7711a777421b445a53601516142dc949f97477f0c1458bff1e<\/li>\n<li>e2dc3e0956a818fb22a77c50d9cfe91b7639c727db8a6838efd368ba277664b1<\/li>\n<li>e31d945930048f0c06a84942212e5a14b75cee7538fbf0c9c0e1759546c7f6b9<\/li>\n<li>e32106c161081bcea765017657215c5f97f837dc68aa51ff0f24ce9fefaac7e3<\/li>\n<li>e54d1842519820f02ab8e1560f666f112d636de74c11729b41739dfb316fa3a5<\/li>\n<li>e9bd90e5807af36bc2cca9769188a39050aa7ae6c193e67c588a73a555149f71<\/li>\n<li>eab4b5a1f32cbd0840adb19e8f189019fbf9b20508883a15d3bdecd90bffad28<\/li>\n<li>f21a9dc8f9c16a942e9c18729813bd3fb9f6e1408df68731160d7fe506f29bc6<\/li>\n<li>f31c7e7be06d8d6ec13337c76ca86b3692b3f5d7632e20b725d3542b3e316e62<\/li>\n<li>f4cf6a033aac287ff0b5171ce6f64836691b822f76705b04445f52f643da8c10<\/li>\n<\/ul>\n<h4>\u30cd\u30c3\u30c8\u30ef\u30fc\u30af<\/h4>\n<ul>\n<li>178[.]32[.]148[.]5:1337 (Command and Control)<\/li>\n<li>18[.]185[.]109[.]135:1337 (Command and Control)<\/li>\n<li>192[.]3[.]45[.]185 (Malware Hosting Server)<\/li>\n<li>164[.]132[.]92[.]180(Malware Hosting Server)<\/li>\n<li>irc[.]hoaxcalls[.]pw (Malware Hosting Server)<\/li>\n<\/ul>\n<\/div>\n","protected":false},"excerpt":{"rendered":"<p>\u6982\u8981 3\u6708\u306bCVE-2020-8515 \u306e\u6982\u5ff5\u5b9f\u8a3c\uff08PoC\uff09\u30b3\u30fc\u30c9\u304c\u4e00\u822c\u516c\u958b\u3055\u308c\u305f\u3068\u305f\u3093\u3001\u540c\u8106\u5f31\u6027\u306f\u65b0\u305f\u306aDDoS\u30dc\u30c3\u30c8\u30cd\u30c3\u30c8\u306e\u62e1\u5927\u306e\u305f\u3081\u306b\u60aa\u7528\u3055\u308c\u306f\u3058\u3081\u307e\u3057\u305f\u3002\u3055\u3089\u306b\u5206\u6790\u3057\u305f\u7d50\u679c\u3001\u540c\u30de\u30eb\u30a6\u30a7\u30a2\u306f\u8106\u5f31\u6027CVE-2020-<\/p>\n","protected":false},"author":312,"featured_media":134420,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"inline_featured_image":false,"footnotes":""},"categories":[4469,4428,4470],"tags":[6345,6346,5769,6323],"product_categories":[4340,4444,4456],"coauthors":[1359,2070,836,887],"class_list":["post-105906","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-vulnerabilities","category-threat-research-ja","category-vulnerabilities-ja","tag-cve-2020-5722-ja","tag-cve-2020-8515","tag-ddos-ja","tag-gafgyt-ja","product_categories-advanced-wildfire","product_categories-advanced-wildfire-ja","product_categories-next-generation-firewall-ja"],"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v27.0 (Yoast SEO v27.0) - https:\/\/yoast.com\/product\/yoast-seo-premium-wordpress\/ -->\n<title>Grandstream\u304a\u3088\u3073DrayTek\u30c7\u30d0\u30a4\u30b9\u306e\u30a8\u30af\u30b9\u30d7\u30ed\u30a4\u30c8\u3067\u62e1\u5927\u3059\u308b\u65b0\u305f\u306aHoaxcalls DDoS\u30dc\u30c3\u30c8\u30cd\u30c3\u30c8<\/title>\n<meta name=\"description\" content=\"Grandstream\u304a\u3088\u3073DrayTek\u30c7\u30d0\u30a4\u30b9\u306e\u30a8\u30af\u30b9\u30d7\u30ed\u30a4\u30c8CVE-2020-8515\u3001CVE-2020-5722\u3092\u60aa\u7528\u3057\u3066\u62e1\u5927\u3059\u308b\u65b0\u305f\u306aHoaxcalls DDoS\u30dc\u30c3\u30c8\u30cd\u30c3\u30c8\u306b\u3064\u3044\u3066\u89e3\u8aac\u3057\u307e\u3059\u3002\u4e21\u8106\u5f31\u6027\u306f\u60aa\u7528\u304c\u975e\u5e38\u306b\u5bb9\u6613\u3067\u3001\u89b3\u6e2c\u3055\u308c\u308b\u5b9f\u969b\u306e\u653b\u6483\u6570\u3082\u5897\u52a0\u3057\u3066\u3044\u307e\u3059\u3002\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/unit42.paloaltonetworks.com\/ja\/new-hoaxcalls-ddos-botnet\/\" \/>\n<meta property=\"og:locale\" content=\"ja_JP\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Grandstream\u304a\u3088\u3073DrayTek\u30c7\u30d0\u30a4\u30b9\u306e\u30a8\u30af\u30b9\u30d7\u30ed\u30a4\u30c8\u3067\u62e1\u5927\u3059\u308b\u65b0\u305f\u306aHoaxcalls DDoS\u30dc\u30c3\u30c8\u30cd\u30c3\u30c8\" \/>\n<meta property=\"og:description\" content=\"Grandstream\u304a\u3088\u3073DrayTek\u30c7\u30d0\u30a4\u30b9\u306e\u30a8\u30af\u30b9\u30d7\u30ed\u30a4\u30c8CVE-2020-8515\u3001CVE-2020-5722\u3092\u60aa\u7528\u3057\u3066\u62e1\u5927\u3059\u308b\u65b0\u305f\u306aHoaxcalls DDoS\u30dc\u30c3\u30c8\u30cd\u30c3\u30c8\u306b\u3064\u3044\u3066\u89e3\u8aac\u3057\u307e\u3059\u3002\u4e21\u8106\u5f31\u6027\u306f\u60aa\u7528\u304c\u975e\u5e38\u306b\u5bb9\u6613\u3067\u3001\u89b3\u6e2c\u3055\u308c\u308b\u5b9f\u969b\u306e\u653b\u6483\u6570\u3082\u5897\u52a0\u3057\u3066\u3044\u307e\u3059\u3002\" \/>\n<meta property=\"og:url\" content=\"https:\/\/unit42.paloaltonetworks.com\/ja\/new-hoaxcalls-ddos-botnet\/\" \/>\n<meta property=\"og:site_name\" content=\"Unit 42\" \/>\n<meta property=\"article:published_time\" content=\"2020-04-06T06:54:31+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/unit42.paloaltonetworks.com\/wp-content\/uploads\/2024\/06\/07_Vulnerabilities_1920x900.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"1920\" \/>\n\t<meta property=\"og:image:height\" content=\"900\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Ken Hsu, Haozhe Zhang, Zhibin Zhang, Ruchna Nigam\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"Grandstream\u304a\u3088\u3073DrayTek\u30c7\u30d0\u30a4\u30b9\u306e\u30a8\u30af\u30b9\u30d7\u30ed\u30a4\u30c8\u3067\u62e1\u5927\u3059\u308b\u65b0\u305f\u306aHoaxcalls DDoS\u30dc\u30c3\u30c8\u30cd\u30c3\u30c8","description":"Grandstream\u304a\u3088\u3073DrayTek\u30c7\u30d0\u30a4\u30b9\u306e\u30a8\u30af\u30b9\u30d7\u30ed\u30a4\u30c8CVE-2020-8515\u3001CVE-2020-5722\u3092\u60aa\u7528\u3057\u3066\u62e1\u5927\u3059\u308b\u65b0\u305f\u306aHoaxcalls DDoS\u30dc\u30c3\u30c8\u30cd\u30c3\u30c8\u306b\u3064\u3044\u3066\u89e3\u8aac\u3057\u307e\u3059\u3002\u4e21\u8106\u5f31\u6027\u306f\u60aa\u7528\u304c\u975e\u5e38\u306b\u5bb9\u6613\u3067\u3001\u89b3\u6e2c\u3055\u308c\u308b\u5b9f\u969b\u306e\u653b\u6483\u6570\u3082\u5897\u52a0\u3057\u3066\u3044\u307e\u3059\u3002","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/unit42.paloaltonetworks.com\/ja\/new-hoaxcalls-ddos-botnet\/","og_locale":"ja_JP","og_type":"article","og_title":"Grandstream\u304a\u3088\u3073DrayTek\u30c7\u30d0\u30a4\u30b9\u306e\u30a8\u30af\u30b9\u30d7\u30ed\u30a4\u30c8\u3067\u62e1\u5927\u3059\u308b\u65b0\u305f\u306aHoaxcalls DDoS\u30dc\u30c3\u30c8\u30cd\u30c3\u30c8","og_description":"Grandstream\u304a\u3088\u3073DrayTek\u30c7\u30d0\u30a4\u30b9\u306e\u30a8\u30af\u30b9\u30d7\u30ed\u30a4\u30c8CVE-2020-8515\u3001CVE-2020-5722\u3092\u60aa\u7528\u3057\u3066\u62e1\u5927\u3059\u308b\u65b0\u305f\u306aHoaxcalls DDoS\u30dc\u30c3\u30c8\u30cd\u30c3\u30c8\u306b\u3064\u3044\u3066\u89e3\u8aac\u3057\u307e\u3059\u3002\u4e21\u8106\u5f31\u6027\u306f\u60aa\u7528\u304c\u975e\u5e38\u306b\u5bb9\u6613\u3067\u3001\u89b3\u6e2c\u3055\u308c\u308b\u5b9f\u969b\u306e\u653b\u6483\u6570\u3082\u5897\u52a0\u3057\u3066\u3044\u307e\u3059\u3002","og_url":"https:\/\/unit42.paloaltonetworks.com\/ja\/new-hoaxcalls-ddos-botnet\/","og_site_name":"Unit 42","article_published_time":"2020-04-06T06:54:31+00:00","og_image":[{"width":1920,"height":900,"url":"https:\/\/unit42.paloaltonetworks.com\/wp-content\/uploads\/2024\/06\/07_Vulnerabilities_1920x900.jpg","type":"image\/jpeg"}],"author":"Ken Hsu, Haozhe Zhang, Zhibin Zhang, Ruchna Nigam","twitter_card":"summary_large_image","schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/unit42.paloaltonetworks.com\/ja\/new-hoaxcalls-ddos-botnet\/#article","isPartOf":{"@id":"https:\/\/unit42.paloaltonetworks.com\/ja\/new-hoaxcalls-ddos-botnet\/"},"author":{"name":"Ken Hsu","@id":"https:\/\/unit42.paloaltonetworks.com\/#\/schema\/person\/80e3bba67119ddeae5571b8ff795eec6"},"headline":"Grandstream\u304a\u3088\u3073DrayTek\u30c7\u30d0\u30a4\u30b9\u306e\u30a8\u30af\u30b9\u30d7\u30ed\u30a4\u30c8\u3067\u62e1\u5927\u3059\u308b\u65b0\u305f\u306aHoaxcalls DDoS\u30dc\u30c3\u30c8\u30cd\u30c3\u30c8","datePublished":"2020-04-06T06:54:31+00:00","mainEntityOfPage":{"@id":"https:\/\/unit42.paloaltonetworks.com\/ja\/new-hoaxcalls-ddos-botnet\/"},"wordCount":2366,"commentCount":0,"image":{"@id":"https:\/\/unit42.paloaltonetworks.com\/ja\/new-hoaxcalls-ddos-botnet\/#primaryimage"},"thumbnailUrl":"https:\/\/origin-unit42.paloaltonetworks.com\/wp-content\/uploads\/2024\/06\/07_Vulnerabilities_1920x900.jpg","keywords":["CVE-2020-5722","CVE-2020-8515","DDoS","Gafgyt"],"articleSection":["Vulnerabilities","\u8105\u5a01\u30ea\u30b5\u30fc\u30c1","\u8106\u5f31\u6027"],"inLanguage":"ja","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/unit42.paloaltonetworks.com\/ja\/new-hoaxcalls-ddos-botnet\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/unit42.paloaltonetworks.com\/ja\/new-hoaxcalls-ddos-botnet\/","url":"https:\/\/unit42.paloaltonetworks.com\/ja\/new-hoaxcalls-ddos-botnet\/","name":"Grandstream\u304a\u3088\u3073DrayTek\u30c7\u30d0\u30a4\u30b9\u306e\u30a8\u30af\u30b9\u30d7\u30ed\u30a4\u30c8\u3067\u62e1\u5927\u3059\u308b\u65b0\u305f\u306aHoaxcalls DDoS\u30dc\u30c3\u30c8\u30cd\u30c3\u30c8","isPartOf":{"@id":"https:\/\/unit42.paloaltonetworks.com\/#website"},"primaryImageOfPage":{"@id":"https:\/\/unit42.paloaltonetworks.com\/ja\/new-hoaxcalls-ddos-botnet\/#primaryimage"},"image":{"@id":"https:\/\/unit42.paloaltonetworks.com\/ja\/new-hoaxcalls-ddos-botnet\/#primaryimage"},"thumbnailUrl":"https:\/\/origin-unit42.paloaltonetworks.com\/wp-content\/uploads\/2024\/06\/07_Vulnerabilities_1920x900.jpg","datePublished":"2020-04-06T06:54:31+00:00","author":{"@id":"https:\/\/unit42.paloaltonetworks.com\/#\/schema\/person\/80e3bba67119ddeae5571b8ff795eec6"},"description":"Grandstream\u304a\u3088\u3073DrayTek\u30c7\u30d0\u30a4\u30b9\u306e\u30a8\u30af\u30b9\u30d7\u30ed\u30a4\u30c8CVE-2020-8515\u3001CVE-2020-5722\u3092\u60aa\u7528\u3057\u3066\u62e1\u5927\u3059\u308b\u65b0\u305f\u306aHoaxcalls DDoS\u30dc\u30c3\u30c8\u30cd\u30c3\u30c8\u306b\u3064\u3044\u3066\u89e3\u8aac\u3057\u307e\u3059\u3002\u4e21\u8106\u5f31\u6027\u306f\u60aa\u7528\u304c\u975e\u5e38\u306b\u5bb9\u6613\u3067\u3001\u89b3\u6e2c\u3055\u308c\u308b\u5b9f\u969b\u306e\u653b\u6483\u6570\u3082\u5897\u52a0\u3057\u3066\u3044\u307e\u3059\u3002","breadcrumb":{"@id":"https:\/\/unit42.paloaltonetworks.com\/ja\/new-hoaxcalls-ddos-botnet\/#breadcrumb"},"inLanguage":"ja","potentialAction":[{"@type":"ReadAction","target":["https:\/\/unit42.paloaltonetworks.com\/ja\/new-hoaxcalls-ddos-botnet\/"]}]},{"@type":"ImageObject","inLanguage":"ja","@id":"https:\/\/unit42.paloaltonetworks.com\/ja\/new-hoaxcalls-ddos-botnet\/#primaryimage","url":"https:\/\/origin-unit42.paloaltonetworks.com\/wp-content\/uploads\/2024\/06\/07_Vulnerabilities_1920x900.jpg","contentUrl":"https:\/\/origin-unit42.paloaltonetworks.com\/wp-content\/uploads\/2024\/06\/07_Vulnerabilities_1920x900.jpg","width":1920,"height":900,"caption":"A cityscape with many highrises at night. From the ground, beacons of light point upward and end in glowing dots."},{"@type":"BreadcrumbList","@id":"https:\/\/unit42.paloaltonetworks.com\/ja\/new-hoaxcalls-ddos-botnet\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/unit42.paloaltonetworks.com\/ja\/"},{"@type":"ListItem","position":2,"name":"Grandstream\u304a\u3088\u3073DrayTek\u30c7\u30d0\u30a4\u30b9\u306e\u30a8\u30af\u30b9\u30d7\u30ed\u30a4\u30c8\u3067\u62e1\u5927\u3059\u308b\u65b0\u305f\u306aHoaxcalls DDoS\u30dc\u30c3\u30c8\u30cd\u30c3\u30c8"}]},{"@type":"WebSite","@id":"https:\/\/unit42.paloaltonetworks.com\/#website","url":"https:\/\/unit42.paloaltonetworks.com\/","name":"Unit 42","description":"Palo Alto Networks","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/unit42.paloaltonetworks.com\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"ja"},{"@type":"Person","@id":"https:\/\/unit42.paloaltonetworks.com\/#\/schema\/person\/80e3bba67119ddeae5571b8ff795eec6","name":"Ken Hsu","image":{"@type":"ImageObject","inLanguage":"ja","@id":"https:\/\/unit42.paloaltonetworks.com\/#\/schema\/person\/image\/9213e49ea48b7676660bac40d05c9e3e","url":"https:\/\/origin-unit42.paloaltonetworks.com\/wp-content\/uploads\/2018\/11\/unit-news-meta.svg","contentUrl":"https:\/\/origin-unit42.paloaltonetworks.com\/wp-content\/uploads\/2018\/11\/unit-news-meta.svg","caption":"Ken Hsu"},"url":"https:\/\/origin-unit42.paloaltonetworks.com\/ja\/author\/ken-hsu\/"}]}},"_links":{"self":[{"href":"https:\/\/origin-unit42.paloaltonetworks.com\/ja\/wp-json\/wp\/v2\/posts\/105906","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/origin-unit42.paloaltonetworks.com\/ja\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/origin-unit42.paloaltonetworks.com\/ja\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/origin-unit42.paloaltonetworks.com\/ja\/wp-json\/wp\/v2\/users\/312"}],"replies":[{"embeddable":true,"href":"https:\/\/origin-unit42.paloaltonetworks.com\/ja\/wp-json\/wp\/v2\/comments?post=105906"}],"version-history":[{"count":7,"href":"https:\/\/origin-unit42.paloaltonetworks.com\/ja\/wp-json\/wp\/v2\/posts\/105906\/revisions"}],"predecessor-version":[{"id":105913,"href":"https:\/\/origin-unit42.paloaltonetworks.com\/ja\/wp-json\/wp\/v2\/posts\/105906\/revisions\/105913"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/origin-unit42.paloaltonetworks.com\/ja\/wp-json\/wp\/v2\/media\/134420"}],"wp:attachment":[{"href":"https:\/\/origin-unit42.paloaltonetworks.com\/ja\/wp-json\/wp\/v2\/media?parent=105906"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/origin-unit42.paloaltonetworks.com\/ja\/wp-json\/wp\/v2\/categories?post=105906"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/origin-unit42.paloaltonetworks.com\/ja\/wp-json\/wp\/v2\/tags?post=105906"},{"taxonomy":"product_categories","embeddable":true,"href":"https:\/\/origin-unit42.paloaltonetworks.com\/ja\/wp-json\/wp\/v2\/product_categories?post=105906"},{"taxonomy":"author","embeddable":true,"href":"https:\/\/origin-unit42.paloaltonetworks.com\/ja\/wp-json\/wp\/v2\/coauthors?post=105906"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}