æ¬ç¨¿ã¯2017å¹´5æ17æ¥ã«åçãå ¬éãããä»ããã§ããWannaCry対çãã®æ¹è¨è¨äºã§ãï¼SMBv1ãç¡å¹åããããã®æé ã¨æ³¨æç¹ã追è¨ãã¾ããï¼ã 2017å¹´5æããWannaCryï¼Wanna CryptãWannaCryptorãWcryï¼ï¼1ããªã©ã¨å¼ã°ããã©ã³ãµã ã¦ã§ã¢ãä¸çä¸ã§çå¨ãæ¯ãã£ããå»çæ©é¢ãªã©ã§æ·±å»ãªè¢«å®³ãçãã¦ããä»ãæ¥æ¬ã§ã被害ãå ±éããã¦ããã
ä¸çä¸ã§çå¨ãæ¯ãã£ãã©ã³ãµã ã¦ã§ã¢ãWannaCryãã«ææããPCã®98ï¼ ã¯ãWindows 7ãæè¼ã ã£ãââããã·ã¢ã®ã»ãã¥ãªãã£ä¼æ¥Kaspersky Labã®ã°ãã¼ãã«ãªãµã¼ãæ å½ãã£ã¬ã¯ã¿ã¼ãã³ã¹ãã£ã³ã»ã©ã¤ã¦æ°ã5æ19æ¥ï¼ç¾å°æéï¼ãèªèº«ã®Twitterã¢ã«ã¦ã³ãã§ãã¼ã¸ã§ã³å¥ææçã°ã©ãããã¤ã¼ãããã ãWannaCryã®Windowsãã¼ã¸ã§ã³å¥ææã§ãææªã ã£ãã®ã¯Windows 7 x64ã ã£ããWindows XPã¯ã»ã¨ãã©ãªããã¨èª¬æããã ãWindows 7ãã¯ã¾ã ç±³Microsoftã®ãµãã¼ã対象ã§ãããWannaCryãåé¿ããããã®ã»ãã¥ãªãã£ã¢ãããã¼ãã¯WannaCryã¾ã延ã®2ã«æåã«ã¯å ¬éããã¦ããã Microsoftã¯WannaCryçºçç´å¾ã«ãµãã¼ããçµäºããWindows XPãªã©ã«å¯¾ãã¦ãã»ãã¥ãªãã£ããããå ¬éããããKaspe
å½å ã§ã大ããªè©±é¡ã¨ãªã£ã¦ããã©ã³ãµã ã¦ã§ã¢ãWannaCryãã§ããã5æ12æ¥ã®ä¸ççãªå¤§è¦æ¨¡æ¡æ£ä»¥éããã®ä¾µå ¥ã¨æ¡æ£ã«ã¤ãã¦å¤§ããªçå符ãä»ããã¾ã¾ã¨ãªã£ã¦ãã¾ããããã¬ã³ããã¤ã¯ãã§ã¯ä¾µå ¥ã¨æ¡æ£ã®ææ³ã«ã¤ãã¦æ¢ããããWannaCry ã®ã¯ã¼ã æ´»åã«ã¤ãã¦å¾¹åºè§£æãè¡ãã¾ãããWannaCry ã¯ã¯ã¼ã æ´»åã¨ãã¦ã¯ Windows ã®ãMS17-010ãã®èå¼±æ§ã®å©ç¨ã確èªãã¦ãã¾ããããã®è§£æã§ã¯åæã«ããã¯ãã¢ãã¼ã«ãDoublePulsarããå©ç¨ãã詳細ãªæ´»åå 容ã確èªã§ãã¾ããã ãã¬ã³ããã¤ã¯ãã®è§£æã®çµæã以ä¸ã®ã¯ã¼ã æ´»åã®ããã¼ãæããã«ãªãã¾ããã æ»æ対象ã®ã¹ãã£ã³ï¼ 1.1ããã¼ã«ã«ãããã¯ã¼ã¯å ã®ç«¯æ«ãåæãã¹ãã£ã³ãã 1.2ãã°ãã¼ãã«ããã¼ã«ã«å«ããç¡ä½çºãªIPã¢ãã¬ã¹ã«å¯¾ãã¦ãã¹ãã£ã³ãã ã¹ãã£ã³å¯¾è±¡ã®ç«¯æ«ã« SMB ã® 445çªãã¼ãã§æ¥ç¶ããã
2017å¹´5æ12æ¥å¤ï¼æ¥æ¬æéï¼ããä¸çåå°ã§æ¥éã«æææ¡å¤§ããæå·ååã©ã³ãµã ã¦ã§ã¢ãWannaCryãã®è¢«å®³ã¯ããã®æå·ååã©ã³ãµã ã¦ã§ã¢ãæã¤ãkill switch ãã®ãã¡ã¤ã³ç»é²ã«ãã£ã¦è»½æ¸ããã¾ãããããããä»ã®ãµã¤ãã¼ç¯ç½ªè ã«ããé¡ä¼¼ãã«ã¦ã§ã¢ãåºç¾ããã®ã¯æéã®åé¡ã§ãããæå·ååã©ã³ãµã ã¦ã§ã¢ãUIWIXï¼ãRANSOM_UIWIX.Aãã¨ãã¦æ¤åºï¼ããææPCãå©ç¨ãã¦ä»®æ³é貨ã®çºæãè¡ãããã¤ã®æ¨é¦¬åãã«ã¦ã§ã¢ãAdylkuzzï¼ãTROJ_COINMINER.WNãã¨ãã¦æ¤åºï¼ãã®åºç¾ã¯ãã®è¯ãä¾ã§ãã â ãUIWIXãã¯ãWannaCryãã¨ã¯å¥ã®ãã¡ã㪠ããã«é²åãã WannaCry ã®æ°ãããã¼ã¸ã§ã³ã ã¨ããå ±éã¨ã¯ç°ãªãããã¬ã³ããã¤ã¯ãã«ããç¾å¨é²è¡ä¸ã®è§£æã«ããã¨ãUIWIX ã¯åãèå¼±æ§ãæªç¨ãã¦ãããã®ã®ãWannaCryã¨ã¯å¥ã®æ°ãããã¡ã
2017å¹´3æ15æ¥(æ¥æ¬æé)ã«Microsoft製åã«é¢ããèå¼±æ§ã®ä¿®æ£ããã°ã©ã MS17-010ãå ¬è¡¨ããã¾ããã ãã®èå¼±æ§ãã©ã³ãµã ã¦ã§ã¢ã®ææã«æªç¨ããå½å ãå«ãä¸çåå½ã§è¢«å®³ã確èªãããè±å½ã§ã¯å»çæ©é¢ã«ããã¦æ¥åã«æ¯éãåºããªã©ã®æ·±å»ãªå½±é¿ãçºçãã¦ãã¾ãã ã©ã³ãµã ã¦ã§ã¢ã«ææããã¨ã³ã³ãã¥ã¼ã¿ã®ãã¡ã¤ã«ãæå·åãããã³ã³ãã¥ã¼ã¿ã使ç¨ã§ããªã被害ãçºçããå¯è½æ§ãããã¾ãã ä»å観測ããã¦ããã©ã³ãµã ã¦ã§ã¢ã¯ Wanna Cryptor ã¨å¼ã°ãããã«ã¦ã§ã¢ (WannaCrypt, WannaCry, WannaCryptor, Wcry çã¨ãå¼ã°ãã) ã®äºç¨®ã§ããã¨èãããã¾ãã â»ã©ã³ãµã ã¦ã§ã¢ã¨ã¯ããRansomï¼èº«ä»£éï¼ãã¨ãSoftwareï¼ã½ããã¦ã§ã¢ï¼ããçµã¿åãããé èªã§ããææãããã½ã³ã³ã«ç¹å®ã®å¶éãããããã®å¶éã®è§£é¤ã¨å¼ãæãã«ééãè¦æ±
æ å ±å¦çæ¨é²æ©æ§ï¼IPAï¼ã¯2017å¹´5æ14æ¥ãç·æ¥è¨è ä¼è¦ãéããä¸çåå½ã§ææãåºãããæ·±å»ãªè¢«å®³ãããããã¦ãããã©ã³ãµã ï¼èº«ä»£éï¼ã¦ã¨ã¢ãã¸ã®æ³¨æãå¼ã³ããããã©ã³ãµã ã¦ã¨ã¢ã¯PCããµã¼ãã¼ãªã©ã®ãã¼ã¿ãæå·åãã復å·ã®ããã®ééãè¦æ±ãããã«ã¦ã¨ã¢ï¼æªæã®ããã½ããã¦ã¨ã¢ï¼ãIPAã®æè¡æ¬é¨ ã»ãã¥ãªãã£ã»ã³ã¿ã¼ ã»ã³ã¿ã¼é·ã®æ±å£ ç´ä¸æ°ã¯ããï¼ææ¥15æ¥ï¼æææ¥ã®æ¥åéå§æãä¸å¯©ãªã¡ã¼ã«ãéããªãããã«ååã«æ³¨æãã¦ããã©ãã«ãæªç¶ã«é²ãã§ã»ãããã¨è¨´ããã ä»åææãåºãã£ã¦ããã®ã¯ãWanna Cryptorãã¨å¼ã°ããã©ã³ãµã ã¦ã§ã¢ã®äºç¨®ã¨ã¿ããããç±³ãã¤ã¯ãã½ããã®Windows製åã®èå¼±æ§ï¼CVE-2017-0145ï¼ãçã£ã¦ææãããã®ã§ããã®èå¼±æ§ã対çããä¿®æ£ããã°ã©ã (MS17-010) ã¯2017å¹´3æ15æ¥ã«æä¾ããã¦ãããããµãã¼ãåãã§ä¿®æ£ããã°ã©
ãã¬ã³ããã¤ã¯ãã¯ãæ·±å»ãªæå·ååã©ã³ãµã ã¦ã§ã¢ãä¸çåå½ã§æ»æãè¡ã£ã¦ããäºå®ã確èªãã¾ããããã®æ»æã¯ã2017å¹´3æããã³ 4æã«æããã«ãªã£ãã»ãã¥ãªãã£ä¸ã®ãªã¹ã¯ãçµã¿åãããã¦å®è¡ããã¾ãããããã2ã¤ã®ãªã¹ã¯ã®å 1ã¤ã¯ãWindows SMB ã®ãªã¢ã¼ãã§ã³ã¼ããå®è¡ãããèå¼±æ§ãCVE-2017-0144ã㧠Microsoft ã®3æã®ã»ãã¥ãªãã£æ å ±ã«ããæããã«ãªããå社ã¯åé¡ã®èå¼±æ§ã«å¯¾ããæ´æ°ããã°ã©ã ãå ¬éãã¾ããããã1ã¤ã¯ãæå·ååã©ã³ãµã ã¦ã§ã¢ãWannaCryï¼Wcryãã§ãåå¹´4æã« Dropboxã®URLãæªç¨ãã¦æ¡æ£ããæå·ååã©ã³ãµã ã¦ã§ã¢ã¨ãã¦ç¢ºèªããã¾ããã ä»åã®æ»æã§ä½¿ãããæå·ååã©ã³ãµã ã¦ã§ã¢ãWannaCryï¼Wcryãã¯ããRANSOM_WANA.Aï¼ã¯ãï¼ãããã³ãRANSOM_WCRY.Iï¼ãããªã¥ã¼ã¯ã©ã¤ï¼ãã¨ãã¦æ¤åºãã
2017å¹´5æ12æ¥é ãããä¸çåå°ã§ã©ã³ãµã ã¦ã§ã¢ã«ææãã被害ãç¸æ¬¡ãã§å ±åããã¦ãã¾ããã©ã³ãµã ã¦ã§ã¢ã¯WannaCryçã¨ååãä»ãããã¦ãããã®ã§ãããã«ææããåå ã¨ãã¦ãWindowsã®èå¼±æ§ãåã³ãã®èå¼±æ§ãç¨ããNSAãéçºãããã¼ã«ãé¢ä¿ãã¦ããå¯è½æ§ãããã¨åå½ã®CSIRTãã»ãã¥ãªãã£ãã³ãã注æåèµ·çãå ¬éãã¦ãã¾ããMicrosoftã¯ä»åã®ææäºæ¡ãåããWindowsXPãªã©ã®ãµãã¼ããåããOSã対象ã¨ããç·æ¥ã®æ´æ°ããã°ã©ã ãå ¬éãã¾ããã ããã§ã¯ãã®ä¸çä¸ã§çºçããã©ã³ãµã ã¦ã§ã¢ WannaCry ã®ææ被害ãªã©ã«ã¤ãã¦ã¾ã¨ãã¾ãã ã¤ã³ã·ãã³ãã¿ã¤ã ã©ã¤ã³ 以ä¸ã¯ä¸»ã«å½å ã®é¢é£äºè±¡ãæ´çãããã®ã æ¥æ åºæ¥äº 2016å¹´9æ16æ¥ MicrosoftãSMBv1ã®ä½¿ç¨åæ¢ãå¼·ãæ¨å¥¨ããè¨äºãå ¬éã 2017å¹´1æ16æ¥ US-CERTãSMBv1
ãªãªã¼ã¹ãé害æ å ±ãªã©ã®ãµã¼ãã¹ã®ãç¥ãã
ææ°ã®äººæ°ã¨ã³ããªã¼ã®é ä¿¡
å¦çãå®è¡ä¸ã§ã
j次ã®ããã¯ãã¼ã¯
kåã®ããã¯ãã¼ã¯
lãã¨ã§èªã
eã³ã¡ã³ãä¸è¦§ãéã
oãã¼ã¸ãéã
{{#tags}}- {{label}}
{{/tags}}