dir880l刷梅林固件:新的证据表明中国黑客利用Adobe Reader和IE浏览器侵入美国无人机

来源:百度文库 编辑:中财网 时间:2024/05/07 13:20:08

波音X-45C

A rash of new clues surrounding the Sykipot computer virus having its way with the U.S. drone fleet suggests the malware originated in China, and explains how it has been used.

大量的关于美军无人机群受木马病毒感染的新线索,能解释这些来自中国的恶意程序是如何被使用的。

Mathew J. Schwartz of Information Week reports the virus appears to have been designed with the sole purpose of stealing UAV data using a “zero-day” vulnerability in Adobe Reader.

来自《信息周刊》的Mathew J. Schwartz 报道称,这类病毒被设计出来的唯一目的,就是用“零日漏洞”的攻击方式,通过Adobe Reader软件上的漏洞来窃取无人机上的数据。

A zero-day attack is launched using a vulnerability unknown to a software’s developer and shared among attackers who exploit the fault before a patch is put in place.

零日漏洞攻击技术,是指黑客利用软件开发方还未知的漏洞,在补丁出来修正之前就攻击并共享其数据。

The virus was inserted into the military’s network using infected PDF files and specifically targeted to look for information on the Boeing X-45 unmanned combat air system and the Boeing X-37 orbital vehicle.

该病毒是使用受感染的PDF文件侵入到军用网络的,并专门搜寻关于波音X- 45无人作战飞机系统和波音X – 37空天飞机的信息。

The X-37 recently had its classified mission extended nine months leading to speculation about its orbital activities. China, too, seems to have questions regarding its mission.

This most recent attack seems to have begun in August 2011, but another variant of the Sykipot virus goes back to 2006. The older version used clouded script files, taking advantage of an Internet Explorer vulnerability.

X37最近的机密任务延长九个月,引发了关于它在空天轨道区域活动任务的猜测。中国看起来也很想搞清楚这些。

最近的攻击似乎在2011年8月开始了,但是另一个木马病毒的变种可以追溯到2006年。老版本病毒使用模糊的脚本文件,利用IE浏览器来攻击。

Finally, both versions used servers known as Netbox, 80 percent of which are located in China. This may explain why its documentation and error messages both come up in Mandarin.

最后,这两个版本都是用Netbox服务器发布的,其中80%来自中国。这也许能解释为什么它的文件和错误信息都是编自国语(普通话)。

除非注明,本站文章均为原创或编译,转载请注明:文章来自爬山虎------------------------------------------------------------------------------------------------------------------

*评论翻译小纸条是协同翻译工具,仅限帖子用户和译者使用,请勿随意涂改或删除小纸条内文字! 

小纸条:leo 以下评论来自:http://www.businessinsider.com/chinas-hacking-into-us-drones-using-adobe-reader-and-internet-explorer-2011-12
小纸条:leo

The Dude on Dec 22, 9:20 AM said:
There is so little info here that it actually hurts.

小纸条:雪崩挂

消息太少了,也不知道到底有多少损失。

小纸条:leo The Dude on Dec 22, 9:20 AM said: There is so little info here that it actually hurts.
小纸条:leo

aw on Dec 22, 9:31 AM said:
@The Dude: the iphone4 jailbreak was also possible thanks to an adobe pdf vulnerability.

小纸条:雪崩挂

回复楼上:Dude
iphone4的越狱应该靠的也是AdobePDF的漏洞。

小纸条:leo aw on Dec 22, 9:31 AM said: @The Dude: the iphone4 jailbreak was also possible thanks to an adobe pdf vulnerability.
小纸条:leo

Dagobar on Dec 22, 9:35 AM said:
@aw: Someone should finally put Adobe out of their misery. It seems to me they are simply unable to ever release any software that has less security holes that a Swiss cheese :-/

小纸条:雪崩挂

回复楼上:aw
看来大家应该将Adobe踢掉,以免再受苦了。就我看来,所有的程序的漏洞都多的想瑞士芝士的洞洞一样多,根本没法全部弥补完。

小纸条:leo Dagobar on Dec 22, 9:35 AM said: @aw: Someone should finally put Adobe out of their misery. It seems to me they are simply unable to ever release any software that has less security holes that a Swiss cheese :-/
小纸条:leo

kmg90 on Dec 22, 6:10 PM said:
@aw: You couldn't be more wrong. first the iOS doesn't use Adobe Reader or even allow you to install adobe reader on any iDevices. Second the exploit was in libraries in the iOS system. Nothing to do with Adobe. I hate adobe reader since version 9, I use and suggest alternative PDF readers.

Source:
http://support.apple.com/kb/HT4802

小纸条:雪崩挂

回复aw:
你错的不能再错了。首先,iOS系统是不使用AdobeReader的,就算你装了。第二,编程是在iOS系统的函数库里的。没有任何跟Adobe有关系的东西。自从Adobe9开始我就讨厌了,我建议用PDFreaders好过AdobeReader。链接:http://support.apple.com/kb/HT4802

小纸条:leo kmg90 on Dec 22, 6:10 PM said: @aw: You couldn't be more wrong. first the iOS doesn't use Adobe Reader or even allow you to install adobe reader on any iDevices. Second the exploit was in libraries in the iOS system. Nothing to do with Adobe. I hate adobe reader since version 9, I use and suggest alternative PDF readers. Source: http://support.apple.com/kb/HT4802
小纸条:leo

The Truth on Dec 22, 7:40 PM said:
@The Dude: Do not blame others for your own incompetency. Hire good software guys to protect your IP, Stupid a**.

小纸条:雪崩挂

回复Dude:
不要因为自己的无能而去责怪别人。买个好的软件来保护你自己的IP吧,213。

小纸条:leo The Truth on Dec 22, 7:40 PM said: @The Dude: Do not blame others for your own incompetency. Hire good software guys to protect your IP, Stupid a**.
小纸条:leo

Bunts Singh (URL) on Dec 22, 10:21 PM said:
@The Dude: No I think there is enough information if you are a little tech savvy. All the big Silicon Valley companies employ hundreds of Chinese software Engineers who unbeknownst to them are MOTHERLAND SPIES. They are routinely transfer data and computer code back home. They are smart to trojan some of the most widely used components like flash players or MSWord or Excel because they know most of the Non-Techies in Government or Defence use these products.

As long as White American Silicon Valley Geeks love skinny assless Chinese girls....that got a spy here and she is getting paid too by the same Corporations which she is working against.

小纸条:雪崩挂

回复Dude:
我倒是觉得只要你懂点技术就不会觉得信息少了。所有的硅谷大公司招了上百个中国程序猿,他们甚至不知道自己是天朝间谍。他们经常将数据传回中国。这些家伙很厉害,他们将木马打入一些超级多人用部件软件,如flashplayer,MS的Word/Excel,因为他们知道很多非信息技术行业的政府官员或国防官员会用到他们的软件。直到有一天,那些硅谷宅喜欢苗条性感的中国MM,然后被盗取了信息,而MM则能从雇佣她的公司那里拿大一笔不错的回报。

小纸条:leo Bunts Singh (URL) on Dec 22, 10:21 PM said: @The Dude: No I think there is enough information if you are a little tech savvy. All the big Silicon Valley companies employ hundreds of Chinese software Engineers who unbeknownst to them are MOTHERLAND SPIES. They are routinely transfer data and computer code back home. They are smart to trojan some of the most widely used components like flash players or MSWord or Excel because they know most of the Non-Techies in Government or Defence use these products. As long as White American Silicon Valley Geeks love skinny assless Chinese girls....that got a spy here and she is getting paid too by the same Corporations which she is working against.
小纸条:leo

Bunts Singh (URL) on Dec 22, 10:25 PM said:
@Bunts Singh: Using a commercial Operating system for Military components is a big fucking mistake.

I am aghast!!!!!

小纸条:飞天喵喵

军事平台使用商业化的操作系统就是T咩的错误,我太震惊了!

小纸条:leo Bunts Singh (URL) on Dec 22, 10:25 PM said: @Bunts Singh: Using a commercial Operating system for Military components is a big fucking mistake. I am aghast!!!!!
小纸条:leo

commerce exchange (URL) on Dec 22, 9:28 AM said:
If true, i don't believe the US military could be this flawed in security. But honestly i just cannot beilive it

小纸条:飞天喵喵

就算是真的,我也不信美军会在安全防范上犯下这样大的疏忽。不过说真的,我就是难以置信而已。

小纸条:leo commerce exchange (URL) on Dec 22, 9:28 AM said: If true, i don't believe the US military could be this flawed in security. But honestly i just cannot beilive it
没有证据表明那个被指控的人在犯罪现场 当有多少间接的证据时,,就可以断定或者表明这件事确实发生了?? 黑客是怎么利用上传功能的?? 中国黑客的水平如何 朋友的中国黑客6 中国最大的黑客网站 中国黑客的水平怎么样? RE:RE:RE:我的烦恼 神六上天了,表明中国的科技水平有多高? 黑客是利用什么软件攻击别人的电脑 我想知道黑客们怎样利用扫描出来的端口? 怎样知道我的电脑是否被黑客利用? 上诉时我能提供新的证据吗 有什么证据可以表明陆毅很孩子气?(很奶油) 中国的律师不可以进行证据调查吧 中国药师是国家级的吗,请找到证据 日本侵略中国的证据都有哪些??! 中国最厉害的黑客是谁 中国黑客联盟网的背景音乐是什么? 中国黑客联盟网的背景音乐是什么? 中国 最有名的黑客组织是什么 请问中国黑客联盟的背景音乐是什么? 请问中国黑客联盟的背景音乐是什么? 请问中国黑客联盟的背景音乐是什么?