{"id":3197,"date":"2017-06-14T23:51:55","date_gmt":"2017-06-14T22:51:55","guid":{"rendered":"http:\/\/meiobyte.com\/mb\/?p=3197"},"modified":"2017-06-15T00:12:14","modified_gmt":"2017-06-14T23:12:14","slug":"check-point-alerta-para-o-jaff-um-novo-ransomware-que-se-transmite-por-email","status":"publish","type":"post","link":"https:\/\/meiobyte.com\/mb\/check-point-alerta-para-o-jaff-um-novo-ransomware-que-se-transmite-por-email\/","title":{"rendered":"Check Point alerta para o JAFF, um novo ransomware que se transmite por email"},"content":{"rendered":"<p style=\"text-align: justify;\">A <u><a href=\"http:\/\/www.checkpoint.com\/\">Check Point\u00ae Software Technologies Ltd.<\/a> <\/u>(Nasdaq: CHKP), o maior fabricante mundial especializado em seguran\u00e7a, descobriu um novo ransomware, chamado JAFF, que \u00e9 enviado atrav\u00e9s da botnet Necurs.<\/p>\n<p style=\"text-align: justify;\"><a href=\"http:\/\/meiobyte.com\/mb\/wp-content\/uploads\/2017\/06\/botnet-600x450.jpg\"><img loading=\"lazy\" decoding=\"async\" class=\"size-thumbnail wp-image-3199 alignleft\" src=\"http:\/\/meiobyte.com\/mb\/wp-content\/uploads\/2017\/06\/botnet-600x450-150x150.jpg\" alt=\"\" width=\"150\" height=\"150\" srcset=\"https:\/\/meiobyte.com\/mb\/wp-content\/uploads\/2017\/06\/botnet-600x450-150x150.jpg 150w, https:\/\/meiobyte.com\/mb\/wp-content\/uploads\/2017\/06\/botnet-600x450-65x65.jpg 65w\" sizes=\"(max-width: 150px) 100vw, 150px\" \/><\/a>Necurs \u00e9 um dos distribuidores de malware mais eficazes de toda a rede. No passado, foi o respons\u00e1vel pela infe\u00e7\u00e3o de milh\u00f5es de equipamentos com o ransomware Locky e o Trojan banc\u00e1rio Dridex. Durante os primeiros dias de atividade do JAFF, foram enviados mais de 10.000 emails corruptos por hora.<\/p>\n<p style=\"text-align: justify;\">O m\u00e9todo de propaga\u00e7\u00e3o \u00e9 o seguinte: os equipamentos infetados pelo Necurs enviam emails com Spam com um ficheiro PDF anexo. Quando o utilizador o abre, encontra um documento de texto com macros incrustadas, que pedem permiss\u00e3o para ser executadas. Ao faz\u00ea-lo, a v\u00edtima descarrega e instala o JAFF de forma involunt\u00e1ria. O ransomware sequestra os ficheiros do computador e mostra este texto no ecr\u00e3:<\/p>\n<p style=\"text-align: justify;\"><a href=\"http:\/\/meiobyte.com\/mb\/wp-content\/uploads\/2017\/06\/aa.jpg\"><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter size-full wp-image-3198\" src=\"http:\/\/meiobyte.com\/mb\/wp-content\/uploads\/2017\/06\/aa.jpg\" alt=\"\" width=\"1024\" height=\"541\" srcset=\"https:\/\/meiobyte.com\/mb\/wp-content\/uploads\/2017\/06\/aa.jpg 1024w, https:\/\/meiobyte.com\/mb\/wp-content\/uploads\/2017\/06\/aa-300x158.jpg 300w, https:\/\/meiobyte.com\/mb\/wp-content\/uploads\/2017\/06\/aa-768x406.jpg 768w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/a><\/p>\n<p style=\"text-align: justify;\">A url que aparece na imagem pertence \u00e0 Deep Web e pede um pagamento de 2,047 BitCoins (mais de 5.000 euros) para decifrar os ficheiros do equipamento infetado. A Check Point recomenda aos utilizadores e empresas afetadas que n\u00e3o paguem o resgate, j\u00e1 que n\u00e3o h\u00e1 qualquer garantia que os cibercriminosos devolvam aos utilizadores o controlo sobre os seus ficheiros.<\/p>\n<p style=\"text-align: justify;\">Para saber mais acerca do JAFF, visite o blogue da Check Point:<\/p>\n<p style=\"text-align: justify;\"><a href=\"http:\/\/blog.checkpoint.com\/2017\/05\/11\/jaff-new-ransomware-town-widely-spread-infamous-necurs-botnet\/\">http:\/\/blog.checkpoint.com\/2017\/05\/11\/jaff-new-ransomware-town-widely-spread-infamous-necurs-botnet\/<\/a><\/p>\n<p style=\"text-align: justify;\"><strong>Fonte: Adding Value<\/strong><\/p>\n<a href=\"http:\/\/www.facebook.com\/share.php?u=https%3A%2F%2Fmeiobyte.com%2Fmb%2Fcheck-point-alerta-para-o-jaff-um-novo-ransomware-que-se-transmite-por-email%2F&amp;t=Check%20Point%20alerta%20para%20o%20JAFF%2C%20um%20novo%20ransomware%20que%20se%20transmite%20por%20email\" id=\"facebook_share_both_3197\" style=\"font-size:11px; line-height:13px; font-family:'lucida grande',tahoma,verdana,arial,sans-serif; text-decoration:none; padding:2px 0 0 20px; height:16px; background:url(http:\/\/b.static.ak.fbcdn.net\/images\/share\/facebook_share_icon.gif) no-repeat top left;\">Partilhe no Facebook<\/a>\n\t<script type=\"text\/javascript\">\n\t<!--\n\tvar button = document.getElementById('facebook_share_link_3197') || document.getElementById('facebook_share_icon_3197') || document.getElementById('facebook_share_both_3197') || document.getElementById('facebook_share_button_3197');\n\tif (button) {\n\t\tbutton.onclick = function(e) {\n\t\t\tvar url = this.href.replace(\/share\\.php\/, 'sharer.php');\n\t\t\twindow.open(url,'sharer','toolbar=0,status=0,width=626,height=436');\n\t\t\treturn false;\n\t\t}\n\t\n\t\tif (button.id === 'facebook_share_button_3197') {\n\t\t\tbutton.onmouseover = function(){\n\t\t\t\tthis.style.color='#fff';\n\t\t\t\tthis.style.borderColor = '#295582';\n\t\t\t\tthis.style.backgroundColor = '#3b5998';\n\t\t\t}\n\t\t\tbutton.onmouseout = function(){\n\t\t\t\tthis.style.color = '#3b5998';\n\t\t\t\tthis.style.borderColor = '#d8dfea';\n\t\t\t\tthis.style.backgroundColor = '#fff';\n\t\t\t}\n\t\t}\n\t}\n\t-->\n\t<\/script>\n\t<!-- AddThis Advanced Settings generic via filter on the_content --><!-- AddThis Share Buttons generic via filter on the_content -->","protected":false},"excerpt":{"rendered":"<p>A Check Point\u00ae Software Technologies Ltd. (Nasdaq: CHKP), o maior fabricante mundial especializado em seguran\u00e7a, descobriu um novo ransomware, chamado JAFF, que \u00e9 enviado atrav\u00e9s da botnet Necurs. Necurs \u00e9 um dos distribuidores de malware mais eficazes de toda a rede. No passado, foi o respons\u00e1vel pela infe\u00e7\u00e3o de milh\u00f5es de equipamentos com o ransomware [&hellip;]<!-- AddThis Advanced Settings generic via filter on get_the_excerpt --><!-- AddThis Share Buttons generic via filter on get_the_excerpt --><\/p>\n<a href=\"http:\/\/www.facebook.com\/share.php?u=https%3A%2F%2Fmeiobyte.com%2Fmb%2Fcheck-point-alerta-para-o-jaff-um-novo-ransomware-que-se-transmite-por-email%2F&amp;t=Check%20Point%20alerta%20para%20o%20JAFF%2C%20um%20novo%20ransomware%20que%20se%20transmite%20por%20email\" id=\"facebook_share_both_3197\" style=\"font-size:11px; line-height:13px; font-family:'lucida grande',tahoma,verdana,arial,sans-serif; text-decoration:none; padding:2px 0 0 20px; height:16px; background:url(http:\/\/b.static.ak.fbcdn.net\/images\/share\/facebook_share_icon.gif) no-repeat top left;\">Partilhe no Facebook<\/a>\n\t<script type=\"text\/javascript\">\n\t<!--\n\tvar button = document.getElementById('facebook_share_link_3197') || document.getElementById('facebook_share_icon_3197') || document.getElementById('facebook_share_both_3197') || document.getElementById('facebook_share_button_3197');\n\tif (button) {\n\t\tbutton.onclick = function(e) {\n\t\t\tvar url = this.href.replace(\/share\\.php\/, 'sharer.php');\n\t\t\twindow.open(url,'sharer','toolbar=0,status=0,width=626,height=436');\n\t\t\treturn false;\n\t\t}\n\t\n\t\tif (button.id === 'facebook_share_button_3197') {\n\t\t\tbutton.onmouseover = function(){\n\t\t\t\tthis.style.color='#fff';\n\t\t\t\tthis.style.borderColor = '#295582';\n\t\t\t\tthis.style.backgroundColor = '#3b5998';\n\t\t\t}\n\t\t\tbutton.onmouseout = function(){\n\t\t\t\tthis.style.color = '#3b5998';\n\t\t\t\tthis.style.borderColor = '#d8dfea';\n\t\t\t\tthis.style.backgroundColor = '#fff';\n\t\t\t}\n\t\t}\n\t}\n\t-->\n\t<\/script>\n\t","protected":false},"author":1,"featured_media":3200,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[48,3,7],"tags":[59,214,60,58,33,31],"class_list":["post-3197","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-adding-value","category-alerta-de-seguranca","category-atualidade","tag-adding-value","tag-alecsander","tag-check-point","tag-meio-byte","tag-seguranca-2","tag-virus"],"_links":{"self":[{"href":"https:\/\/meiobyte.com\/mb\/wp-json\/wp\/v2\/posts\/3197"}],"collection":[{"href":"https:\/\/meiobyte.com\/mb\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/meiobyte.com\/mb\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/meiobyte.com\/mb\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/meiobyte.com\/mb\/wp-json\/wp\/v2\/comments?post=3197"}],"version-history":[{"count":1,"href":"https:\/\/meiobyte.com\/mb\/wp-json\/wp\/v2\/posts\/3197\/revisions"}],"predecessor-version":[{"id":3201,"href":"https:\/\/meiobyte.com\/mb\/wp-json\/wp\/v2\/posts\/3197\/revisions\/3201"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/meiobyte.com\/mb\/wp-json\/wp\/v2\/media\/3200"}],"wp:attachment":[{"href":"https:\/\/meiobyte.com\/mb\/wp-json\/wp\/v2\/media?parent=3197"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/meiobyte.com\/mb\/wp-json\/wp\/v2\/categories?post=3197"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/meiobyte.com\/mb\/wp-json\/wp\/v2\/tags?post=3197"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}