{"id":16032,"date":"2020-09-14T18:37:50","date_gmt":"2020-09-14T21:37:50","guid":{"rendered":"https:\/\/www.kaspersky.com.br\/blog\/?p=16032"},"modified":"2020-09-15T18:28:37","modified_gmt":"2020-09-15T21:28:37","slug":"threats-targeting-linux","status":"publish","type":"post","link":"https:\/\/www.kaspersky.com.br\/blog\/threats-targeting-linux\/16032\/","title":{"rendered":"Linux \u00e9\u00a0um sistema operacional\u00a0invulner\u00e1vel?\u00a0"},"content":{"rendered":"<p><span data-contrast=\"auto\">Linux\u00a0<\/span><span data-contrast=\"auto\">est\u00e1<\/span><span data-contrast=\"auto\">\u00a0livre de malware \u2013 ou muitos acreditaram\u00a0<\/span><span data-contrast=\"auto\">nisso\u00a0<\/span><span data-contrast=\"auto\">por muitos anos. A ilus\u00e3o\u00a0<\/span><span data-contrast=\"auto\">tem<\/span><span data-contrast=\"auto\">\u00a0tr\u00eas\u00a0<\/span><span data-contrast=\"auto\">motivos principais<\/span><span data-contrast=\"auto\">. Primeiro, o Linux era um sistema de nicho, usado com muito menos frequ\u00eancia que o Windows. Em segundo lugar, foi usado principalmente por profissionais de TI, que s\u00e3o mais experientes do que o usu\u00e1rio m\u00e9dio. E em terceiro lugar, dadas as especifica\u00e7\u00f5es da arquitetura do sistema, o malware teria que obter permiss\u00f5es de\u00a0<\/span><i><span data-contrast=\"auto\">root<\/span><\/i><span data-contrast=\"auto\">\u00a0de alguma forma para causar danos, complicando muito os ataques.<\/span><\/p>\n<p><span data-contrast=\"auto\">No entanto, os tempos mudam, e hoje em dia os sistemas baseados em Linux est\u00e3o alcan\u00e7ando o Windows em algumas \u00e1reas, <\/span><span data-contrast=\"auto\">e at\u00e9\u00a0<\/span><span data-contrast=\"auto\">j\u00e1 o ultrapassaram em outras. Al\u00e9m do mais, muitos desenvolvedores est\u00e3o tentando tornar seus sistemas mais amig\u00e1veis \u200b\u200bpara o usu\u00e1rio final, fornecendo<\/span><span data-contrast=\"auto\">\u00a0ferramentas e\u00a0<\/span><i><span data-contrast=\"auto\">shells<\/span><\/i><span data-contrast=\"auto\">\u00a0<\/span><span data-contrast=\"auto\">gr\u00e1ficos\u00a0<\/span><span data-contrast=\"auto\">que, \u00e0 primeira vista, s\u00e3o indistingu\u00edveis dos sistemas\u00a0<\/span><span data-contrast=\"auto\">f\u00e1ceis de usar do\u00a0<\/span><span data-contrast=\"auto\">Windows. Isso aumentou muito a popularidade do Linux, mas tamb\u00e9m atraiu mais usu\u00e1rios propensos a erros. E a popularidade crescente do Linux \u2013 no estrategicamente importante<\/span><span data-contrast=\"auto\">\u00a0<\/span><span data-contrast=\"auto\">nicho de servidores, bem como nas esta\u00e7\u00f5es de trabalho \u2013 atraiu mais aten\u00e7\u00e3o dos cibercriminosos.<\/span><span data-ccp-props='{\"201341983\":0,\"335559739\":160,\"335559740\":259}'>\u00a0<\/span><\/p>\n<p><span data-contrast=\"auto\">\u00c9 <\/span><span data-contrast=\"auto\">verdade<\/span><span data-contrast=\"auto\">\u00a0que n\u00e3o vimos uma \u00fanica epidemia em grande escala afetando os sistemas baseados em Linux \u2013 ainda. Os mentores por tr\u00e1s dos ataques direcionados e\u00a0<\/span><span data-contrast=\"auto\">de\u00a0<\/span><span data-contrast=\"auto\">APT est\u00e3o criando cada vez mais ferramentas adaptadas especificamente para esta fam\u00edlia de sistemas operacionais. Tendo analisado v\u00e1rias amea\u00e7as sofisticadas nos \u00faltimos anos, nossos colegas d<\/span><span data-contrast=\"auto\">o<\/span><span data-contrast=\"auto\">\u00a0Global\u00a0<\/span><span data-contrast=\"auto\">Research<\/span><span data-contrast=\"auto\">\u00a0<\/span><span data-contrast=\"auto\">and<\/span><span data-contrast=\"auto\">\u00a0<\/span><span data-contrast=\"auto\">Analysis<\/span><span data-contrast=\"auto\">\u00a0Team (<\/span><span data-contrast=\"auto\">GReAT<\/span><span data-contrast=\"auto\">)<\/span><span data-contrast=\"auto\">\u00a0<\/span><span data-contrast=\"auto\">descobriram que a maioria dos grupos de invasores de hoje est\u00e1 seriamente interessada no Linux.<\/span><\/p>\n<p><span data-contrast=\"auto\">Winniti<\/span><span data-contrast=\"auto\">\u00a0(<\/span><span data-contrast=\"auto\">tamb\u00e9m conhecido como<\/span><span data-contrast=\"auto\">\u00a0APT41 o<\/span><span data-contrast=\"auto\">u<\/span><span data-contrast=\"auto\">\u00a0<\/span><span data-contrast=\"auto\">Barium<\/span><span data-contrast=\"auto\">), Cloud\u00a0<\/span><span data-contrast=\"auto\">Snooper<\/span><span data-contrast=\"auto\">,\u00a0<\/span><span data-contrast=\"auto\">DarkHotel<\/span><span data-contrast=\"auto\">,\u00a0<\/span><span data-contrast=\"auto\">Equation<\/span><span data-contrast=\"auto\">, Lazarus,\u00a0<\/span><span data-contrast=\"auto\">Sofacy<\/span><span data-contrast=\"auto\">, The\u00a0<\/span><span data-contrast=\"auto\">Dukes<\/span><span data-contrast=\"auto\">, The\u00a0<\/span><span data-contrast=\"auto\">Lamberts<\/span><span data-contrast=\"auto\">,\u00a0<\/span><span data-contrast=\"auto\">Turla<\/span><span data-contrast=\"auto\">,\u00a0<\/span><span data-contrast=\"auto\">WildNeutron<\/span><span data-contrast=\"auto\">\u00a0<\/span><span data-contrast=\"auto\">e v\u00e1rios outros t\u00eam ferramentas para atacar m\u00e1quinas baseadas em Linux<\/span><span data-contrast=\"auto\">.\u00a0<\/span><span data-contrast=\"auto\">Outro desenvolvedor de ferramentas visando o Linux \u00e9 a\u00a0<\/span><span data-contrast=\"auto\">HackingTeam<\/span><span data-contrast=\"auto\">, empresa que vende\u00a0<\/span><span data-contrast=\"auto\">software<\/span><span data-contrast=\"auto\">s<\/span><span data-contrast=\"auto\">\u00a0para a chamada vigil\u00e2ncia legal para governos e ag\u00eancias de aplica\u00e7\u00e3o da lei. El<\/span><span data-contrast=\"auto\">a<\/span><span data-contrast=\"auto\">\u00a0foi hackead<\/span><span data-contrast=\"auto\">a<\/span><span data-contrast=\"auto\">\u00a0alguns anos atr\u00e1s e parte de seu know-how acabou nas m\u00e3os de cibercriminosos. Para obter uma descri\u00e7\u00e3o mais detalhada dos grupos de invasores e suas ferramentas, consulte nosso\u00a0<\/span><a href=\"https:\/\/securelist.com\/an-overview-of-targeted-attacks-and-apts-on-linux\/98440\" target=\"_blank\" rel=\"noopener\"><span data-contrast=\"none\">relat\u00f3rio do blog\u00a0<\/span><span data-contrast=\"none\">Securelist<\/span><\/a><span data-contrast=\"auto\">.<\/span><span data-ccp-props='{\"201341983\":0,\"335559739\":160,\"335559740\":259}'>\u00a0<\/span><\/p>\n<h2><span data-contrast=\"none\">Dicas de seguran\u00e7a no Linux<\/span><span data-ccp-props='{\"201341983\":0,\"335559738\":40,\"335559739\":0,\"335559740\":259}'>\u00a0<\/span><\/h2>\n<p><span data-contrast=\"auto\">Nossos especialistas desenvolveram um conjunto de recomenda\u00e7\u00f5es para ajudar a minimizar amea\u00e7as aos sistemas Linux.<\/span><span data-ccp-props='{\"201341983\":0,\"335559739\":160,\"335559740\":259}'>\u00a0<\/span><\/p>\n<ul>\n<li data-leveltext=\"\uf0b7\" data-font=\"Symbol\" data-listid=\"2\" data-aria-posinset=\"1\" data-aria-level=\"1\"><span data-contrast=\"auto\">Crie uma lista de fontes de software confi\u00e1veis \u200b\u200bpara Linux e bloqueie a instala\u00e7\u00e3o de software e a execu\u00e7\u00e3o de scripts de terceiros;<\/span><span data-ccp-props='{\"134233279\":true,\"201341983\":0,\"335559739\":160,\"335559740\":276}'>\u00a0<\/span><\/li>\n<li data-leveltext=\"\uf0b7\" data-font=\"Symbol\" data-listid=\"2\" data-aria-posinset=\"2\" data-aria-level=\"1\"><span data-contrast=\"auto\">Atualize o software em tempo h\u00e1bil \u2013 configure-o para ser atualizado automaticamente e evite atualiza\u00e7\u00f5es em canais n\u00e3o criptografados;<\/span><span data-ccp-props='{\"134233279\":true,\"201341983\":0,\"335559739\":160,\"335559740\":276}'>\u00a0<\/span><\/li>\n<li data-leveltext=\"\uf0b7\" data-font=\"Symbol\" data-listid=\"2\" data-aria-posinset=\"3\" data-aria-level=\"1\"><span data-contrast=\"auto\">Configure cuidadosamente o firewall, certificando-se de que\u00a0<\/span><span data-contrast=\"auto\">ele mantenha registros\u00a0<\/span><span data-contrast=\"auto\">e\u00a0<\/span><span data-contrast=\"auto\">bloqueie\u00a0<\/span><span data-contrast=\"auto\">todas as portas n\u00e3o utilizadas;<\/span><span data-ccp-props='{\"134233279\":true,\"201341983\":0,\"335559739\":160,\"335559740\":276}'>\u00a0<\/span><\/li>\n<li data-leveltext=\"\uf0b7\" data-font=\"Symbol\" data-listid=\"2\" data-aria-posinset=\"4\" data-aria-level=\"1\"><span data-contrast=\"auto\">Utilize<\/span><span data-contrast=\"auto\">\u00a0autentica\u00e7\u00e3o de dois fatores e tokens de hardware;<\/span><span data-ccp-props='{\"134233279\":true,\"201341983\":0,\"335559739\":160,\"335559740\":276}'>\u00a0<\/span><\/li>\n<\/ul>\n<ul>\n<li data-leveltext=\"\uf0b7\" data-font=\"Symbol\" data-listid=\"2\" data-aria-posinset=\"1\" data-aria-level=\"1\"><span data-contrast=\"auto\">Esteja preparado para ataques internos: use criptografia, inicializa\u00e7\u00e3o confi\u00e1vel e ferramentas de controle de integridade de hardware;<\/span><span data-ccp-props='{\"134233279\":true,\"201341983\":0,\"335559739\":160,\"335559740\":276}'>\u00a0<\/span><\/li>\n<li data-leveltext=\"\uf0b7\" data-font=\"Symbol\" data-listid=\"2\" data-aria-posinset=\"2\" data-aria-level=\"1\"><span data-contrast=\"auto\">Audit<\/span><span data-contrast=\"auto\">e<\/span><span data-contrast=\"auto\">\u00a0periodicamente todos os sistemas, verifi<\/span><span data-contrast=\"auto\">que<\/span><span data-contrast=\"auto\">\u00a0os registros em busca de indicadores de ataque e realiz<\/span><span data-contrast=\"auto\">e\u00a0<\/span><span data-contrast=\"auto\">testes de penetra\u00e7\u00e3o;<\/span><span data-ccp-props='{\"134233279\":true,\"201341983\":0,\"335559739\":160,\"335559740\":276}'>\u00a0<\/span><\/li>\n<li data-leveltext=\"\uf0b7\" data-font=\"Symbol\" data-listid=\"2\" data-aria-posinset=\"3\" data-aria-level=\"1\"><span data-contrast=\"auto\">U<\/span><span data-contrast=\"auto\">se uma solu\u00e7\u00e3o de seguran\u00e7a de servidor Linux.<\/span><span data-ccp-props='{\"134233279\":true,\"201341983\":0,\"335559739\":160,\"335559740\":276}'>\u00a0<\/span><\/li>\n<\/ul>\n<p><span data-contrast=\"auto\">Em particular, nossa solu\u00e7\u00e3o corporativa, <a href=\"https:\/\/www.kaspersky.com.br\/small-to-medium-business-security?icid=br_kdailyplacehold_acq_ona_smm__onl_b2b_kasperskydaily_wpplaceholder_______\" target=\"_blank\" rel=\"noopener\">Kaspersky Total Security for Business<\/a><\/span><span data-contrast=\"auto\">, inclui componentes para proteger servidores de e-mail e gateways. Voc\u00ea pode encontrar\u00a0<\/span><span data-contrast=\"auto\">dicas<\/span><span data-contrast=\"auto\">\u00a0e recomenda\u00e7\u00f5es mais detalhad<\/span><span data-contrast=\"auto\">a<\/span><span data-contrast=\"auto\">s\u00a0<\/span><a href=\"https:\/\/securelist.com\/an-overview-of-targeted-attacks-and-apts-on-linux\/98440\" target=\"_blank\" rel=\"noopener\"><span data-contrast=\"none\">nesta\u00a0<\/span><span data-contrast=\"none\">publica\u00e7\u00e3o<\/span><span data-contrast=\"none\">\u00a0d<\/span><span data-contrast=\"none\">o<\/span><span data-contrast=\"none\">\u00a0<\/span><span data-contrast=\"none\">Securelist<\/span><\/a><span data-contrast=\"auto\">.<\/span><span data-ccp-props='{\"201341983\":0,\"335559739\":160,\"335559740\":276}'>\u00a0<\/span><\/p>\n<p><span data-ccp-props='{\"201341983\":0,\"335559739\":160,\"335559740\":276}'><input type=\"hidden\" class=\"category_for_banner\" value=\"kesb-trial\"><\/span><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Nossos especialistas analisaram ataques sofisticados e campanhas APT direcionados ao Linux, e forneceram algumas recomenda\u00e7\u00f5es de seguran\u00e7a.\u00a0<\/p>\n","protected":false},"author":2581,"featured_media":16033,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[1119,1655],"tags":[71,1489,350],"class_list":{"0":"post-16032","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-business","8":"category-enterprise","9":"tag-apt","10":"tag-ataques-direcionados","11":"tag-linux"},"hreflang":[{"hreflang":"pt-br","url":"https:\/\/www.kaspersky.com.br\/blog\/threats-targeting-linux\/16032\/"},{"hreflang":"en-in","url":"https:\/\/www.kaspersky.co.in\/blog\/threats-targeting-linux\/21895\/"},{"hreflang":"en-ae","url":"https:\/\/me-en.kaspersky.com\/blog\/threats-targeting-linux\/17369\/"},{"hreflang":"ar","url":"https:\/\/me.kaspersky.com\/blog\/threats-targeting-linux\/8593\/"},{"hreflang":"en-us","url":"https:\/\/usa.kaspersky.com\/blog\/threats-targeting-linux\/23286\/"},{"hreflang":"en-gb","url":"https:\/\/www.kaspersky.co.uk\/blog\/threats-targeting-linux\/21471\/"},{"hreflang":"es-mx","url":"https:\/\/latam.kaspersky.com\/blog\/threats-targeting-linux\/20081\/"},{"hreflang":"es","url":"https:\/\/www.kaspersky.es\/blog\/threats-targeting-linux\/23848\/"},{"hreflang":"it","url":"https:\/\/www.kaspersky.it\/blog\/threats-targeting-linux\/22799\/"},{"hreflang":"ru","url":"https:\/\/www.kaspersky.ru\/blog\/threats-targeting-linux\/29068\/"},{"hreflang":"tr","url":"https:\/\/www.kaspersky.com.tr\/blog\/threats-targeting-linux\/8803\/"},{"hreflang":"x-default","url":"https:\/\/www.kaspersky.com\/blog\/threats-targeting-linux\/37001\/"},{"hreflang":"fr","url":"https:\/\/www.kaspersky.fr\/blog\/threats-targeting-linux\/15657\/"},{"hreflang":"pl","url":"https:\/\/plblog.kaspersky.com\/threats-targeting-linux\/13973\/"},{"hreflang":"de","url":"https:\/\/www.kaspersky.de\/blog\/threats-targeting-linux\/25138\/"},{"hreflang":"zh","url":"https:\/\/www.kaspersky.com.cn\/blog\/threats-targeting-linux\/11957\/"},{"hreflang":"ja","url":"https:\/\/blog.kaspersky.co.jp\/threats-targeting-linux\/29222\/"},{"hreflang":"nl","url":"https:\/\/www.kaspersky.nl\/blog\/threats-targeting-linux\/26066\/"},{"hreflang":"ru-kz","url":"https:\/\/blog.kaspersky.kz\/threats-targeting-linux\/22869\/"},{"hreflang":"en-au","url":"https:\/\/www.kaspersky.com.au\/blog\/threats-targeting-linux\/28189\/"},{"hreflang":"en-za","url":"https:\/\/www.kaspersky.co.za\/blog\/threats-targeting-linux\/28021\/"}],"acf":[],"banners":"","maintag":{"url":"https:\/\/www.kaspersky.com.br\/blog\/tag\/linux\/","name":"Linux"},"_links":{"self":[{"href":"https:\/\/www.kaspersky.com.br\/blog\/wp-json\/wp\/v2\/posts\/16032","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.kaspersky.com.br\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.kaspersky.com.br\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com.br\/blog\/wp-json\/wp\/v2\/users\/2581"}],"replies":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com.br\/blog\/wp-json\/wp\/v2\/comments?post=16032"}],"version-history":[{"count":1,"href":"https:\/\/www.kaspersky.com.br\/blog\/wp-json\/wp\/v2\/posts\/16032\/revisions"}],"predecessor-version":[{"id":16034,"href":"https:\/\/www.kaspersky.com.br\/blog\/wp-json\/wp\/v2\/posts\/16032\/revisions\/16034"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com.br\/blog\/wp-json\/wp\/v2\/media\/16033"}],"wp:attachment":[{"href":"https:\/\/www.kaspersky.com.br\/blog\/wp-json\/wp\/v2\/media?parent=16032"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.kaspersky.com.br\/blog\/wp-json\/wp\/v2\/categories?post=16032"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.kaspersky.com.br\/blog\/wp-json\/wp\/v2\/tags?post=16032"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}