{"id":5609,"date":"2023-11-07T23:17:39","date_gmt":"2023-11-07T22:17:39","guid":{"rendered":"https:\/\/sajberinfo.com\/?p=5609"},"modified":"2023-11-07T23:19:38","modified_gmt":"2023-11-07T22:19:38","slug":"trap-stealer-krade-podatke-za-samo-6-sekundi","status":"publish","type":"post","link":"https:\/\/sajberinfo.com\/en\/2023\/11\/07\/trap-stealer-krade-podatke-za-samo-6-sekundi\/","title":{"rendered":"Trap Stealer krade podatke za samo 6 sekundi"},"content":{"rendered":"<p><span style=\"font-size: 14pt;\">Kradljivci podataka su nastavili da se razvijaju sa sve sofisticiranijim karakteristikama, a rasprostranjenost otvorenog k\u00f4da je odigrala klju\u010dnu ulogu u uvo\u0111enju brojnih kradljivca, pa tako i <em>Trap Stealer<\/em> kradljivca kojeg su <a href=\"https:\/\/cyble.com\/blog\/new-open-source-trap-stealer-pilfers-data-in-just-6-seconds\/\" target=\"_blank\" rel=\"noopener\">otkrili sigurnosni istra\u017eiva\u010d <em>Cyble Research and Intelligence Labs<\/em> (<em>CRIL<\/em>)<\/a>.<\/span><\/p>\n<div id=\"attachment_5612\" style=\"width: 1034px\" class=\"wp-caption aligncenter\"><img loading=\"lazy\" decoding=\"async\" aria-describedby=\"caption-attachment-5612\" class=\"size-full wp-image-5612\" src=\"https:\/\/sajberinfo.com\/wp-content\/uploads\/2023\/11\/Trap-Stealer.jpg\" alt=\"Trap Stealer kradljivac \" width=\"1024\" height=\"1024\" srcset=\"https:\/\/sajberinfo.com\/wp-content\/uploads\/2023\/11\/Trap-Stealer.jpg 1024w, https:\/\/sajberinfo.com\/wp-content\/uploads\/2023\/11\/Trap-Stealer-300x300.jpg 300w, https:\/\/sajberinfo.com\/wp-content\/uploads\/2023\/11\/Trap-Stealer-150x150.jpg 150w, https:\/\/sajberinfo.com\/wp-content\/uploads\/2023\/11\/Trap-Stealer-768x768.jpg 768w, https:\/\/sajberinfo.com\/wp-content\/uploads\/2023\/11\/Trap-Stealer-12x12.jpg 12w, https:\/\/sajberinfo.com\/wp-content\/uploads\/2023\/11\/Trap-Stealer-80x80.jpg 80w, https:\/\/sajberinfo.com\/wp-content\/uploads\/2023\/11\/Trap-Stealer-320x320.jpg 320w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><p id=\"caption-attachment-5612\" class=\"wp-caption-text\"><em>Trap Stealer: Source: Bing Image Creator<\/em><\/p><\/div>\n\n<div id=\"ez-toc-container\" class=\"ez-toc-v2_0_84 counter-hierarchy ez-toc-counter ez-toc-custom ez-toc-container-direction\">\n<div class=\"ez-toc-title-container\">\n<p class=\"ez-toc-title\" style=\"cursor:inherit\">Sadr\u017eaj<\/p>\n<span class=\"ez-toc-title-toggle\"><a href=\"#\" class=\"ez-toc-pull-right ez-toc-btn ez-toc-btn-xs ez-toc-btn-default ez-toc-toggle\" aria-label=\"Toggle Table of Content\"><span class=\"ez-toc-js-icon-con\"><span class=\"\"><span class=\"eztoc-hide\" style=\"display:none;\">Toggle<\/span><span class=\"ez-toc-icon-toggle-span\"><svg style=\"fill: #ffffff;color:#ffffff\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" class=\"list-377408\" width=\"20px\" height=\"20px\" viewbox=\"0 0 24 24\" fill=\"none\"><path d=\"M6 6H4v2h2V6zm14 0H8v2h12V6zM4 11h2v2H4v-2zm16 0H8v2h12v-2zM4 16h2v2H4v-2zm16 0H8v2h12v-2z\" fill=\"currentColor\"><\/path><\/svg><svg style=\"fill: #ffffff;color:#ffffff\" class=\"arrow-unsorted-368013\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"10px\" height=\"10px\" viewbox=\"0 0 24 24\" version=\"1.2\" baseprofile=\"tiny\"><path d=\"M18.2 9.3l-6.2-6.3-6.2 6.3c-.2.2-.3.4-.3.7s.1.5.3.7c.2.2.4.3.7.3h11c.3 0 .5-.1.7-.3.2-.2.3-.5.3-.7s-.1-.5-.3-.7zM5.8 14.7l6.2 6.3 6.2-6.3c.2-.2.3-.5.3-.7s-.1-.5-.3-.7c-.2-.2-.4-.3-.7-.3h-11c-.3 0-.5.1-.7.3-.2.2-.3.5-.3.7s.1.5.3.7z\"\/><\/svg><\/span><\/span><\/span><\/a><\/span><\/div>\n<nav><ul class='ez-toc-list ez-toc-list-level-1' ><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-1\" href=\"https:\/\/sajberinfo.com\/en\/2023\/11\/07\/trap-stealer-krade-podatke-za-samo-6-sekundi\/#TRAP_STEALER\" >TRAP STEALER<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-2\" href=\"https:\/\/sajberinfo.com\/en\/2023\/11\/07\/trap-stealer-krade-podatke-za-samo-6-sekundi\/#FUNKCIONALNOST\" >FUNKCIONALNOST<\/a><ul class='ez-toc-list-level-3' ><li class='ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-3\" href=\"https:\/\/sajberinfo.com\/en\/2023\/11\/07\/trap-stealer-krade-podatke-za-samo-6-sekundi\/#Lazni_generator\" >La\u017eni generator<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-4\" href=\"https:\/\/sajberinfo.com\/en\/2023\/11\/07\/trap-stealer-krade-podatke-za-samo-6-sekundi\/#Modul_za_ubacivanje\" >Modul za ubacivanje<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-5\" href=\"https:\/\/sajberinfo.com\/en\/2023\/11\/07\/trap-stealer-krade-podatke-za-samo-6-sekundi\/#Pokretanje\" >Pokretanje<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-6\" href=\"https:\/\/sajberinfo.com\/en\/2023\/11\/07\/trap-stealer-krade-podatke-za-samo-6-sekundi\/#Anti-debugging\" >Anti-debugging<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-7\" href=\"https:\/\/sajberinfo.com\/en\/2023\/11\/07\/trap-stealer-krade-podatke-za-samo-6-sekundi\/#Anti-Spammer\" >Anti-Spammer<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-8\" href=\"https:\/\/sajberinfo.com\/en\/2023\/11\/07\/trap-stealer-krade-podatke-za-samo-6-sekundi\/#Topionica\" >Topionica<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-9\" href=\"https:\/\/sajberinfo.com\/en\/2023\/11\/07\/trap-stealer-krade-podatke-za-samo-6-sekundi\/#Rusilac\" >Ru\u0161ilac<\/a><\/li><\/ul><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-10\" href=\"https:\/\/sajberinfo.com\/en\/2023\/11\/07\/trap-stealer-krade-podatke-za-samo-6-sekundi\/#ZAKLJUCAK\" >ZAKLJU\u010cAK<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-11\" href=\"https:\/\/sajberinfo.com\/en\/2023\/11\/07\/trap-stealer-krade-podatke-za-samo-6-sekundi\/#ZASTITA\" >ZA\u0160TITA<\/a><\/li><\/ul><\/nav><\/div>\n<h2><span class=\"ez-toc-section\" id=\"TRAP_STEALER\"><\/span><span style=\"font-size: 14pt;\"><strong><em>TRAP STEALER<\/em><\/strong><\/span><span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p><span style=\"font-size: 14pt;\"><em>Trap Stealer<\/em> kradljivac podataka je zasnovan na <em>Python<\/em> programskom jeziku izgra\u0111en kori\u0161tenjem otvorenog k\u00f4da, a obuhvata razli\u010dite funkcionalnosti, od zaobila\u017eenja bezbjednosnih mjera do kra\u0111e korisni\u010dkih <a href=\"https:\/\/sajberinfo.com\/en\/2023\/04\/16\/podaci-uvod-epizoda-1\/\" target=\"_blank\" rel=\"nofollow noopener\">podataka<\/a> i njihovog slanja <a href=\"https:\/\/sajberinfo.com\/en\/2022\/03\/19\/hakeri-crni-sesiri-epizoda-3\/\" target=\"_blank\" rel=\"nofollow noopener\">zlonamjernom akteru<\/a>.<\/span><\/p>\n<p><span style=\"font-size: 14pt;\">\u00a0Ovaj kradljivac je dizajniran za tajno izdvajanje \u0161irokog spektra osjetljivih informacija iz kompromitovanog sistema, uklju\u010duju\u0107i kola\u010dic\u0301e, istoriju pregledanja iz svih Internet pregleda\u010da, tokene iz <em>Discord<\/em> aplikacija, sadr\u017eaj me\u0111umemorije, podatke kripto nov\u010danika, <em>WhatsApp<\/em> datoteke i jo\u0161 mnogo toga. Prikupljeni podaci se formatiraju i \u0161alju putem platforme <em>Discord<\/em>. Ovaj kradljivac ima i opcionalni modul za ru\u0161enje koji poku\u0161ava da pokrene pad sistema kada zlonamjerni akter preuzme podatke sa ure\u0111aja.<\/span><\/p>\n<p><span style=\"font-size: 14pt;\">Zlonamjerni akter koji stoji iza ovog kradljivca podataka je javno podijelio kompletan izvorni k\u00f4d na platformi <a href=\"https:\/\/github.com\/TheCuteOwl\/Trap-Stealer\" target=\"_blank\" rel=\"noopener\">GitHub<\/a>. Primjetno je da zlonamjerni akter neprestano pobolj\u0161ava k\u00f4d kradljivca uvo\u0111enjem novih funkcija i mogu\u0107nosti, pa tako on izri\u010dito navodi da ovaj kradljivac mo\u017ee da uhvati podatke \u017ertava u roku od samo 6 sekundi.<\/span><\/p>\n<p>&nbsp;<\/p>\n<h2><span class=\"ez-toc-section\" id=\"FUNKCIONALNOST\"><\/span><span style=\"font-size: 14pt;\"><strong>FUNKCIONALNOST<\/strong><\/span><span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p><span style=\"font-size: 14pt;\">Proces pravljenja ovog kradljivca se pokrec\u0301e kada se datoteka <em>Python<\/em> skripte \u201c<em>builder.py<\/em>\u201d izvr\u0161i u mapi za pode\u0161avanje <em>Trap Stealer<\/em> kradljivca. U sljede\u0107em koraku dolazi do zahtjeva za <em>Discord<\/em> <em>webhook<\/em> adresom sve dok ne bude une\u0161ene ispravna <em>webhook<\/em> adresa koja slu\u017ei kao udaljeni server za zlonamjernog aktera preko kojeg prikuplja ukradene podatke. Pored toga su su:<\/span><\/p>\n<p>&nbsp;<\/p>\n<h3><span class=\"ez-toc-section\" id=\"Lazni_generator\"><\/span><strong><span style=\"font-size: 14pt;\">La\u017eni generator<\/span><\/strong><span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p><span style=\"font-size: 14pt;\">Ovaj alat uklju\u010duje jo\u0161 jedan obmanjujuc\u0301i modul koji omogu\u0107ava zlonamjernom akteru da kamuflira svoj zlonamjerni k\u00f4d\u00a0 iza generatora kodova poklon kartica. Ovaj modul simulira generisanje la\u017enih kodova <em>Discord<\/em> poklon kartica.<\/span><\/p>\n<p>&nbsp;<\/p>\n<h3><span class=\"ez-toc-section\" id=\"Modul_za_ubacivanje\"><\/span><strong><span style=\"font-size: 14pt;\">Modul za ubacivanje<\/span><\/strong><span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p><span style=\"font-size: 14pt;\">Ovaj modul je dizajniran da izmjeni osnovnu <em>Discord <\/em>datoteku, posebno datoteku \u201c<em>indek.js<\/em>\u201d, sa ciljem da omogu\u0107i neovla\u0161teno prac\u0301enje radnji korisnika i prikriveno preuzimanje osjetljivih informacija sa kompromitovanog <em>Discord<\/em> naloga.<\/span><\/p>\n<p>&nbsp;<\/p>\n<h3><span class=\"ez-toc-section\" id=\"Pokretanje\"><\/span><strong><span style=\"font-size: 14pt;\">Pokretanje<\/span><\/strong><span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p><span style=\"font-size: 14pt;\">Namjena ovog modula je da kreira kopiju <em>Trap Stealer<\/em> kradljivca sa nasumi\u010dnim imenom datoteke u direktorijumu specifi\u010dnom za korisnika. Pored toga, kreira unos za pokretanje u Windows registru, osiguravaju\u0107i da se kradljivac pokrene kada se sistem pokrene.<\/span><\/p>\n<p>&nbsp;<\/p>\n<h3><span class=\"ez-toc-section\" id=\"Anti-debugging\"><\/span><strong><span style=\"font-size: 14pt;\"><em>Anti-debugging<\/em><\/span><\/strong><span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p><span style=\"font-size: 14pt;\">Ovaj modul ima za cilj da identifikuje postojanje programa za otklanjanje gre\u0161aka ili bilo kakvih alata za analizu koji rade na sistemu, kao i da procjeni da li je sistem fizi\u010dka ili virtualna ma\u0161ina.<\/span><\/p>\n<p>&nbsp;<\/p>\n<h3><span class=\"ez-toc-section\" id=\"Anti-Spammer\"><\/span><strong><span style=\"font-size: 14pt;\"><em>Anti-Spammer<\/em><\/span><\/strong><span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p><span style=\"font-size: 14pt;\">Ovaj modul name\u0107e ograni\u010denje na u\u010destalost akcija kradljivca, uklju\u010duju\u0107i osjetljivo preuzimanje datoteka i podataka, obezbe\u0111uju\u0107i da se one ne mogu de\u0161avati \u010de\u0161c\u0301e od svakih 30 minuta. Ovaj pristup je dizajniran da smanji rizik od otkrivanja ili ometanja od strane bezbjednosnih sistema i alata za prac\u0301enje.<\/span><\/p>\n<p>&nbsp;<\/p>\n<h3><span class=\"ez-toc-section\" id=\"Topionica\"><\/span><strong><span style=\"font-size: 14pt;\">Topionica<\/span><\/strong><span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p><span style=\"font-size: 14pt;\">Ovaj modul je dizajniran da ukloni izvr\u0161nu datoteku <em>Trap Stealer<\/em> kradljivca iz sistema nakon \u0161to zavr\u0161i operaciju kra\u0111e podataka.<\/span><\/p>\n<p>&nbsp;<\/p>\n<h3><span class=\"ez-toc-section\" id=\"Rusilac\"><\/span><strong><span style=\"font-size: 14pt;\">Ru\u0161ilac<\/span><\/strong><span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p><span style=\"font-size: 14pt;\">Ovaj k\u00f4d je dizajniran da modifikuje sistemske privilegije i namjerno pokrene odre\u0111enu te\u0161ku gre\u0161ku, \u0161to dovodi do namjernog pada sistema.<\/span><\/p>\n<p>&nbsp;<\/p>\n<h2><span class=\"ez-toc-section\" id=\"ZAKLJUCAK\"><\/span><span style=\"font-size: 14pt;\"><strong>ZAKLJU\u010cAK<\/strong><\/span><span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p><span style=\"font-size: 14pt;\">Korisnici i sigurnosni stru\u010dnjaci su svjedoci neprestanim inovacijama zlonamjernih aktera koji razvijaju nove tehnike i obrasce. Oni se prilago\u0111avaju i pro\u0161iruju paralelno sa kontinuiranim kreiranjem novih aplikacija i alata. U ovom primjeru svjedoci smo evolucije\u00a0 <em>Trap Stealer<\/em> kradljivca, alat zasnovanom na <em>Python<\/em> programskom jeziku koja prikazuje niz sofisticiranih funkcija, posebno vje\u0161tih u izdvajanju privatnih informacija sa platformi kao \u0161to su <em>Discord<\/em>, <em>WhatsApp<\/em> i druge aplikacije.<\/span><\/p>\n<p><span style=\"font-size: 14pt;\">S obzirom da se \u010dini da je ovaj kradljivac u fazi razvoja, velika je vjerovatno\u0107a da \u0107e se pojaviti nova verzija, opremljena dodatnim funkcijama dizajniranim da pobolj\u0161aju prikrivenost i ciljaju \u0161iri spektar aplikacija. Ovo nagla\u0161ava dinami\u010dnu i stalno evoluirajuc\u0301u prirodu prijetnji po <a href=\"https:\/\/sajberinfo.com\/en\/2018\/12\/23\/sajber-bezbjednost\/\" target=\"_blank\" rel=\"nofollow noopener\">sajber bezbjednost<\/a>, nagla\u0161avaju\u0107i stalnu potrebu za proaktivnim mjerama za za\u0161titu od njih.<\/span><\/p>\n<p>&nbsp;<\/p>\n<h2><span class=\"ez-toc-section\" id=\"ZASTITA\"><\/span><span style=\"font-size: 14pt;\"><strong>ZA\u0160TITA<\/strong><\/span><span class=\"ez-toc-section-end\"><\/span><\/h2>\n<ul>\n<li><span style=\"font-size: 14pt;\">Na Internetu kupovati softver samo iz provjerenih izvora.<\/span><\/li>\n<li><span style=\"font-size: 14pt;\">Biti oprezan sa primamljivim ponudama koje postavljaju zlonamjerni akteri u vidu la\u017enih generatora ili alata za slanje ne\u017eeljene po\u0161te.<\/span><\/li>\n<li><span style=\"font-size: 14pt;\">Po\u017eeljno je onemogu\u0107iti automatsko \u010duvanje lozinki u Internet pregleda\u010dima i iste \u010duvati u menad\u017eerima lozinki.<\/span><\/li>\n<li><span style=\"font-size: 14pt;\">Koristiti pouzdana i provjerena <a href=\"https:\/\/sajberinfo.com\/en\/2021\/08\/17\/antivirusni-softver\/\" target=\"_blank\" rel=\"nofollow noopener\">antivirusna rje\u0161enja<\/a> na povezanim ure\u0111ajima, uklju\u010duju\u0107i ra\u010dunar, laptop i pametni telefon.<\/span><\/li>\n<\/ul>","protected":false},"excerpt":{"rendered":"<p>Kradljivci podataka su nastavili da se razvijaju sa sve sofisticiranijim karakteristikama, a rasprostranjenost otvorenog k\u00f4da je odigrala klju\u010dnu ulogu u uvo\u0111enju brojnih kradljivca, pa tako i Trap Stealer kradljivca kojeg su otkrili sigurnosni istra\u017eiva\u010d&#46;&#46;&#46;<\/p>","protected":false},"author":1,"featured_media":5612,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[6],"tags":[148,564],"class_list":["post-5609","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-hronike","tag-infostealer","tag-trap-stealer"],"_links":{"self":[{"href":"https:\/\/sajberinfo.com\/en\/wp-json\/wp\/v2\/posts\/5609","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/sajberinfo.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/sajberinfo.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/sajberinfo.com\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/sajberinfo.com\/en\/wp-json\/wp\/v2\/comments?post=5609"}],"version-history":[{"count":0,"href":"https:\/\/sajberinfo.com\/en\/wp-json\/wp\/v2\/posts\/5609\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/sajberinfo.com\/en\/wp-json\/wp\/v2\/media\/5612"}],"wp:attachment":[{"href":"https:\/\/sajberinfo.com\/en\/wp-json\/wp\/v2\/media?parent=5609"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/sajberinfo.com\/en\/wp-json\/wp\/v2\/categories?post=5609"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/sajberinfo.com\/en\/wp-json\/wp\/v2\/tags?post=5609"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}