{"id":6013,"date":"2024-02-03T19:59:24","date_gmt":"2024-02-03T18:59:24","guid":{"rendered":"https:\/\/sajberinfo.com\/?p=6013"},"modified":"2024-02-03T19:59:24","modified_gmt":"2024-02-03T18:59:24","slug":"anydesk-hakovan","status":"publish","type":"post","link":"https:\/\/sajberinfo.com\/en\/2024\/02\/03\/anydesk-hakovan\/","title":{"rendered":"AnyDesk hakovan"},"content":{"rendered":"<p><span style=\"font-size: 14pt;\"><em>AnyDesk<\/em> hakovan <a href=\"https:\/\/anydesk.com\/en\/public-statement\" target=\"_blank\" rel=\"noopener\">potvrdila je ova kompanija<\/a>, govore\u0107i o sajber napadu koji je omogu\u0107io <a href=\"https:\/\/sajberinfo.com\/en\/2022\/03\/19\/hakeri-crni-sesiri-epizoda-3\/\" target=\"_blank\" rel=\"nofollow noopener\">napada\u010dima<\/a> da dobiju pristup proizvodnim sistemima kompanije. Prema dostupnim informacijama, izvorni k\u00f4d i klju\u010devi za potpisivanje privatnog k\u00f4da su ukradeni tokom napada.<\/span><\/p>\n<div id=\"attachment_6014\" style=\"width: 1034px\" class=\"wp-caption aligncenter\"><img loading=\"lazy\" decoding=\"async\" aria-describedby=\"caption-attachment-6014\" class=\"size-full wp-image-6014\" src=\"https:\/\/sajberinfo.com\/wp-content\/uploads\/2024\/02\/AnyDesk-hack.jpg\" alt=\"AnyDesk hakovan\" width=\"1024\" height=\"1024\" srcset=\"https:\/\/sajberinfo.com\/wp-content\/uploads\/2024\/02\/AnyDesk-hack.jpg 1024w, https:\/\/sajberinfo.com\/wp-content\/uploads\/2024\/02\/AnyDesk-hack-300x300.jpg 300w, https:\/\/sajberinfo.com\/wp-content\/uploads\/2024\/02\/AnyDesk-hack-150x150.jpg 150w, https:\/\/sajberinfo.com\/wp-content\/uploads\/2024\/02\/AnyDesk-hack-768x768.jpg 768w, https:\/\/sajberinfo.com\/wp-content\/uploads\/2024\/02\/AnyDesk-hack-12x12.jpg 12w, https:\/\/sajberinfo.com\/wp-content\/uploads\/2024\/02\/AnyDesk-hack-80x80.jpg 80w, https:\/\/sajberinfo.com\/wp-content\/uploads\/2024\/02\/AnyDesk-hack-320x320.jpg 320w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><p id=\"caption-attachment-6014\" class=\"wp-caption-text\"><em>AnyDesk hakovan; Source: Bing Image Creator<\/em><\/p><\/div>\n<p><span style=\"font-size: 14pt;\"><em> <div id=\"ez-toc-container\" class=\"ez-toc-v2_0_82 counter-hierarchy ez-toc-counter ez-toc-custom ez-toc-container-direction\">\n<div class=\"ez-toc-title-container\">\n<p class=\"ez-toc-title\" style=\"cursor:inherit\">Sadr\u017eaj<\/p>\n<span class=\"ez-toc-title-toggle\"><a href=\"#\" class=\"ez-toc-pull-right ez-toc-btn ez-toc-btn-xs ez-toc-btn-default ez-toc-toggle\" aria-label=\"Toggle Table of Content\"><span class=\"ez-toc-js-icon-con\"><span class=\"\"><span class=\"eztoc-hide\" style=\"display:none;\">Toggle<\/span><span class=\"ez-toc-icon-toggle-span\"><svg style=\"fill: #ffffff;color:#ffffff\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" class=\"list-377408\" width=\"20px\" height=\"20px\" viewbox=\"0 0 24 24\" fill=\"none\"><path d=\"M6 6H4v2h2V6zm14 0H8v2h12V6zM4 11h2v2H4v-2zm16 0H8v2h12v-2zM4 16h2v2H4v-2zm16 0H8v2h12v-2z\" fill=\"currentColor\"><\/path><\/svg><svg style=\"fill: #ffffff;color:#ffffff\" class=\"arrow-unsorted-368013\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"10px\" height=\"10px\" viewbox=\"0 0 24 24\" version=\"1.2\" baseprofile=\"tiny\"><path d=\"M18.2 9.3l-6.2-6.3-6.2 6.3c-.2.2-.3.4-.3.7s.1.5.3.7c.2.2.4.3.7.3h11c.3 0 .5-.1.7-.3.2-.2.3-.5.3-.7s-.1-.5-.3-.7zM5.8 14.7l6.2 6.3 6.2-6.3c.2-.2.3-.5.3-.7s-.1-.5-.3-.7c-.2-.2-.4-.3-.7-.3h-11c-.3 0-.5.1-.7.3-.2.2-.3.5-.3.7s.1.5.3.7z\"\/><\/svg><\/span><\/span><\/span><\/a><\/span><\/div>\n<nav><ul class='ez-toc-list ez-toc-list-level-1' ><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-1\" href=\"https:\/\/sajberinfo.com\/en\/2024\/02\/03\/anydesk-hakovan\/#ANYDESK_HAKOVAN\">ANYDESK HAKOVAN<\/a><ul class='ez-toc-list-level-3' ><li class='ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-2\" href=\"https:\/\/sajberinfo.com\/en\/2024\/02\/03\/anydesk-hakovan\/#Kada_se_desio_ovaj_incident\">Kada se desio ovaj incident?<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-3\" href=\"https:\/\/sajberinfo.com\/en\/2024\/02\/03\/anydesk-hakovan\/#Da_li_je_ovo_kompromis_lanca_snabdijevanja\">Da li je ovo kompromis lanca snabdijevanja?<\/a><\/li><\/ul><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-4\" href=\"https:\/\/sajberinfo.com\/en\/2024\/02\/03\/anydesk-hakovan\/#ZASTITA\">ZA\u0160TITA<\/a><\/li><\/ul><\/nav><\/div>\n<\/em><\/span><\/p>\n<p><span style=\"font-size: 14pt;\"><em>AnyDesk<\/em> je rje\u0161enje za daljinski pristup koje korisnicima omogu\u0107ava daljinski pristup ra\u010dunarima preko mre\u017ee ili interneta. Program je veoma popularan me\u0111u poslovnim organizacijama, koje ga koriste za daljinsku podr\u0161ku ili za pristup serverima koji se nalaze na udaljenoj lokaciji lokaciji. <\/span><span style=\"font-size: 14pt;\"><em>AnyDesk<\/em> ima preko 170.000 kupaca, uklju\u010duju\u0107i <em>Amedes, AutoForm Engineering, LG Electronics, Samsung Electronics, Spidercam<\/em> i <em>Thales<\/em>.<\/span><\/p>\n<p>&nbsp;<\/p>\n<h2><span class=\"ez-toc-section\" id=\"ANYDESK_HAKOVAN\"><\/span><span style=\"font-size: 14pt;\"><strong><em>ANYDESK<\/em> HAKOVAN<\/strong><\/span><span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p><span style=\"font-size: 14pt;\">Kompanija <em>AnyDesk<\/em> je saznala za napad nakon otkrivanja naznaka incidenta na njihovim proizvodim serverima. Nakon sprovo\u0111enja bezbjednosne revizije, utvrdili su da su njihovi sistemi kompromitovani i aktivirali <a href=\"https:\/\/sajberinfo.com\/en\/2020\/10\/26\/plan-odgovora-na-sajber-prijetnju\/\" target=\"_blank\" rel=\"nofollow noopener\">plan odgovora na sajber prijetnju<\/a> uz pomo\u0107 kompanije za sajber bezbjednost <em>CrowdStrike<\/em>.<\/span><\/p>\n<p><span style=\"font-size: 14pt;\">Kompanija nije podijelila detalje o tome da li su podaci ukradeni tokom napada. Me\u0111utim, <a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/anydesk-says-hackers-breached-its-production-servers-reset-passwords\/\" target=\"_blank\" rel=\"noopener\"><em>BleepingComputer<\/em> je saznao<\/a> da su zlonamjerni akteri ukrali izvorni k\u00f4d i certifikate za potpisivanje k\u00f4da. Kompanija <em>AnyDesk<\/em> je tako\u0111e potvrdila da nema znakova <em>ransomware<\/em> napada, ali nije podijelila previ\u0161e informacija o napadu, osim \u0161to je rekla da su njihovi serveri kompromitovani, pri \u010demu se objava uglavnom fokusirala na to kako su reagovali na incident.<\/span><\/p>\n<p><span style=\"font-size: 14pt;\">Kao dio svog odgovora, <em>AnyDesk<\/em> ka\u017ee da su opozivali certifikate vezane za bezbjednost i po potrebi popravili ili zamijenili sisteme. Tako\u0111e su uvjerili kupce da je <em>AnyDesk<\/em> bezbjedan za kori\u0161tenje i da nema dokaza da su ure\u0111aji krajnjeg korisnika pogo\u0111eni incidentom.<\/span><\/p>\n<blockquote><p>&nbsp;<\/p>\n<p><span style=\"font-size: 14pt;\"><em>\u201cMo\u017eemo potvrditi da je situacija pod kontrolom i da je bezbjedno koristiti AnyDesk. Uvjerite se da koristite najnoviju verziju, sa novim certifikatom za potpisivanje k\u00f4da.\u201d<\/em><\/span><\/p>\n<p style=\"text-align: right;\"><span style=\"font-size: 14pt;\"><em>\u00a0<\/em><\/span><span style=\"font-size: 14pt;\"><em>&#8211; AnyDesk &#8211;<\/em><\/span><\/p>\n<\/blockquote>\n<p>&nbsp;<\/p>\n<p><span style=\"font-size: 14pt;\">Me\u0111utim, iz opreza, kompanija je opozivala sve lozinke na svom internet portalu i preporu\u010duje korisnicima da promjene svoje lozinke, posebno ako se koriste na drugim lokacijama. Toplo se preporu\u010duje da svi korisnici instaliraju najnoviju verziju softvera (verzija 8.0.8 za <em>Windows<\/em>, drugi binarni fajlovi i dalje koriste stari certifikat), po\u0161to \u0107e stari certifikat za potpisivanje k\u00f4da uskoro biti opozvan.<\/span><\/p>\n<p>&nbsp;<\/p>\n<h3><span class=\"ez-toc-section\" id=\"Kada_se_desio_ovaj_incident\"><\/span><span style=\"font-size: 14pt;\"><strong>Kada se desio ovaj incident?<\/strong><\/span><span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p><span style=\"font-size: 14pt;\">Nikakav vremenski okvir za incident nije naveden u <em>AnyDesk <\/em>objavi. Me\u0111utim, <a href=\"https:\/\/twitter.com\/anydesk\/status\/1752422327109746944\" target=\"_blank\" rel=\"noopener\"><em>AnyDesk<\/em> je najavio<\/a> da \u0107e 30. januara biti podvrgnut 48-satnom periodu odr\u017eavanja na svom<em> X<\/em> (ranije poznatom kao <em>Twitter)<\/em> nalogu.<\/span><\/p>\n<p>&nbsp;<\/p>\n<h3><span class=\"ez-toc-section\" id=\"Da_li_je_ovo_kompromis_lanca_snabdijevanja\"><\/span><span style=\"font-size: 14pt;\"><strong>Da li je ovo kompromis lanca snabdijevanja?<\/strong><\/span><span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p><span style=\"font-size: 14pt;\">Na osnovu ograni\u010denih informacija dostupnih od 2. februara, nema naznaka da je do\u0161lo do incidenta u lancu snabdijevanja. Dok se certifikatima za potpisivanje k\u00f4da <em>\u201cpristupilo\u201d,<\/em> \u010dini se da postoje\u0107i <em>AnyDesk<\/em> binarne datoteke nisu mijenjale koliko je poznato.<\/span><\/p>\n<p>&nbsp;<\/p>\n<h2><span class=\"ez-toc-section\" id=\"ZASTITA\"><\/span><span style=\"font-size: 14pt;\"><strong>ZA\u0160TITA<\/strong><\/span><span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p><span style=\"font-size: 14pt;\">Sa 2. februarom, <em>AnyDesk<\/em> je objavio samo jednu novu verziju <em>AnyDesk<\/em> za <em>Windows<\/em> koja uklju\u010duje novi certifikat za potpisivanje k\u00f4da. Korisnicima se preporu\u010duje da instaliraju najnoviju verziju softvera.<\/span><\/p>\n<table width=\"0\">\n<thead>\n<tr>\n<td width=\"149\"><span style=\"font-size: 14pt;\"><em>AnyDesk<\/em> platforma<\/span><\/td>\n<td width=\"70\"><span style=\"font-size: 14pt;\">Verzija<\/span><\/td>\n<td width=\"137\"><span style=\"font-size: 14pt;\">A\u017eurirano<\/span><\/td>\n<\/tr>\n<\/thead>\n<tbody>\n<tr>\n<td width=\"149\"><span style=\"font-size: 14pt;\"><em>Windows<\/em><\/span><\/td>\n<td width=\"70\"><span style=\"font-size: 14pt;\">8.0.8<\/span><\/td>\n<td width=\"137\"><span style=\"font-size: 14pt;\">29. januar 2024.<\/span><\/td>\n<\/tr>\n<tr>\n<td width=\"149\"><span style=\"font-size: 14pt;\"><em>macOS<\/em><\/span><\/td>\n<td width=\"70\"><span style=\"font-size: 14pt;\">7.3.0<\/span><\/td>\n<td width=\"137\"><span style=\"font-size: 14pt;\">21. novembar 2023.<\/span><\/td>\n<\/tr>\n<tr>\n<td width=\"149\"><span style=\"font-size: 14pt;\"><em>Android<\/em><\/span><\/td>\n<td width=\"70\"><span style=\"font-size: 14pt;\">7.1.0<\/span><\/td>\n<td width=\"137\"><span style=\"font-size: 14pt;\">6. novembar 2023.<\/span><\/td>\n<\/tr>\n<tr>\n<td width=\"149\"><span style=\"font-size: 14pt;\"><em>iOS<\/em><\/span><\/td>\n<td width=\"70\"><span style=\"font-size: 14pt;\">7.1.0<\/span><\/td>\n<td width=\"137\"><span style=\"font-size: 14pt;\">13. decembar 2023.<\/span><\/td>\n<\/tr>\n<tr>\n<td width=\"149\"><span style=\"font-size: 14pt;\"><em>tvOS<\/em><\/span><\/td>\n<td width=\"70\"><span style=\"font-size: 14pt;\">7.1.0<\/span><\/td>\n<td width=\"137\"><span style=\"font-size: 14pt;\">nepoznato<\/span><\/td>\n<\/tr>\n<tr>\n<td width=\"149\"><span style=\"font-size: 14pt;\"><em>Linux<\/em><\/span><\/td>\n<td width=\"70\"><span style=\"font-size: 14pt;\">6.3.0<\/span><\/td>\n<td width=\"137\"><span style=\"font-size: 14pt;\">10. avgust 2023.<\/span><\/td>\n<\/tr>\n<tr>\n<td width=\"149\"><span style=\"font-size: 14pt;\"><em>FreeBSD<\/em><\/span><\/td>\n<td width=\"70\"><span style=\"font-size: 14pt;\">6.1.0<\/span><\/td>\n<td width=\"137\"><span style=\"font-size: 14pt;\">28. januar 2021.<\/span><\/td>\n<\/tr>\n<tr>\n<td width=\"149\"><span style=\"font-size: 14pt;\"><em>Raspberry Pi<\/em><\/span><\/td>\n<td width=\"70\"><span style=\"font-size: 14pt;\">6.3.0<\/span><\/td>\n<td width=\"137\"><span style=\"font-size: 14pt;\">10. avgust 2023.<\/span><\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<p><span style=\"font-size: 14pt;\">Nema kona\u010dne potvrde da \u0107e druge verzije <em>AnyDesk<\/em> biti a\u017eurirane novim certifikatima za potpisivanje k\u00f4da, a gore navedene verzije su informativnog karaktera.<\/span><\/p>","protected":false},"excerpt":{"rendered":"<p>AnyDesk hakovan potvrdila je ova kompanija, govore\u0107i o sajber napadu koji je omogu\u0107io napada\u010dima da dobiju pristup proizvodnim sistemima kompanije. Prema dostupnim informacijama, izvorni k\u00f4d i klju\u010devi za potpisivanje privatnog k\u00f4da su ukradeni tokom&#46;&#46;&#46;<\/p>","protected":false},"author":1,"featured_media":6014,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[6],"tags":[187,722,326,186,141,144,724,723,143],"class_list":["post-6013","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-hronike","tag-android","tag-anydesk","tag-freebsd","tag-ios","tag-linux","tag-macos","tag-raspberry-pi","tag-tvos","tag-windows"],"_links":{"self":[{"href":"https:\/\/sajberinfo.com\/en\/wp-json\/wp\/v2\/posts\/6013","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/sajberinfo.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/sajberinfo.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/sajberinfo.com\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/sajberinfo.com\/en\/wp-json\/wp\/v2\/comments?post=6013"}],"version-history":[{"count":0,"href":"https:\/\/sajberinfo.com\/en\/wp-json\/wp\/v2\/posts\/6013\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/sajberinfo.com\/en\/wp-json\/wp\/v2\/media\/6014"}],"wp:attachment":[{"href":"https:\/\/sajberinfo.com\/en\/wp-json\/wp\/v2\/media?parent=6013"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/sajberinfo.com\/en\/wp-json\/wp\/v2\/categories?post=6013"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/sajberinfo.com\/en\/wp-json\/wp\/v2\/tags?post=6013"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}