ȸ¿ø°¡ÀÔ | ID / PASS ã±â
°øÁö»çÇ×
1:1¹®ÀÇ
ÀÚÁÖ¹¯´ÂÁú¹®
ÀÚ·á½Ç
ns1.passway.co.kr
210.118.170.10
ns2.passway.co.kr
210.118.170.15
Home > °í°´¼¾ÅÍ > °øÁö»çÇ×
 
ÀÛ¼ºÀÏ : 17-05-15 11:53
[º¸¾È] WannaCry ·£¼¶¿þ¾î ´ëÀÀ¹æ¹ý ¾È³»
 ±Û¾´ÀÌ : ÃÖ°í°ü¸®ÀÚ
Á¶È¸ : 353,091  

·£¼¶¿þÀÌ °ü·ÃÇÏ¿© MS·ÎºÎÅÍ ´ëÀÀ ¹æ¹ýÀ» Àü´Þ ¹Þ¾Æ °øÀ¯ µå¸®¿À´Ï ¾÷¹«¿¡ Âü°íÇϽñ⠹ٶø´Ï´Ù.

Microsoft º¸¾È ¾÷µ¥ÀÌÆ®°¡ Àû¿ëµÇÁö ¾ÊÀº Ãë¾àÇÑ Windows ½Ã½ºÅÛÀ» °Ü³É ÇÑ ¡®WannaCry(¿ö³ÊÅ©¶óÀÌ) ·£¼¶¿þ¾î¡¯ÀÇ °ø°ÝÀÌ Àü¼¼°èÀûÀ¸·Î ÁøÇàµÇ°í ÀÖ½À´Ï´Ù.

·£¼¶¿þ¾î¶õ ÄÄÇ»ÅÍ »ç¿ëÀÚÀÇ ÆÄÀÏÀ» ÀÎÁú·Î ±ÝÀüÀ» ¿ä±¸ÇÏ´Â ¾Ç¼º ÇÁ·Î±×·¥À¸·Î ¸ö°ªÀ» ¶æÇÏ´Â ·£¼¶(Ransom)°ú ¼ÒÇÁ¿þ¾î(Software)ÀÇ ÇÕ¼º¾îÀÔ´Ï´Ù.

WannaCry ·£¼¶¿þ¾î °¨¿° ½Ã ¹®¼­ ÆÄÀÏ, DBÆÄÀϵîÀ» ¾ÏȣȭÇϸç, ¾ÏÈ£¸¦ Ǫ´Â ´ë°¡·Î ºñÆ® ÄÚÀÎÀ» ¿ä±¸ÇÕ´Ï´Ù.

 

WannaCry ·£¼¶¿þ¾î ´Â Microsoft º¸¾È ¾÷µ¥ÀÌÆ®¸¦ Àû¿ëÇÏÁö ¾ÊÀº ȯ°æÀÇ Windows Ãë¾àÁ¡À» ¾Ç¿ëÇÑ °ÍÀ¸·Î, 2017³â 3¿ù ¹ßÇ¥µÈ Microsoft º¸¾È ¾÷µ¥ÀÌÆ® [MS17-010 Microsoft Windows SMB ¼­¹ö¿ë º¸¾È ¾÷µ¥ÀÌÆ®(4013389)]¿¡¼­ ÀÌ¹Ì ÀÌ Ãë¾àÁ¡ÀÌ ÇØ°áµÇ¾ú½À´Ï´Ù. MS17-010 º¸¾È ¾÷µ¥ÀÌÆ® Àû¿ëÇÏ¿© °ø°ÝÀ» ¿¹¹æÇÒ ¼ö ÀÖÀ¸¸ç, ¶ÇÇÑ ÇØ´ç ¾÷µ¥ÀÌÆ®°¡ ÀÌ¹Ì Àû¿ëµÈ Windows ½Ã½ºÅÛÀº À̹ø °ø°Ý¿¡¼­ ¾ÈÀüÇÕ´Ï´Ù.

 

¾Æ·¡ÀÇ ´ëÀÀ ¹æ¹ýÀ» Àû¿ëÇÏ¿© À̹ø ·£¼¶¿þ¾î °¨¿°À¸·Î ÀÎÇÑ ÇÇÇØ°¡ ¾øÀ¸½Ã±â¸¦ ¹Ù¶ø´Ï´Ù.

 

 

[WannaCry ·£¼¶¿þ¾î ´ëÀÀ ¹æ¹ý]


* Á¶Ä¡ ¹æ¹ý

¨ç   »ç¿ëÇÏ°í ÀÖ´Â ¹é½Å ¼ÒÇÁÆ®¿þ¾î¸¦ ÃÖ½ÅÀ¸·Î ¾÷µ¥ÀÌÆ®ÇÏ°í ½Ã½ºÅÛÀ» °Ë»çÇÕ´Ï´Ù.

¸¸ÀÏ ¼³Ä¡µÈ ¹é½Å ¼ÒÇÁÆ®¿þ¾î°¡ ¾ø´Ù¸é Microsoft ¹é½Å ¼ÒÇÁÆ®¿þ¾î¸¦ ÀÌ¿ëÇϽʽÿÀ.
Windows Defender
¿Í Microsoft Anti-Malware Á¦Ç°ÀÇ ÃֽŠ¿£Áø ¹öÀü 1.243.290.0 ¿¡¼­ Ransom:Win32/WannaCrypt ·Î ÇØ´ç ¸È¿þ¾î°¡ Â÷´ÜµË´Ï´Ù.

-       >Windows 8.1 ¹× Windows 10 : Windows Defender ÀÌ¿ë

-       >Windows 7, Windows Vista: Microsoft Security Essentials ÀÌ¿ë

-       >Microsoft ¹«·á PCº¸¾È °Ë»ç : Microsoft Safety Scanner ÀÌ¿ë

 

¨è    Windows Update ¶Ç´Â WSUSµîÀ»  ÀÌ¿ëÇÏ¿© ½Ã½ºÅÛÀ» ÃÖ½ÅÀ¸·Î º¸¾È ¾÷µ¥ÀÌÆ® ÇÕ´Ï´Ù.
WU
À» »ç¿ëÇÒ ¼ö ¾ø´Â °æ¿ì, Microsoft º¸¾È ¾÷µ¥ÀÌÆ® MS17-010 ¸¦ ¼öµ¿ ¼³Ä¡ÇÕ´Ï´Ù. OSº° ¼³Ä¡ °æ·Î´Â ¾Æ·¡¿Í °°½À´Ï´Ù.


Microsoft
º¸¾È °øÁö MS17-010 – ±ä±Þ Microsoft Windows SMB ¼­¹ö¿ë º¸¾È ¾÷µ¥ÀÌÆ®(4013389)

https://technet.microsoft.com/ko-kr/library/security/ms17-010.aspx


¨é   º¸¾È ¾÷µ¥ÀÌÆ® MS17-010À» Àû¿ëÇÒ ¼ö ¾ø´Ù¸é, ¡®Microsoft SMBv1 »ç¿ë ¾ÈÇÔ¡¯À¸·Î ¼³Á¤ÇÕ´Ï´Ù.
WannaCry ·£¼¶¿þ¾î´Â Microsoft SMBv1 ¿ø°Ý ÄÚµå ½ÇÇà Ãë¾àÁ¡(CVE-2017-0145) À» ÀÌ¿ëÇÕ´Ï´Ù. ÆÐÄ¡¸¦ ¼³Ä¡ÇÏÁö ¸øÇÏ´Â °æ¿ì SMBv1 »ç¿ëÀ» ÇØÁ¦ÇÏ¿© ÀÌ Ãë¾àÁ¡ ¾Ç¿ëÀ» ÇÇÇÒ ¼ö ÀÖÀ¸³ª °¡´ÉÇÑ ºü¸¥ ½ÃÀϳ»¿¡ ÆÐÄ¡¸¦ Àû¿ëÇÒ °ÍÀ» ±ÇÀåÇÕ´Ï´Ù.


[SMBv1
»ç¿ë ¾È ÇÔ]

Windows Vista ÀÌ»óÀ» ½ÇÇàÇÏ´Â °í°´
Microsoft ±â¼ú ÀÚ·á ¹®¼­ 2696547
À» ÂüÁ¶ÇϽʽÿÀ.


Windows 8.1 ¶Ç´Â Windows Server 2012 R2 ÀÌ»óÀ» ½ÇÇàÇÏ´Â °í°´ÀÇ ´ë¾È ¹æ¹ý
Ŭ¶óÀ̾ðÆ® ¿î¿µ üÁ¦:

1..     >Á¦¾îÆÇÀ» ¿­°í ÇÁ·Î±×·¥À» Ŭ¸¯ÇÑ ÈÄ Windows ±â´É »ç¿ë/»ç¿ë ¾È ÇÔÀ» Ŭ¸¯ÇÕ´Ï´Ù.

2..     >Windows ±â´É â¿¡¼­ SMB1.0/CIFS ÆÄÀÏ °øÀ¯ Áö¿ø È®ÀζõÀÇ ¼±ÅÃÀ» ÇØÁ¦ÇÏ°í È®ÀÎÀ» Ŭ¸¯ÇØ Ã¢À» ´Ý½À´Ï´Ù.

3..     >½Ã½ºÅÛÀ» ´Ù½Ã ½ÃÀÛÇÕ´Ï´Ù


¼­¹ö ¿î¿µ üÁ¦:

4..     >¼­¹ö °ü¸®ÀÚ¸¦ ¿­°í °ü¸® ¸Þ´º¸¦ Ŭ¸¯ÇÑ ÈÄ ¿ªÇÒ ¹× ±â´É Á¦°Å¸¦ ¼±ÅÃÇÕ´Ï´Ù.

5..     >±â´É â¿¡¼­ SMB1.0/CIFS ÆÄÀÏ °øÀ¯ Áö¿ø È®ÀζõÀÇ ¼±ÅÃÀ» ÇØÁ¦ÇÏ°í È®ÀÎÀ» Ŭ¸¯ÇØ Ã¢À» ´Ý½À´Ï´Ù.

6..     >½Ã½ºÅÛÀ» ´Ù½Ã ½ÃÀÛÇÕ´Ï´Ù

ÇØ°á ¹æ¹ýÀÇ ¿µÇâ. ´ë»ó ½Ã½ºÅÛ¿¡¼­ SMBv1 ÇÁ·ÎÅäÄÝÀÌ »ç¿ëµÇÁö ¾Êµµ·Ï ¼³Á¤µË´Ï´Ù.
ÇØ°á ¹æ¹ýÀ» ½ÇÇà Ãë¼ÒÇÏ´Â ¹æ¹ý. ¹®Á¦ ÇØ°á ´Ü°è¸¦ ´Ù½Ã ¼öÇàÇϸ鼭 SMB1.0/CIFS ÆÄÀÏ °øÀ¯ Áö¿ø ±â´ÉÀ» È°¼º »óÅ·Πº¹¿øÇÕ´Ï´Ù.


¨ê    ³×Æ®¿öÅ© ¹æÈ­º® ¹× Windows ¹æÈ­º®À» ÀÌ¿ëÇÏ¿© SMB °ü·Ã Æ÷Æ® Â÷´Ü
- SMB
°ü·Ã Æ÷Æ® : 137(UDP), 138(UDP), 139(TCP), 445(TCP)
 
¡Ø SMB ¼­ºñ½º Æ÷Æ® Â÷´Ü ½Ã °øÀ¯ ¹× ±âŸ °ü·Ã ¼­ºñ½º°¡ ÁßÁöµÉ ¼ö ÀÖÀ¸´Ï Àû¿ë Àü ¹Ýµå½Ã ¿µÇâÀÌ ¾ø´ÂÁö Á¡°ËÇϽŠÈÄ Àû¿ëÇϽñ⠹ٶø´Ï´Ù.


- °ü·Ã ¹®¼­ : KB 3185535 - ƯÁ¤ ¹æÈ­º® Æ÷Æ®¸¦ Â÷´ÜÇÏ¿© SMB Æ®·¡ÇÈÀÌ È¸»ç ȯ°æÀ» ºüÁ®³ª°¡Áö ¸øÇϵµ·Ï Çϱâ À§ÇÑ Áöħ


WannaCry ·£¼¶¿þ¾î °¨¿°Áõ»ó
..WNCRY
ÆÄÀÏÀÌ Ãß°¡µÇ¸ç, ´ÙÀ½°ú °°Àº ÆÄÀÏÀÌ Ç¥½ÃµË´Ï´Ù.
r.wnry , s.wnry, t.wnry , taskdl.exe , taskse.exe , 00000000.eky , 00000000.res , 00000000.pky , @WanaDecryptor@.exe , @Please_Read_Me@.txtm.vbs , @WanaDecryptor@.exe.lnk


Ãß°¡ Á¤º¸

Microsoft Security Response Center Blog,  Customer Guidance for WannaCrypt attacks : https://blogs.technet.microsoft.com/msrc/2017/05/12/customer-guidance-for-wannacrypt-attacks/

Microsoft Malware Protection Center Blog, WannaCrypt ransomware worm targets out-of-date systems: https://blogs.technet.microsoft.com/mmpc/2017/05/12/wannacrypt-ransomware-worm-targets-out-of-date-systems/ 

Microsoft º¸¾È °øÁö MS17-010 – ±ä±Þ Microsoft Windows SMB ¼­¹ö¿ë º¸¾È ¾÷µ¥ÀÌÆ®(4013389) : https://technet.microsoft.com/ko-kr/library/security/ms17-010.aspx 

CVE-2017-0145 | Windows SMB ¿ø°Ý ÄÚµå ½ÇÇà Ãë¾à¼º : https://portal.msrc.microsoft.com/ko-kr/security-guidance/advisory/CVE-2017-0145


¹®ÀÇ »çÇ×

ÀÌ¿Í °ü·ÃÇÏ¿© ¹®ÀÇ »çÇ×ÀÌ ÀÖÀ¸½Å °æ¿ì ¾Æ·¡·Î ¿¬¶ô ÁֽʽÿÀ.

Microsoft °í°´ Áö¿ø ¼¾ÅÍ : 1577-9700 


 
   
 

»óÈ£: ³ª´®½Ã½ºÅÛ | ´ëÇ¥: ±è±¤µ¿ | »ç¾÷ÀÚµî·Ï¹øÈ£: 775-08-00702 | ´ëÇ¥¹øÈ£: 1544-2373 | Æѽº: 031-811-4047
ÁÖ¼Ò: °æ±âµµ °í¾ç½Ã ´ö¾ç±¸ ÃæÀå·Î 118-30 | Åë½ÅÆǸž÷ ½Å°í¹øÈ£: ¼­¿ï°­³² 0341 | À̸ÞÀÏ : web@passway.co.kr