{"id":21689,"date":"2025-02-03T16:40:58","date_gmt":"2025-02-03T19:40:58","guid":{"rendered":"https:\/\/www.ethicalhacker.com.br\/site\/?p=21689"},"modified":"2025-02-17T12:09:51","modified_gmt":"2025-02-17T15:09:51","slug":"ransomware-hellcat","status":"publish","type":"post","link":"https:\/\/www.ethicalhacker.com.br\/site\/2025\/02\/exploits\/ransomware-hellcat\/","title":{"rendered":"Ransomware HellCat"},"content":{"rendered":"\n<p><strong>Ransomware HellCat: T\u00e1ticas inovadoras de humilha\u00e7\u00e3o\u00a0<\/strong><\/p>\n<p style=\"text-align: justify;\">A ciberseguran\u00e7a est\u00e1 em constante evolu\u00e7\u00e3o, e os cibercriminosos est\u00e3o sempre buscando novas maneiras de explorar vulnerabilidades e pressionar suas v\u00edtimas. Um exemplo recente e alarmante \u00e9 o caso da gangue de ransomware HellCat, que tem adotado t\u00e1ticas inovadoras de humilha\u00e7\u00e3o para for\u00e7ar o pagamento de resgates. Em um ataque recente, a HellCat exigiu um resgate de US$ 125.000 em &#8220;baguetes&#8221; da Schneider Electric ap\u00f3s roubar 40 GB de dados.\u00a0<\/p>\n<p style=\"text-align: justify;\">No contexto do ataque de ransomware da gangue HellCat \u00e0 Schneider Electric, o termo\u00a0<strong>&#8220;baguetes&#8221;<\/strong>\u00a0foi utilizado de forma ir\u00f4nica e humilhante pelos cibercriminosos. Em vez de exigir o resgate em criptomoedas (como Bitcoin, que \u00e9 o padr\u00e3o na maioria dos ataques de ransomware), a gangue exigiu o pagamento em &#8220;baguetes&#8221;, um tipo de p\u00e3o franc\u00eas alongado e tradicional da culin\u00e1ria francesa.<\/p>\n<p>Essa exig\u00eancia absurda e inusitada tem dois prop\u00f3sitos principais:<\/p>\n<ul>\n<li>\n<p style=\"text-align: justify;\"><strong>Ridiculariza\u00e7\u00e3o p\u00fablica<\/strong>: Ao exigir um resgate em &#8220;baguetes&#8221;, a gangue busca ridicularizar a v\u00edtima publicamente, aumentando o constrangimento e a press\u00e3o psicol\u00f3gica. Essa t\u00e1tica visa for\u00e7ar a empresa a pagar o resgate para evitar o esc\u00e1rnio e o dano \u00e0 sua reputa\u00e7\u00e3o.<\/p>\n<\/li>\n<li>\n<p style=\"text-align: justify;\"><strong>Cobertura mid\u00ed\u00e1tica<\/strong>: A\u00e7\u00f5es incomuns e chamativas, como exigir um resgate em p\u00e3es, t\u00eam maior probabilidade de atrair a aten\u00e7\u00e3o da m\u00eddia. Isso amplifica o impacto do ataque e aumenta a notoriedade da gangue, o que pode ser parte de uma estrat\u00e9gia para intimidar futuras v\u00edtimas.<\/p>\n<\/li>\n<\/ul>\n<p style=\"text-align: justify;\">No caso espec\u00edfico da Schneider Electric, a exig\u00eancia de &#8220;baguetes&#8221; foi claramente simb\u00f3lica, j\u00e1 que o pagamento real do resgate provavelmente seria feito em criptomoedas ou outra forma de valor monet\u00e1rio. A escolha do termo &#8220;baguetes&#8221; pode estar relacionada ao fato de a Schneider Electric ser uma empresa francesa, o que refor\u00e7a o aspecto de humilha\u00e7\u00e3o direcionada \u00e0 identidade nacional da v\u00edtima.<\/p>\n<p style=\"text-align: justify;\">Essa t\u00e1tica inovadora e provocativa ilustra como os grupos de ransomware est\u00e3o evoluindo para al\u00e9m da extors\u00e3o financeira tradicional, incorporando elementos de humilha\u00e7\u00e3o e manipula\u00e7\u00e3o psicol\u00f3gica em seus ataques.<\/p>\n<p style=\"text-align: justify;\">Neste artigo, exploraremos as t\u00e1ticas utilizadas pela HellCat, os riscos associados e como voc\u00ea pode mitigar esses riscos utilizando scripts em Python para fortalecer a seguran\u00e7a da sua organiza\u00e7\u00e3o.<\/p>\n<p>\u00a0<\/p>\n<p><strong>O Modus operandi da HellCat<\/strong><\/p>\n<p style=\"text-align: justify;\">A HellCat tem se destacado por sua abordagem agressiva e inovadora no cen\u00e1rio do cibercrime. Aqui est\u00e3o algumas das principais caracter\u00edsticas de seus ataques:<\/p>\n<ul>\n<li>\n<p style=\"text-align: justify;\"><strong>Dupla extors\u00e3o<\/strong>: A gangue exfiltra dados sens\u00edveis antes de criptografar os sistemas das v\u00edtimas. Isso permite que eles ameacem vazar informa\u00e7\u00f5es confidenciais caso o resgate n\u00e3o seja pago.<\/p>\n<\/li>\n<li>\n<p style=\"text-align: justify;\"><strong>Explora\u00e7\u00e3o de vulnerabilidades<\/strong>: A HellCat tem explorado falhas em softwares empresariais populares, como o Jira, para obter acesso inicial aos sistemas.<\/p>\n<\/li>\n<li>\n<p style=\"text-align: justify;\"><strong>Humilha\u00e7\u00e3o p\u00fablica<\/strong>: Al\u00e9m de exigir resgates em criptomoedas, a gangue tem adotado t\u00e1ticas de humilha\u00e7\u00e3o, como exigir pagamentos em itens absurdos (como &#8220;baguetes&#8221;) para ridicularizar as v\u00edtimas.<\/p>\n<\/li>\n<li>\n<p style=\"text-align: justify;\"><strong>Venda de acesso root<\/strong>: A HellCat tem oferecido acesso root a servidores comprometidos em f\u00f3runs da dark web, aumentando o risco para empresas e institui\u00e7\u00f5es.<\/p>\n<\/li>\n<li>\n<p style=\"text-align: justify;\"><strong>Infraestrutura compartilhada<\/strong>: Relat\u00f3rios indicam que a HellCat pode estar compartilhando infraestrutura com outras gangues, como a Morpheus, o que sugere uma rede de cibercrime bem organizada.<\/p>\n<\/li>\n<\/ul>\n<p>\u00a0<\/p>\n<p><strong>Medidas de mitiga\u00e7\u00e3o com Python<\/strong><\/p>\n<p style=\"text-align: justify;\">Para combater amea\u00e7as como a HellCat, \u00e9 essencial adotar uma abordagem proativa de seguran\u00e7a. Abaixo, apresentamos exemplos de scripts em Python que podem ajudar a mitigar os riscos associados a ransomware.<\/p>\n<p>\u00a0<\/p>\n<p><strong>1.<\/strong>\u00a0<strong>Monitoramento de atividades suspeitas<\/strong><\/p>\n<p style=\"text-align: justify;\">Um dos primeiros passos para detectar um ataque de ransomware \u00e9 monitorar atividades suspeitas, como acessos n\u00e3o autorizados ou tentativas de exfiltra\u00e7\u00e3o de dados. O script abaixo monitora altera\u00e7\u00f5es em arquivos sens\u00edveis e envia alertas caso algo incomum seja detectado.<\/p>\n<p>\u00a0<\/p>\n<div class=\"md-code-block\">\n<pre><strong><span class=\"token keyword\">import<\/span> os\n<span class=\"token keyword\">import<\/span> hashlib\n<span class=\"token keyword\">import<\/span> time\n\n<span class=\"token comment\"># Lista de arquivos sens\u00edveis para monitorar<\/span>\nsensitive_files <span class=\"token operator\">=<\/span> <span class=\"token punctuation\">[<\/span><span class=\"token string\">\"\/var\/www\/html\/data.csv\"<\/span><span class=\"token punctuation\">,<\/span> <span class=\"token string\">\"\/etc\/passwd\"<\/span><span class=\"token punctuation\">,<\/span> <span class=\"token string\">\"\/home\/user\/secret.txt\"<\/span><span class=\"token punctuation\">]<\/span>\n\n<span class=\"token comment\"># Fun\u00e7\u00e3o para calcular o hash de um arquivo<\/span>\n<span class=\"token keyword\">def<\/span> <span class=\"token function\">calculate_hash<\/span><span class=\"token punctuation\">(<\/span>file_path<span class=\"token punctuation\">)<\/span><span class=\"token punctuation\">:<\/span>\n    hasher <span class=\"token operator\">=<\/span> hashlib<span class=\"token punctuation\">.<\/span>md5<span class=\"token punctuation\">(<\/span><span class=\"token punctuation\">)<\/span>\n    <span class=\"token keyword\">with<\/span> <span class=\"token builtin\">open<\/span><span class=\"token punctuation\">(<\/span>file_path<span class=\"token punctuation\">,<\/span> <span class=\"token string\">\"rb\"<\/span><span class=\"token punctuation\">)<\/span> <span class=\"token keyword\">as<\/span> f<span class=\"token punctuation\">:<\/span>\n        buf <span class=\"token operator\">=<\/span> f<span class=\"token punctuation\">.<\/span>read<span class=\"token punctuation\">(<\/span><span class=\"token punctuation\">)<\/span>\n        hasher<span class=\"token punctuation\">.<\/span>update<span class=\"token punctuation\">(<\/span>buf<span class=\"token punctuation\">)<\/span>\n    <span class=\"token keyword\">return<\/span> hasher<span class=\"token punctuation\">.<\/span>hexdigest<span class=\"token punctuation\">(<\/span><span class=\"token punctuation\">)<\/span>\n\n<span class=\"token comment\"># Dicion\u00e1rio para armazenar os hashes originais<\/span>\noriginal_hashes <span class=\"token operator\">=<\/span> <span class=\"token punctuation\">{<\/span><span class=\"token builtin\">file<\/span><span class=\"token punctuation\">:<\/span> calculate_hash<span class=\"token punctuation\">(<\/span><span class=\"token builtin\">file<\/span><span class=\"token punctuation\">)<\/span> <span class=\"token keyword\">for<\/span> <span class=\"token builtin\">file<\/span> <span class=\"token keyword\">in<\/span> sensitive_files<span class=\"token punctuation\">}<\/span>\n\n<span class=\"token comment\"># Monitoramento cont\u00ednuo<\/span>\n<span class=\"token keyword\">while<\/span> <span class=\"token boolean\">True<\/span><span class=\"token punctuation\">:<\/span>\n    time<span class=\"token punctuation\">.<\/span>sleep<span class=\"token punctuation\">(<\/span><span class=\"token number\">60<\/span><span class=\"token punctuation\">)<\/span>  <span class=\"token comment\"># Verifica a cada minuto<\/span>\n    <span class=\"token keyword\">for<\/span> <span class=\"token builtin\">file<\/span> <span class=\"token keyword\">in<\/span> sensitive_files<span class=\"token punctuation\">:<\/span>\n        current_hash <span class=\"token operator\">=<\/span> calculate_hash<span class=\"token punctuation\">(<\/span><span class=\"token builtin\">file<\/span><span class=\"token punctuation\">)<\/span>\n        <span class=\"token keyword\">if<\/span> current_hash <span class=\"token operator\">!=<\/span> original_hashes<span class=\"token punctuation\">[<\/span><span class=\"token builtin\">file<\/span><span class=\"token punctuation\">]<\/span><span class=\"token punctuation\">:<\/span>\n            <span class=\"token keyword\">print<\/span><span class=\"token punctuation\">(<\/span><span class=\"token string-interpolation\"><span class=\"token string\">f\"ALERTA: O arquivo <\/span><span class=\"token interpolation\"><span class=\"token punctuation\">{<\/span><span class=\"token builtin\">file<\/span><span class=\"token punctuation\">}<\/span><\/span><span class=\"token string\"> foi alterado!\"<\/span><\/span><span class=\"token punctuation\">)<\/span>\n            <span class=\"token comment\"># Enviar alerta por e-mail ou outra forma de notifica\u00e7\u00e3o<\/span>\n    time<span class=\"token punctuation\">.<\/span>sleep<span class=\"token punctuation\">(<\/span><span class=\"token number\">60<\/span><span class=\"token punctuation\">)<br \/><br \/><br \/><\/span><\/strong><\/pre>\n<p><strong>2.<\/strong>\u00a0<strong>Detec\u00e7\u00e3o de tentativas de exfiltra\u00e7\u00e3o de Dados<\/strong><\/p>\n<p style=\"text-align: justify;\">A exfiltra\u00e7\u00e3o de dados \u00e9 uma t\u00e1tica comum em ataques de ransomware. O script abaixo monitora o tr\u00e1fego de rede em busca de grandes volumes de dados sendo enviados para endere\u00e7os IP externos.<\/p>\n<\/div>\n<p>\u00a0<\/p>\n<pre><strong><span class=\"token keyword\">import<\/span> psutil\n<span class=\"token keyword\">import<\/span> socket\n\n<span class=\"token comment\"># Limite de tr\u00e1fego de sa\u00edda (em MB)<\/span>\nTRAFFIC_THRESHOLD <span class=\"token operator\">=<\/span> <span class=\"token number\">100<\/span>  <span class=\"token comment\"># 100 MB<\/span>\n\n<span class=\"token comment\"># Fun\u00e7\u00e3o para monitorar o tr\u00e1fego de rede<\/span>\n<span class=\"token keyword\">def<\/span> <span class=\"token function\">monitor_traffic<\/span><span class=\"token punctuation\">(<\/span><span class=\"token punctuation\">)<\/span><span class=\"token punctuation\">:<\/span>\n    connections <span class=\"token operator\">=<\/span> psutil<span class=\"token punctuation\">.<\/span>net_connections<span class=\"token punctuation\">(<\/span>kind<span class=\"token operator\">=<\/span><span class=\"token string\">'inet'<\/span><span class=\"token punctuation\">)<\/span>\n    <span class=\"token keyword\">for<\/span> conn <span class=\"token keyword\">in<\/span> connections<span class=\"token punctuation\">:<\/span>\n        <span class=\"token keyword\">if<\/span> conn<span class=\"token punctuation\">.<\/span>status <span class=\"token operator\">==<\/span> <span class=\"token string\">'ESTABLISHED'<\/span> <span class=\"token keyword\">and<\/span> conn<span class=\"token punctuation\">.<\/span>raddr<span class=\"token punctuation\">:<\/span>\n            ip<span class=\"token punctuation\">,<\/span> port <span class=\"token operator\">=<\/span> conn<span class=\"token punctuation\">.<\/span>raddr\n            <span class=\"token keyword\">if<\/span> ip <span class=\"token operator\">!=<\/span> <span class=\"token string\">\"127.0.0.1\"<\/span><span class=\"token punctuation\">:<\/span>  <span class=\"token comment\"># Ignorar tr\u00e1fego local<\/span>\n                sent_bytes <span class=\"token operator\">=<\/span> psutil<span class=\"token punctuation\">.<\/span>net_io_counters<span class=\"token punctuation\">(<\/span><span class=\"token punctuation\">)<\/span><span class=\"token punctuation\">.<\/span>bytes_sent\n                <span class=\"token keyword\">if<\/span> sent_bytes <span class=\"token operator\">&gt;<\/span> TRAFFIC_THRESHOLD <span class=\"token operator\">*<\/span> <span class=\"token number\">1024<\/span> <span class=\"token operator\">*<\/span> <span class=\"token number\">1024<\/span><span class=\"token punctuation\">:<\/span>  <\/strong><br \/><strong><span class=\"token comment\"># Converter MB para bytes<\/span>\n                    <span class=\"token keyword\">print<\/span><span class=\"token punctuation\">(<\/span><span class=\"token string-interpolation\"><span class=\"token string\">f\"ALERTA: Grande volume de dados enviado para <\/span><span class=\"token interpolation\"><span class=\"token punctuation\">{<\/span>ip<span class=\"token punctuation\">}<\/span><\/span><span class=\"token string\">:<\/span><span class=\"token interpolation\"><span class=\"token punctuation\">{<\/span>port<span class=\"token punctuation\">}<\/span><\/span><span class=\"token string\">\"<\/span><\/span><span class=\"token punctuation\">)<\/span>\n                    <span class=\"token comment\"># Bloquear o IP ou tomar outras medidas de mitiga\u00e7\u00e3o<\/span>\n\n<span class=\"token comment\"># Monitoramento cont\u00ednuo<\/span>\n<span class=\"token keyword\">while<\/span> <span class=\"token boolean\">True<\/span><span class=\"token punctuation\">:<\/span>\n    monitor_traffic<span class=\"token punctuation\">(<\/span><span class=\"token punctuation\">)<\/span>\n    time<span class=\"token punctuation\">.<\/span>sleep<span class=\"token punctuation\">(<\/span><span class=\"token number\">60<\/span><span class=\"token punctuation\">)<\/span>  <span class=\"token comment\"># Verifica a cada minuto<\/span><\/strong><\/pre>\n<p><strong><span class=\"token comment\"><br \/><br \/><\/span><\/strong><\/p>\n<p>\u00a0<\/p>\n<p><strong>3.<\/strong>\u00a0<strong>Backup automatizado de dados<\/strong><\/p>\n<p style=\"text-align: justify;\">Manter backups regulares \u00e9 uma das melhores defesas contra ransomware. O script abaixo automatiza o processo de backup de diret\u00f3rios cr\u00edticos.<\/p>\n<pre><strong><span class=\"token comment\">\u00a0<\/span><\/strong><\/pre>\n<pre><strong><span class=\"token keyword\">import<\/span> shutil\n<span class=\"token keyword\">import<\/span> datetime\n<span class=\"token keyword\">import<\/span> os\n\n<span class=\"token comment\"># Diret\u00f3rios para backup<\/span>\ndirectories_to_backup <span class=\"token operator\">=<\/span> <span class=\"token punctuation\">[<\/span><span class=\"token string\">\"\/var\/www\/html\"<\/span><span class=\"token punctuation\">,<\/span> <span class=\"token string\">\"\/home\/user\/documents\"<\/span><span class=\"token punctuation\">]<\/span>\n\n<span class=\"token comment\"># Local de armazenamento do backup<\/span>\nbackup_dir <span class=\"token operator\">=<\/span> <span class=\"token string\">\"\/backup\"<\/span>\n\n<span class=\"token comment\"># Fun\u00e7\u00e3o para criar backup<\/span>\n<span class=\"token keyword\">def<\/span> <span class=\"token function\">create_backup<\/span><span class=\"token punctuation\">(<\/span><span class=\"token punctuation\">)<\/span><span class=\"token punctuation\">:<\/span>\n    timestamp <span class=\"token operator\">=<\/span> datetime<span class=\"token punctuation\">.<\/span>datetime<span class=\"token punctuation\">.<\/span>now<span class=\"token punctuation\">(<\/span><span class=\"token punctuation\">)<\/span><span class=\"token punctuation\">.<\/span>strftime<span class=\"token punctuation\">(<\/span><span class=\"token string\">\"%Y%m%d%H%M%S\"<\/span><span class=\"token punctuation\">)<\/span>\n    backup_path <span class=\"token operator\">=<\/span> os<span class=\"token punctuation\">.<\/span>path<span class=\"token punctuation\">.<\/span>join<span class=\"token punctuation\">(<\/span>backup_dir<span class=\"token punctuation\">,<\/span> <span class=\"token string-interpolation\"><span class=\"token string\">f\"backup_<\/span><span class=\"token interpolation\"><span class=\"token punctuation\">{<\/span>timestamp<span class=\"token punctuation\">}<\/span><\/span><span class=\"token string\">\"<\/span><\/span><span class=\"token punctuation\">)<\/span>\n    os<span class=\"token punctuation\">.<\/span>makedirs<span class=\"token punctuation\">(<\/span>backup_path<span class=\"token punctuation\">)<\/span>\n    <span class=\"token keyword\">for<\/span> directory <span class=\"token keyword\">in<\/span> directories_to_backup<span class=\"token punctuation\">:<\/span>\n        shutil<span class=\"token punctuation\">.<\/span>copytree<span class=\"token punctuation\">(<\/span>directory<span class=\"token punctuation\">,<\/span> os<span class=\"token punctuation\">.<\/span>path<span class=\"token punctuation\">.<\/span>join<span class=\"token punctuation\">(<\/span>backup_path<span class=\"token punctuation\">,<\/span> os<span class=\"token punctuation\">.<\/span>path<span class=\"token punctuation\">.<\/span>basename<span class=\"token punctuation\">(<\/span>directory<span class=\"token punctuation\">)<\/span><span class=\"token punctuation\">)<\/span><span class=\"token punctuation\">)<\/span>\n    <span class=\"token keyword\">print<\/span><span class=\"token punctuation\">(<\/span><span class=\"token string-interpolation\"><span class=\"token string\">f\"Backup criado em <\/span><span class=\"token interpolation\"><span class=\"token punctuation\">{<\/span>backup_path<span class=\"token punctuation\">}<\/span><\/span><span class=\"token string\">\"<\/span><\/span><span class=\"token punctuation\">)<\/span>\n\n<span class=\"token comment\"># Executar backup diariamente<\/span>\n<span class=\"token keyword\">while<\/span> <span class=\"token boolean\">True<\/span><span class=\"token punctuation\">:<\/span>\n    create_backup<span class=\"token punctuation\">(<\/span><span class=\"token punctuation\">)<\/span>\n    time<span class=\"token punctuation\">.<\/span>sleep<span class=\"token punctuation\">(<\/span><span class=\"token number\">86400<\/span><span class=\"token punctuation\">)<\/span>  <span class=\"token comment\"># Esperar 24 horas<br \/><br \/><br \/><\/span><\/strong><\/pre>\n<div class=\"md-code-block\">\u00a0<\/div>\n<p>\u00a0<\/p>\n<p><strong>4.<\/strong>\u00a0<strong>Detec\u00e7\u00e3o de Vulnerabilidades em Softwares<\/strong><\/p>\n<p style=\"text-align: justify;\">A HellCat explora vulnerabilidades em softwares como o Jira. O script abaixo verifica se h\u00e1 atualiza\u00e7\u00f5es dispon\u00edveis para pacotes instalados, ajudando a garantir que os sistemas estejam sempre atualizados.<\/p>\n<p>\u00a0<\/p>\n<pre><strong><span class=\"token keyword\">import<\/span> os\n<span class=\"token keyword\">import<\/span> subprocess\n\n<span class=\"token comment\"># Fun\u00e7\u00e3o para verificar atualiza\u00e7\u00f5es<\/span>\n<span class=\"token keyword\">def<\/span> <span class=\"token function\">check_for_updates<\/span><span class=\"token punctuation\">(<\/span><span class=\"token punctuation\">)<\/span><span class=\"token punctuation\">:<\/span>\n    <span class=\"token keyword\">try<\/span><span class=\"token punctuation\">:<\/span>\n        subprocess<span class=\"token punctuation\">.<\/span>run<span class=\"token punctuation\">(<\/span><span class=\"token punctuation\">[<\/span><span class=\"token string\">\"apt-get\"<\/span><span class=\"token punctuation\">,<\/span> <span class=\"token string\">\"update\"<\/span><span class=\"token punctuation\">]<\/span><span class=\"token punctuation\">,<\/span> check<span class=\"token operator\">=<\/span><span class=\"token boolean\">True<\/span><span class=\"token punctuation\">)<\/span>\n        outdated_packages <span class=\"token operator\">=<\/span> subprocess<span class=\"token punctuation\">.<\/span>run<span class=\"token punctuation\">(<\/span><span class=\"token punctuation\">[<\/span><span class=\"token string\">\"apt-get\"<\/span><span class=\"token punctuation\">,<\/span> <span class=\"token string\">\"upgrade\"<\/span><span class=\"token punctuation\">,<\/span> <span class=\"token string\">\"-s\"<\/span><span class=\"token punctuation\">]<\/span><span class=\"token punctuation\">,<\/span> <\/strong><br \/><strong>capture_output<span class=\"token operator\">=<\/span><span class=\"token boolean\">True<\/span><span class=\"token punctuation\">,<\/span> text<span class=\"token operator\">=<\/span><span class=\"token boolean\">True<\/span><span class=\"token punctuation\">)<\/span>\n        <span class=\"token keyword\">if<\/span> <span class=\"token string\">\"upgraded\"<\/span> <span class=\"token keyword\">in<\/span> outdated_packages<span class=\"token punctuation\">.<\/span>stdout<span class=\"token punctuation\">:<\/span>\n            <span class=\"token keyword\">print<\/span><span class=\"token punctuation\">(<\/span><span class=\"token string\">\"Atualiza\u00e7\u00f5es dispon\u00edveis:\"<\/span><span class=\"token punctuation\">)<\/span>\n            <span class=\"token keyword\">print<\/span><span class=\"token punctuation\">(<\/span>outdated_packages<span class=\"token punctuation\">.<\/span>stdout<span class=\"token punctuation\">)<\/span>\n        <span class=\"token keyword\">else<\/span><span class=\"token punctuation\">:<\/span>\n            <span class=\"token keyword\">print<\/span><span class=\"token punctuation\">(<\/span><span class=\"token string\">\"Todos os pacotes est\u00e3o atualizados.\"<\/span><span class=\"token punctuation\">)<\/span>\n    <span class=\"token keyword\">except<\/span> subprocess<span class=\"token punctuation\">.<\/span>CalledProcessError <span class=\"token keyword\">as<\/span> e<span class=\"token punctuation\">:<\/span>\n        <span class=\"token keyword\">print<\/span><span class=\"token punctuation\">(<\/span><span class=\"token string-interpolation\"><span class=\"token string\">f\"Erro ao verificar atualiza\u00e7\u00f5es: <\/span><span class=\"token interpolation\"><span class=\"token punctuation\">{<\/span>e<span class=\"token punctuation\">}<\/span><\/span><span class=\"token string\">\"<\/span><\/span><span class=\"token punctuation\">)<\/span>\n\n<span class=\"token comment\"># Verificar atualiza\u00e7\u00f5es diariamente<\/span>\n<span class=\"token keyword\">while<\/span> <span class=\"token boolean\">True<\/span><span class=\"token punctuation\">:<\/span>\n    check_for_updates<span class=\"token punctuation\">(<\/span><span class=\"token punctuation\">)<\/span>\n    time<span class=\"token punctuation\">.<\/span>sleep<span class=\"token punctuation\">(<\/span><span class=\"token number\">86400<\/span><span class=\"token punctuation\">)<\/span>  <\/strong><span class=\"token comment\"><strong># Esperar 24 horas<\/strong><br \/><br \/><br \/><\/span><\/pre>\n<div class=\"md-code-block\">\n<p>\u00a0<\/p>\n<p>\u00a0<\/p>\n<p><strong>Conclus\u00e3o<\/strong><\/p>\n<p style=\"text-align: justify;\">A gangue de ransomware HellCat representa uma nova fase no cibercrime, com t\u00e1ticas que combinam extors\u00e3o financeira e humilha\u00e7\u00e3o p\u00fablica. Para se proteger contra essas amea\u00e7as, \u00e9 essencial adotar uma abordagem proativa de seguran\u00e7a, incluindo monitoramento de atividades suspeitas, detec\u00e7\u00e3o de exfiltra\u00e7\u00e3o de dados, backups regulares e atualiza\u00e7\u00f5es de software.<\/p>\n<p style=\"text-align: justify;\">Os scripts em Python apresentados neste artigo s\u00e3o exemplos pr\u00e1ticos de como voc\u00ea pode fortalecer a seguran\u00e7a da sua organiza\u00e7\u00e3o. No entanto, \u00e9 importante lembrar que a ciberseguran\u00e7a \u00e9 um processo cont\u00ednuo, e medidas adicionais, como treinamento de funcion\u00e1rios e a implementa\u00e7\u00e3o de firewalls avan\u00e7ados, tamb\u00e9m s\u00e3o fundamentais.<\/p>\n<p style=\"text-align: justify;\">Mantenha-se vigilante e atualizado, pois o cen\u00e1rio de amea\u00e7as est\u00e1 sempre evoluindo. A preven\u00e7\u00e3o \u00e9 a melhor defesa contra o ransomware e outras amea\u00e7as cibern\u00e9ticas.<\/p>\n<\/div>\n<p>\u00a0<\/p>\n<p>Fonte e imagens: <a href=\"https:\/\/www.cisoadvisor.com.br\/ransomware-exige-resgate-de-us-125-mil-em-baguetes\/\" target=\"_blank\" rel=\"noopener\">https:\/\/www.cisoadvisor.com.br\/ransomware-exige-resgate-de-us-125-mil-em-baguetes\/<\/a><\/p>\n<div class=\"md-code-block\">\n<pre><strong><span class=\"token comment\">\u00a0<\/span><\/strong><\/pre>\n<pre><strong><span class=\"token punctuation\">\u00a0<\/span><\/strong><\/pre>\n<\/div>\n\n\n","protected":false},"excerpt":{"rendered":"<p>Ransomware HellCat: T\u00e1ticas inovadoras de humilha\u00e7\u00e3o\u00a0 A ciberseguran\u00e7a est\u00e1 em constante evolu\u00e7\u00e3o, e os cibercriminosos est\u00e3o sempre buscando novas maneiras de explorar vulnerabilidades e pressionar suas v\u00edtimas. Um exemplo recente e alarmante \u00e9 o caso da gangue de ransomware HellCat, que tem adotado t\u00e1ticas inovadoras de humilha\u00e7\u00e3o para for\u00e7ar o pagamento de resgates. Em um [&hellip;]<\/p>\n","protected":false},"author":2,"featured_media":21690,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[89,100,21,105],"tags":[],"class_list":["post-21689","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-basico","category-diversos","category-exploits","category-noticias"],"_links":{"self":[{"href":"https:\/\/www.ethicalhacker.com.br\/site\/wp-json\/wp\/v2\/posts\/21689","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.ethicalhacker.com.br\/site\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.ethicalhacker.com.br\/site\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.ethicalhacker.com.br\/site\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.ethicalhacker.com.br\/site\/wp-json\/wp\/v2\/comments?post=21689"}],"version-history":[{"count":49,"href":"https:\/\/www.ethicalhacker.com.br\/site\/wp-json\/wp\/v2\/posts\/21689\/revisions"}],"predecessor-version":[{"id":21740,"href":"https:\/\/www.ethicalhacker.com.br\/site\/wp-json\/wp\/v2\/posts\/21689\/revisions\/21740"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.ethicalhacker.com.br\/site\/wp-json\/wp\/v2\/media\/21690"}],"wp:attachment":[{"href":"https:\/\/www.ethicalhacker.com.br\/site\/wp-json\/wp\/v2\/media?parent=21689"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.ethicalhacker.com.br\/site\/wp-json\/wp\/v2\/categories?post=21689"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.ethicalhacker.com.br\/site\/wp-json\/wp\/v2\/tags?post=21689"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}