{"id":2049,"date":"2021-02-05T16:15:12","date_gmt":"2021-02-05T20:15:12","guid":{"rendered":"https:\/\/www.uqac.ca\/cybersecurite\/?p=2049"},"modified":"2021-02-05T16:21:36","modified_gmt":"2021-02-05T20:21:36","slug":"la-cybercriminalite-un-savoir-faire-qui-se-developpe","status":"publish","type":"post","link":"https:\/\/www.uqac.ca\/cybersecurite\/la-cybercriminalite-un-savoir-faire-qui-se-developpe\/","title":{"rendered":"La cybercriminalit\u00e9, un savoir-faire qui se d\u00e9veloppe"},"content":{"rendered":"\n<div class=\"wp-block-image\"><figure class=\"alignleft is-resized\"><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/www.uqac.ca\/cybersecurite\/wp-content\/uploads\/2020\/01\/ransomware-2315203__340.jpg\" alt=\"\" class=\"wp-image-1380\" width=\"314\" height=\"180\"\/><\/figure><\/div>\n\n\n\n<p>De programme malveillant \u00e0 plateforme pour les cybercriminels RAAS (ransomware-as-a-service),&nbsp; le programme malveillant Emotet pour ne pas le nommer, est devenu, avec son \u00e9volution, une plateforme de service pour les cybercriminels afin de d\u00e9ployer d\u2019autres programmes malveillants. &nbsp;M\u00eame s\u2019il est \u00e9branl\u00e9 aujourd\u2019hui, il est &nbsp;&nbsp;l\u2019instigateur du d\u00e9veloppement d\u2019un savoir-faire, qui peut \u00eatre lucratif et qui n&rsquo;a pas fini d&rsquo;\u00eatre exploit\u00e9 dans de futures attaques.<br>Son \u00e9volution de cheval de Troie en 2014, \u00e0 porte d\u2019entr\u00e9e pour les autres groupes criminels en 2017, a d\u00e9j\u00e0 fait et continue de faire des dommages.<\/p>\n\n\n\n<p style=\"background-color:#5a7410\" class=\"has-text-color has-background has-medium-font-size has-very-light-gray-color\">Son vecteur d\u2019infection principal est le courriel <\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>Dans une pi\u00e8ce jointe<\/li><li>Dans un lien de t\u00e9l\u00e9chargement<\/li><li>Dans l\u2019activation des macros d\u2019un fichier<\/li><\/ul>\n\n\n\n<p>D\u2019autres vecteurs d\u2019infection peuvent \u00eatre des sites web compromis ou des messages texte.<\/p>\n\n\n\n<p style=\"background-color:#5a7410\" class=\"has-text-color has-background has-medium-font-size has-very-light-gray-color\">Ce qu\u2019il peut faire&nbsp;:<\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>Chiffrer les\ndonn\u00e9es (rendre illisibles)<\/li><li>Compromettre\nla boite de courriels (contenu et contacts)<\/li><li>Voler les\ndonn\u00e9es<\/li><li>R\u00e9cup\u00e9rer les\nmots de passe (netpass.exe)<\/li><li>T\u00e9l\u00e9charger d\u2019autres\nprogrammes malveillants<\/li><li>Se diffuser\ndans le r\u00e9seau local<\/li><li>Se camoufler<\/li><li>Changer sa\nsignature qui permet la d\u00e9tection (polymorphe)<\/li><li>Et autres\n\u00e9volutions<\/li><\/ul>\n\n\n\n<p style=\"background-color:#5a7410\" class=\"has-text-color has-background has-medium-font-size has-very-light-gray-color\">L\u2019objectif\ndu groupe criminel&nbsp;:<\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>Infecter votre\nr\u00e9seau<\/li><li>Vendre l\u2019acc\u00e8s\n\u00e0 d\u2019autres groupes <\/li><\/ul>\n\n\n\n<p>Pour plus de d\u00e9tails concernant EMOTET <a href=\"https:\/\/www.uqac.ca\/cybersecurite\/wp-content\/uploads\/2021\/02\/LB-EMOTET-CERTFR-2020-CTI-010.pdf\">Consultez CERTFR-2020-CTI-010.pdf (ssi.gouv.fr)<\/a><br>Pour mieux comprendre les cybercrimes et s\u2019en prot\u00e9ger, <a href=\"https:\/\/www.uqac.ca\/cybersecurite\/index.php\/2021\/01\/25\/nouvelles-infographies-pour-bien-comprendre-et-se-proteger\/\">consultez les infographies<\/a>. <\/p>\n","protected":false},"excerpt":{"rendered":"<p>De programme malveillant \u00e0 plateforme pour les cybercriminels RAAS (ransomware-as-a-service),  le programme malveillant Emotet pour ne pas le nommer, est devenu, avec son \u00e9volution, une plateforme de service pour les cybercriminels afin de d\u00e9ployer d\u2019autres programmes malveillants.  M\u00eame s\u2019il est \u00e9branl\u00e9 aujourd\u2019hui, il est   l\u2019instigateur du d\u00e9veloppement d\u2019un savoir-faire, qui peut \u00eatre lucratif et qui n&rsquo;a pas fini d&rsquo;\u00eatre exploit\u00e9 dans de futures attaques.<\/p>\n","protected":false},"author":4,"featured_media":1380,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[4,3],"tags":[],"class_list":["post-2049","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-actualite","category-formations-et-conseils"],"acf":[],"_links":{"self":[{"href":"https:\/\/www.uqac.ca\/cybersecurite\/wp-json\/wp\/v2\/posts\/2049","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.uqac.ca\/cybersecurite\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.uqac.ca\/cybersecurite\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.uqac.ca\/cybersecurite\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"https:\/\/www.uqac.ca\/cybersecurite\/wp-json\/wp\/v2\/comments?post=2049"}],"version-history":[{"count":8,"href":"https:\/\/www.uqac.ca\/cybersecurite\/wp-json\/wp\/v2\/posts\/2049\/revisions"}],"predecessor-version":[{"id":2057,"href":"https:\/\/www.uqac.ca\/cybersecurite\/wp-json\/wp\/v2\/posts\/2049\/revisions\/2057"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.uqac.ca\/cybersecurite\/wp-json\/wp\/v2\/media\/1380"}],"wp:attachment":[{"href":"https:\/\/www.uqac.ca\/cybersecurite\/wp-json\/wp\/v2\/media?parent=2049"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.uqac.ca\/cybersecurite\/wp-json\/wp\/v2\/categories?post=2049"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.uqac.ca\/cybersecurite\/wp-json\/wp\/v2\/tags?post=2049"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}