Daruruwan shafuka suna yada malware da ke niyya macOS

24. 1. 2020

Kaspersky's Mac kayayyakin kariya sun hana kai hari daga dangin Shlayer trojan na malware akan daya cikin na'urori goma a bara. Don haka ya kasance mafi yaɗuwar barazanar ga masu amfani da macOS. Wannan ya samo asali ne saboda hanyar rarrabawa, inda malware ke yadawa ta hanyar hanyar sadarwar abokin tarayya, gidajen yanar gizon nishaɗi ko ma Wikipedia. Wannan yana tabbatar da gaskiyar cewa hatta masu amfani waɗanda ke ziyartar shafukan doka kawai suna buƙatar ƙarin kariya daga barazanar kan layi.

Shigar da gallery

Duk da cewa tsarin aiki na macOS gabaɗaya ana ɗaukarsa ya fi tsaro idan aka kwatanta da sauran, akwai ɗimbin masu aikata laifukan yanar gizo waɗanda har yanzu suke ƙoƙarin yin fashin masu amfani da shi. Shlayer - barazanar macOS mafi yaduwa na 2019, kyakkyawan misali ne na wannan, kamar yadda kididdigar Kaspersky ta tabbatar. Babban makaminsa shine adware – shirye-shiryen da ke tsoratar da masu amfani da tallace-tallacen da ba a nema ba. Hakanan suna iya kamawa da tattara bayanan bincike, a kan abin da suke daidaita sakamakon binciken ta yadda za su iya nuna ƙarin saƙonnin talla.

Rabon Shlayer na barazanar da aka yi niyya ga na'urorin macOS da samfuran Kaspersky ke kariya tsakanin Janairu da Nuwamba 2019 ya kai 29,28%. Kusan duk sauran barazanar da ke cikin manyan barazanar macOS 10 sune adware da Shlayer ya shigar: AdWare.OSX.Bnodlero, AdWare.OSX.Geonei, AdWare.OSX.Pirrit, da AdWare.OSX.Cimpli. Tun lokacin da aka fara gano Shlayer, algorithm ɗin sa da ke da alhakin kamuwa da cuta ya canza kaɗan kaɗan, yayin da aikinsa bai canza ba.

Objekt	Adadin masu amfani da hacked
HEUR:Trojan-Downloader.OSX.Shlayer.a	29.28%
ba-a-virus:HEUR:AdWare.OSX.Bnodlero.q	13.46%
ba-a-virus:HEUR:AdWare.OSX.Spc.a	10.20%
ba-a-virus:HEUR:AdWare.OSX.Pirrit.p	8.29%
ba-a-virus:HEUR:AdWare.OSX.Pirit.j	7.98%
ba-a-virus:AdWare.OSX.Geonei.ap	7.54%
ba-a-virus:HEUR:AdWare.OSX.Geonei.as	7.47%
ba-a-virus:HEUR:AdWare.OSX.Bnodlero.t	6.49%
ba-a-virus:HEUR:AdWare.OSX.Pirrit.o	6.32%
ba-a-virus:HEUR:AdWare.OSX.Bnodlero.x	6.19%

Manyan barazanar 10 da ke niyya da macOS ta hanyar rabon masu amfani da cutar ta amfani da samfuran Kaspersky (Janairu-Nuwamba 2019)

Na'urar tana kamuwa da ƙa'ida ta matakai biyu - na farko mai amfani ya shigar da Shlayer sannan malware ya shigar da zaɓin adware. Koyaya, na'urar tana kamuwa da cuta lokacin da mai amfani ya saukar da mugun shirin ba da gangan ba. Don cimma wannan, maharan sun ƙirƙiri tsarin rarrabawa tare da tashoshi da yawa waɗanda ke yaudarar masu amfani don zazzage malware.

Masu laifi na Intanet suna ba da Shlayer a matsayin hanyar samun monetize da rukunin yanar gizo a cikin shirye-shiryen haɗin gwiwa da yawa tare da babban biyan kuɗi don kowane shigarwa da masu amfani da Amurka suka yi. Dukkanin makircin yana aiki kamar haka: mai amfani yana bincika Intanet don wasan kwaikwayo na jerin talabijin ko wasan ƙwallon ƙafa. Shafin saukar da talla yana tura shi zuwa shafukan sabunta Flash Player na karya. Daga can, wanda aka azabtar yana zazzage malware. Abokin tarayya wanda ke da alhakin rarraba hanyar haɗin yanar gizon malware yana samun lada tare da biyan kuɗin kowane shigarwa da aka sauƙaƙe. A lokuta da yawa, an kuma tura masu amfani zuwa shafukan ƙeta tare da sabunta Adobe Flash na karya daga shafuka kamar YouTube ko Wikipedia. A kan tashar bidiyo, an jera hanyoyin haɗin ƙeta a cikin bayanin bidiyon, a cikin encyclopedia na Intanet, hanyoyin haɗin suna ɓoye a cikin tushen labaran mutum ɗaya.

Kusan duk rukunin yanar gizon da suka haifar da sabunta Flash Player na karya suna da abun ciki cikin Ingilishi. Wannan ya dace da wakilcin ƙasashen da ke da mafi yawan masu amfani da harin: Amurka (31%), Jamus (14%), Faransa (10%) da Birtaniya (10%).

Maganin Kaspersky yana gano Shlayer da abubuwa masu alaƙa kamar:

HEUR:Trojan-Downloader.OSX.Shlayer.*
ba-a-virus:HEUR:AdWare.OSX.Cimpli.*
ba-a-virus:AdWare.Script.SearchExt.*
ba-a-virus:AdWare.Python.CimpliAds.*
ba-a-virus:HEUR:AdWare.Script.MacGenerator.gen

Domin masu amfani da macOS su rage haɗarin harin wannan dangin malware, masana Kaspersky suna ba da shawarar matakan masu zuwa:

Shigar da shirye-shirye kawai da sabuntawa daga amintattun tushe
Nemo ƙarin game da rukunin yanar gizon nishaɗi - menene sunan sa da abin da sauran masu amfani ke faɗi game da shi
Yi amfani da ingantattun hanyoyin tsaro akan na'urorinku

Batutuwa: algorithm, Amurka, YouTube, Suriyawa, talla, serials, shirin, MacOS, video, Mac

Tattaunawar labarin

Sunan ku

Sharhin ku

Ta hanyar cike bayanan da ke sama, na yarda cewa kamfanin TEXT FACTORY s.r.o., ofishin rajista a Brno, Durďákova 336/29, Černá Pole, ZIP code: 613 00, lambar ID: 06157831, rajista a Kotun Yanki a Brno, sashe na C , saka 100399, zai aiwatar da bayanan sirri na da aka bayar a cikin fom ɗin rajista da na cika bisa la'akari da halalcin buƙatun TEXT FACTORY s.r.o. bisa ga Mataki na 6 sakin layi na 1 harafi f) GDPR da kuma cika wajibai na shari'a (Mataki na 6, sakin layi na 1, harafi c) GDPR), don dalilai masu zuwa: wajibcin tabbatar da izinin baƙi zuwa gidajen yanar gizon da TEXT FACTORY s.r.o. ke sarrafa don ba da gudummawa sosai ga labaran da aka buga ko a cikin tattaunawa. forums da aiwatar da haƙƙin TEXT FACTORY s.r.o. a matsayin mai kula da waɗannan wuraren tattaunawa. Ana iya samun ƙarin bayani game da sarrafa bayanan sirri da haƙƙoƙi a ciki Darussan kan kariyar bayanan sirri. dukan rubutun

Gidan hoton hoto

Masu alaƙa