Wata zamba ta sanya jama'ar cryptocurrency da masu amfani da fasaha cikin faɗakarwa, bayan wani boye malware a cikin Microsoft Office. Wannan barazanar, wanda kwararrun masana harkar tsaro suka gano kwanan nan, an ce ta canza kanta a matsayin halaltaccen kayan aiki a kan manyan hanyoyin saukarwa, da neman satar kudaden dijital ba tare da sanin wadanda abin ya shafa ba.
Zamba ya ƙunshi yin amfani da fakitin ƙarar Microsoft Office na karya da aka buga akan tashar SourceForge., sanannen dandamalin tallan kayan masarufi. Waɗannan fayilolin, yayin da aka gabatar da su a matsayin marasa lahani kuma masu amfani, sun ƙunshi malware da ake yiwa lakabi da ClipBanker, wanda ya ƙware wajen satar adiresoshin cryptocurrency da masu amfani suka kwafi don tura kuɗi zuwa jakunkunan maharan.
ClipBanker: Malware Boye a cikin Microsoft Office
ClipBanker baya aiki a bayyane ga mai amfani, amma yana jiran mai amfani ya kwafi adireshin walat., al'adar gama gari lokacin yin aiki cryptoasset canja wurin. Maimakon kiyaye wannan adireshin, malware ɗin yana maye gurbinsa da wani wanda ke ƙarƙashin ikon maharin, ta haka yana karkatar da kuɗin ba tare da tada zargin nan take ba.
Kamfanin tsaro na Kaspersky na daya daga cikin wadanda suka fara gudanar da bincike tare da fadakar da su game da wannan harin., yana nuna cewa sunan kunshin yaudarar da aka yi amfani da shi a wasu lokuta shine "package office". Ko da yake ya haɗa da abubuwan da suka bayyana suna da inganci, ainihin manufarsa ita ce ta lalata tsarin masu amfani.
Injiniyan zamantakewa da dabarun gujewa ci gaba
Ɗaya daga cikin dabarun da masu laifi ke amfani da su don ba da gaskiya ga fayil ɗin ɓarna shine ƙirƙirar shafin zazzagewa mai kama da shafukan hukuma.. Yana nuna sunayen shahararrun kayan aikin da maɓallan shigarwa waɗanda ke kwaikwayi halaltattun matakai, ƙara yuwuwar masu amfani za su faɗa cikin tarko.
Baya ga maye gurbin adireshi na walat, malware yana tattara bayanai daga tsarin da ya kamu da cutar., gami da adiresoshin IP, wurin yanki, da sunan mai amfani. Ana isar da wannan bayanin ga masu gudanar da kwayar cutar ta hanyar dandali na aika saƙon Telegram, yana bawa maharan damar kula da nesa na na'urar ko ma kasuwanci zuwa wasu kamfanoni.
Bayanan fasaha suna haifar da tuhuma game da wannan malware da aka ɓoye a cikin Microsoft Office
Ɗayan bayyanannen alamun cewa wani abu ba daidai ba shine girman fayilolin da aka sauke.. A cewar Kaspersky, yawancin aikace-aikacen ƙeta suna da ƙanƙanta da ba a saba gani ba, wanda ba sabon abu bane ga software na Microsoft Office, koda lokacin da aka matsa. Sauran fakiti, a daya bangaren, an lullube su da bayanai marasa ma'ana don ba da bayyanar ingantaccen tsari.
An tsara malware tare da ikon guje wa ganowa. Kuna iya bincika yanayin na'urar don ganin ko tana nan ko kuma kayan aikin riga-kafi na iya gane ta. Idan ta gano daya daga cikin wadannan abubuwa, tana da karfin rugujewa da kanta, wanda hakan ya sa masana ke da wuya su iya tantance shi daga baya.
Masu amfani da manufa? Galibi yana magana da Rashanci
Babban ɓangaren cututtukan da ke ya zuwa yanzu sun faru a Rasha.. Rahoton na Kaspersky ya yi kiyasin cewa kusan kashi 90 cikin 4.600 na wadanda wannan makirci ya yaudare su sun fito ne daga kasar. An kiyasta cewa fiye da masu amfani da su XNUMX ne suka fada cikin wannan badakala tsakanin watan Janairu zuwa Maris na wannan shekara.
Harshen mu'amalar da maharan ke amfani da shi shima cikin Rashanci ne, wanda ke nuna cewa wannan masu sauraro shine farkon abin da ake hari.. Duk da haka, tun da ana iya rarraba software a duniya ta hanyar Intanet, ba a yanke shawarar cewa za a iya shafan wasu ƙasashe a cikin watanni masu zuwa ba.
Shawarwari don guje wa faɗawa tarkon wannan malware da ke ɓoye a cikin Microsoft Office
Zazzage software daga tushen hukuma kawai shine ma'auni mafi inganci don rage haɗarin kamuwa da cuta.. Kaspersky yayi kashedin game da amfani da shirye-shiryen satar fasaha ko madadin rukunin yanar gizo, waɗanda galibi suna da ƙarancin kulawar inganci da buƙatun tabbatarwa.
Masu laifi suna ci gaba da sabunta dabarun su don ƙaddamar da shirye-shiryen su a matsayin ingantacce.. Yin amfani da mashahuran dandamali da ƙirar hanyoyin mu'amala masu ban sha'awa suna sa masu amfani da ƙarancin gogewa musamman masu rauni.
Barazana mai girma fiye da Office
Irin wannan malware ba wani keɓantacce ba ne.. Sauran kamfanoni a fannin, irin su Threat Fabric, sun kuma bayar da rahoton bullar sabbin bambance-bambancen da ke shafar masu amfani da Android. Ɗaya daga cikin hanyoyin da aka gano ya haɗa da nuna allon karya na neman jumlar nau'in walat, ba da damar maharin ya mallaki cikakken ikon sarrafa kuɗin dijital na wanda aka azabtar.
Ci gaba da yawaitar hare-hare ya nuna cewa masu aikata laifuka ba kawai neman riba ba ne kawai. Har ila yau, a shirye suke su sayar da sarrafa kayan aiki ga wasu kamfanoni ko kuma sake gina abubuwan da aka lalata don sababbin kamfen na aikata laifuka.
Da m dabarun na ɓoye malware a cikin abin da ya zama halaltattun kayan aikin Microsoft Office yana nuna yadda masu amfani za su iya zama masu rauni lokacin da suka dogara da tushen da ba na hukuma ba. Waɗannan hare-haren, da farko suna niyya cryptocurrencies, suna cin gajiyar rashin ilimin fasaha na masu amfani da intanet da neman gajerun hanyoyi.
Yana da kyau koyaushe a bincika tushen software kafin shigar da shi kuma kar a amince da shafuka ko hanyoyin haɗin yanar gizo. Raba wannan bayanin don ƙarin masu amfani su san sabbin abubuwa da hatsarori na wannan malware da ke ɓoye a cikin Microsoft Office.