Chenjerera kune izvi zvakashata zvinowedzera muVSCode

9 yakawedzera yakaipa yakawanikwa muVSCode Musika
Iyo malware inoisa XMRig cryptominer inochera kumashure.
Iwo mawedzero airatidza kuve maturusi ekusimudzira ari pamutemo
Microsoft haisati yabvisa zvese zvinokuvadza zvinowedzera

Visual Studio Code, kana kungoti VSCode, yave imwe yezvishandiso zvinofarirwa nevagadziri pasirese. Hurukuro hwayo uye mukana wekuwedzera mashandiro kuburikidza nekuwedzera kunoita kuti iwedzere kutaridzika.. Asi chaizvo kuvhurika uku kwave gedhi rekutyisidzira kwecyber kuri kutora mukana wekuvimba kwevashandisi.

Mumazuva mashoma apfuura, zvimwe zvinhu zvabuda pachena: Zvipfumbamwe zvekuwedzera mune yepamutemo VSCode Musika inovanza yakaipa kodhi. Kunyange zvichiratidzika sezvishandiso zviri pamutemo zvine chinangwa chekuvandudza ruzivo rwebudiriro, muchokwadi Ivo vanokanganisa masisitimu ne cryptomining software yakagadzirirwa kubiridzira zviwanikwa zvekombuta.. Kuwanikwa uku kwasimudza kushushikana pakati pevagadziri venharaunda uye kunosimbisa kukosha kwekutarisisa kwakasimba kweaya marudzi emapuratifomu.

Yakakanganisa mawedzero muVSCode Musika

Kuwanikwa uku kwakaitwa naYuval Ronen, muongorori paExtensionTotal papuratifomu, akaona kuti nhevedzano yekuwedzera inowanikwa paMicrosoft portal yeVSCode. Vakaita kodhi yakavanzika mushure mekuiswa. Iyi kodhi yakabvumira kuitwa kweiyo PowerShell script yakadhawunirodha uye yakaiswa kumashure iyo XMRig cryptominer, yakashandiswa zvisiri pamutemo cryptocurrency migodhi mabasa akadai Monero uye Ethereum.

Iyo Mapakeji akabatwa akaburitswa muna Kubvumbi 4, 2025, uye dzaive dzatovepo kuti dziiswe nemushandisi chero pasina zvirambidzo. The extensions Ivo vakaunzwa sezvishandiso zvinobatsira, zvimwe zvine chekuita nevagadziri vemitauro uye vamwe kune hungwaru hwekugadzira kana zvigadzirwa zvekuvandudza.. Pazasi pane runyorwa ruzere rwezvakashumwa edzedzero:

Discord Rich Presence yeVSCode - naMark H
Tsvuku - Roblox Studio Sync - na evaera
Solidity Compiler - neVSCode Developer
Claude AI - naMark H
Golang Compiler - naMark H
ChatGPT Mumiriri weVSCode - naMark H
HTML Obfuscator - naMark H
Python Obfuscator - naMark H
Rust Compiler yeVSCode - naMark H

Exclusive content - Click Here Nzira yekubvisa hutachiona kubva pafoni yako?

Zvinofanira kucherechedzwa kuti mamwe ekuwedzera aya yakanga ine mazinga akakwirira zvinoshamisa; Semuyenzaniso, "Discord Rich Presence" yakaratidza pamusoro pe189.000 kuiswa, nepo "Rojo - Roblox Studio Sync" yaive inosvika zviuru zana nemakumi manomwe nenomwe. Nyanzvi dzakawanda dzecybersecurity dzakaratidza izvozvo Huwandu uhu hunogona kunge hwakakwidziridzwa kuti huve nemukurumbira. uye kukwezva vashandisi vasingafungiri.

Kubva panguva yekuburitswa kweruzhinji, Mawedzero acho akaramba achiwanikwa muMusika, izvo zvakakonzera kushoropodzwa kweMicrosoft nekushaikwa kwayo kwemhinduro yekukurumidza kune yambiro yekuchengetedza. Icho chokwadi chekuti izvi zvaive zvimisikidzo kubva kune yepamutemo sosi inoita kuti dambudziko rinyanye kutetepa.

Mashandiro anoita kurwisa: matekiniki anoshandiswa neawedzero yakaipa

Chirwere chetachiona chinotanga pakarepo mushure mokunge kuwedzerwa kwaiswa. Panguva iyoyo, PowerShell script inoitwa iyo inotorwa kubva kukero yekunze: https://asdfqq(.)xyz. Manyoro aya anobva aita basa rekuita zvakati wandei zviito zvinobvumira mucheri kuti agare mukati mekombuta yabatwa.

Exclusive content - Click Here Maitiro Ekuziva Kana Mumwe Munhu Ari Kuba Indaneti Yangu

Chimwe chezvinhu zvekutanga izvo script inoita isa iyo chaiyo yekuwedzera iyo yakashata yaiedza kutevedzera. Izvi zvinoitirwa kudzivirira kufungira kune mushandisi anogona kuona chero musiyano mukushanda. Zvichakadaro, kodeti inoramba ichimhanya kumashure kudzima matanho ekudzivirira uye kugadzira nzira yekuti crypto miner ishande isingaonekwe.

Pakati pezviito zvinonyanya kuzivikanwa zve script ndezvi:

Kugadzira mabasa akarongwa yakavanzika nemazita ari pamutemo se "OnedriveStartup".
Kuiswa kwemirairo yakaipa mu registro del sistema operativo, kuve nechokwadi chekuenderera kwayo mukati mekutangazve.
Deactivation of basic security services, kusanganisira Windows Update uye Windows Medic.
Kuiswa kwedhairekitori remugodhi mu Windows Defender kusarudzika runyorwa.

Uyezve, kana kurwisa kwacho kuchitadza kubudirira kodzero dzemutariri Panguva yekumhanya, inoshandisa nzira inozivikanwa se "DLL hijacking" kuburikidza nekunyepedzera MLANG.dll faira. Iri zano rinobvumira bhinari yakaipa kuti iitwe nekutevedzera zviri pamutemo sisitimu inoitwa seComputerDefaults.exe, ichipa iyo inodiwa mvumo yekupedza kuisirwa mugodhi.

Kana iyo system yakanganiswa, a silent mining operation yecryptocurrencies inoshandisa CPU zviwanikwa pasina mushandisi kuzviona zviri nyore. Zvakasimbiswa kuti sevha iri kure inobatawo madhairekitori akadai se “/npm/,” zvichimutsa fungidziro yekuti mushandirapamwe uyu unogona kuwedzera kune mamwe maportals akaita seNPM. Kunyangwe, kusvika ikozvino, hapana humbowo hwechokwadi hwakawanikwa pachikuva ichocho.

Zvekuita kana iwe waisa chero yeaya ekuwedzera

Kana iwe, kana mumwe munhu kuchikwata chako, akaisa chero anofungidzirwa ekuwedzera, Chinonyanya kukosha kuvabvisa munzvimbo yebasa. Kungovabvisa kubva mupepeti hakuna kukwana, sezvo zviito zvakawanda zvinoitwa nescript zvinoramba zvichiramba kunyange mushure mekubvisa kuwedzera.

Exclusive content - Click Here Nzira yekudzivirira sei account yako kubva pakubira?

Zvakanakisisa kutevera matanho aya:

Dzima nemaoko mabasa akarongwa se "OnedriveStartup".
Delete kufungidzira mapinda mu Registry yeWindows zvinoenderana nemalware.
Ongorora uye chenesa madhairekitori akabatwa, kunyanya avo vakawedzerwa kune rondedzero yekusabatanidzwa.
Ita a full scan ine yakagadziridzwa antivirus maturusi uye funga kushandisa mhinduro dzepamusoro dzinoona maitiro asina kunaka.

Uye pamusoro pezvose, ita nekukurumidza: kunyangwe kukuvadzwa kukuru kuri kushandiswa kusingatenderwi kwezviwanikwa zvehurongwa (kushandiswa kwakanyanya, kunonoka, kupisa, nezvimwewo). Hazvirambidzwe kuti vanorwisa vanogona kunge vakavhura mamwe magonhi ekumashure..

Ichi chikamu chakaratidza kuti zviri nyore sei kushandisa kuvimba munzvimbo dzebudiriro, kunyangwe pamapuratifomu akamiswa seVSCode Marketplace yepamutemo. Naizvozvo, vashandisi vanorayirwa kuti Nyatsotarisa kwakabva chero kuwedzerwa usati waiisa, isa pamberi avo vane yakasimbiswa mushandisi base uye dzivirira mapakeji matsva kubva kune vasingazivikanwe madhizaini. Kuwanda kwerudzi urwu rwemishandirapamwe yakaipa kunoratidza chokwadi chinoshungurudza: nharaunda dzebudiriro, dzaimboonekwa dzakachengeteka nekusarudzika, Vanogona zvakare kuve kurwisa mavector kana kusimbiswa kwakasimba uye kuongorora maprotocol asina kushandiswa. Parizvino, mutoro unowira kune vese vanopa papuratifomu uye vanogadzira ivo pachavo, vanofanirwa kuramba vakasvinura.

Alberto Navarro

Ini ndiri anofarira tekinoroji akashandura zvaanofarira zve "geek" kuita basa. Ndapedza makore anopfuura gumi ehupenyu hwangu ndichishandisa tekinoroji yekucheka-kumucheto uye kutamba nemhando dzese dzezvirongwa kunze kwekuda kuziva. Iye zvino ndava nyanzvi mune zvekombiyuta uye mitambo yemavhidhiyo. Izvi zvinodaro nekuti kweanopfuura makore 10 ndanga ndichishanda kunyora kune akasiyana mawebhusaiti pane tekinoroji nemitambo yemavhidhiyo, ndichigadzira zvinyorwa zvinotsvaga kukupa ruzivo rwaunoda mumutauro unonzwisisika nemunhu wese.

Kana iwe uine chero mibvunzo, ruzivo rwangu rwunobva kune zvese zvine chekuita neWindows inoshanda sisitimu pamwe ne Android yenharembozha. Uye kuzvipira kwangu kuri kwauri, ndinogara ndakagadzirira kushandisa maminetsi mashoma uye kukubatsira kugadzirisa chero mibvunzo yaungave unayo munyika ino yeinternet.