- I-Sturnus yitrojan yebhanki ye-Android ebamba iziqinisekiso kunye nokuthintela imiyalezo evela kwii-apps ezifihliweyo ezifana ne-WhatsApp, iTelegram, kunye neSignali.
- Ixhaphaza iNkonzo yokuFikelela kwe-Android ukufunda yonke into ekwisikrini kwaye ilawule isixhobo ukude usebenzisa iiseshoni zohlobo lweVNC.
- Isasazwa njenge-APK ekhohlakeleyo eyenza i-apps eyaziwayo (umzekelo, i-Google Chrome) kwaye ijolise ngokukodwa kwiibhanki kwi-Central and Southern Europe.
- Isebenzisa unxibelelwano olufihliweyo (i-HTTPS, i-RSA, i-AES, i-WebSocket) kwaye icela amalungelo omlawuli ukuba ahlale eqhubekayo kwaye anzima ukususwa kwayo.
Un ITrojan entsha yebhanki ye-Android ebizwa ngokuba nguSturnus uye walayita i ii-alam kwicandelo lokhuseleko lwe-cybersecurity yaseYurophuLe malware ayenzelwanga nje ukuba iziqinisekiso zemali, kodwa ikwanjalo ekwazi ukufunda i-WhatsApp, iTelegram, kunye neencoko zeSignali kwaye uthabathe phantse ulawulo olupheleleyo lwesixhobo esosulelekileyo.
Isisongelo, esichongwe ngabaphandi I-ThreatFabric kunye nabahlalutyi abacatshulwe yiBleepingComputer, basekwi a isigaba sokusasazwa kwangokokodwa sele ibonisa a inqanaba elingaqhelekanga lokuntsonkothaNangona amaphulo achongiweyo ukuza kuthi ga ngoku anqongophele, iingcali zoyika ukuba luvavanyo phambi kokhubekiso olukhulu ngokuchasene nabasebenzisi. Iibhanki eziphathwayo kuMbindi nakuMzantsi Yurophu.
Yintoni i-Sturnus kwaye kutheni ibangela inkxalabo enkulu?
I-Sturnus yitrojan yebhanki ye-Android edibanisa izinto ezininzi ezinobungozi kwiphakheji enye: ukubiwa kweenkcukacha zezimali, ukuhlola kwii-apps zemiyalezo efihliweyo, kunye nolawulo olukude lwefowuni usebenzisa iindlela zofikelelo eziphezulu.
Ngokohlalutyo lobugcisa olupapashwe ngu I-ThreatFabricI-malware iphuhliswa kwaye iqhutywe yinkampani yabucala enendlela ecacileyo yobuchwephesha. Nangona ikhowudi kunye neziseko zophuhliso zisabonakala zivela, iisampulu ezihlalutyiweyo zinjalo ukusebenza ngokupheleleyo, nto leyo ebonisa ukuba Abahlaseli sele bevavanya iTrojan kumaxhoba okwenene..
Abaphandi babonisa ukuba, okwangoku, iithagethi ezichongiweyo zigxininisiwe abathengi bamaziko emali aseYurophungakumbi kwiindawo ezisembindini nezisezantsi zelizwekazi. Le ngqwalasela iyabonakala kwi iitemplates zobuxoki kunye nezikrini idityaniswe kwi-malware, eyilelwe ngokukodwa ukulinganisa inkangeleko yezicelo zebhanki zasekhaya.
Le ndibaniselwano ye ukugxila kwingingqi, ubuchwephesha obuphezulu kunye nesigaba sovavanyo Oku kwenza ukuba i-Sturnus ibonakale njengesongelo esikhulayo esinamandla okukhula, okufana nemikhankaso yetrojan yebhanki yangaphambili eyaqala ngobuqili kwaye yaphela ngokuchaphazela amawaka ezixhobo.
Isasazeka njani: usetyenziso olungeyonyani kunye namaphulo afihlakeleyo
Ulwabiwo lwe I-Sturnus ixhomekeke kwiifayile ezinobungozi ze-APK ezenza usetyenziso olusemthethweni noludumileyo. Abaphandi bachonge iipakethe ezilingisayo, phakathi kwabanye, kuGoogle Chrome (ngamagama epakethe e-obfuscated njenge com.klivkfbky.izaybebnx) okanye usetyenziso olubonakala lungenabungozi njenge Ibhokisi ye-Preemix (com.uvxuthoq.noscjahae).
Nangona indlela yokusasaza ngqo Akukaqinisekwa ngokuqinisekileyo, kodwa ubungqina bukhomba kumaphulo e phishing kunye neentengiso eziyingozikunye nemiyalezo yabucala ethunyelwe ngamaqonga omyalezo. Le miyalezo iphinda iqondise kwiiwebhusayithi ezinobuqhophololo apho umsebenzisi amenywa ukuba akhuphele uhlaziyo olucingelwayo okanye izinto eziluncedo, eneneni, ziyi-installer yeTrojan.
Emva kokuba ixhoba lifake isicelo sobuqhetseba, u-Sturnus ucela Iimvume zokufikeleleka kwaye, kwiimeko ezininzi, amalungelo omlawuli wesixhoboEzi zicelo ziguqulwe njengemiyalezo ebonakala ngathi isemthethweni, kubanga ukuba ziyimfuneko ukubonelela ngeempawu eziphambili okanye ukuphucula ukusebenza. Xa umsebenzisi enika ezi mvume zibalulekileyo, i-malware ifumana ukukwazi bona yonke into eyenzekayo kwiscreenUkusebenzisana nojongano kunye nokuthintela ukukhutshwa kwayo kwiitshaneli eziqhelekileyo ngundoqo, ngoko ke kubalulekile ukwazi. Uyisusa njani i-malware kwi-android.
Ukubiwa kweziqinisekiso zebhanki ngokusebenzisa izikrini ezingaphezulu
Enye ye-classic ka-Sturnus, kodwa isasebenza kakhulu, imisebenzi kukusetyenziswa kwe uhlaselo lokwaleka ukuba idata yebhanki. Obu buchule bubandakanya ukubonisa izikrini fake phezu apps ezisemthethweni, ngokuthembeka ukulinganisa ujongano lwe-app yebhanki yexhoba.
Xa umsebenzisi evula i-app yakhe yebhanki, iTrojan ibona isiganeko kwaye ibonise ukungena okungeyonyani okanye ifestile yokuqinisekisa, icela. igama lomsebenzisi, igama lokugqitha, iPIN okanye iinkcukacha zekhadiNgomntu ochaphazelekayo, amava abonakala eqhelekile ngokupheleleyo: ukubonakala okubonakalayo kuphindaphinda iilogo, imibala, kunye neetekisi zebhanki yangempela.
Ngokukhawuleza xa ixhoba lifaka ulwazi, I-Sturnus ithumela iziqinisekiso kumncedisi wabahlaseli usebenzisa amajelo afihliweyo. Kungekudala emva koko, inokuvala isikrini sobuqhophololo kwaye ibuyisele ulawulo kwi-app yokwenyani, ukuze umsebenzisi aqaphele ukulibaziseka okuncinci okanye ukuziphatha okungaqhelekanga, okuhlala kungaqatshelwa. Emva kobusela obunjalo, kubalulekile Jonga ukuba i-akhawunti yakho yebhanki igqekeziwe.
Ukongeza, iTrojan iyakwazi ukurekhoda amaqhosha kunye nokuziphatha phakathi kwezinye izicelo ezinovakalelo, ezandisa uhlobo lolwazi enokuthi libe: ukusuka kwiiphasiwedi ukufikelela kwiinkonzo ze-intanethi ukuya kwiikhowudi zokuqinisekisa ezithunyelwe ngeSMS okanye imiyalezo evela kwii-apps zokuqinisekisa.
Uyihlola njani i-WhatsApp, iTelegram, kunye nemiyalezo yeSiginali ngaphandle kokwaphula uguqulelo oluntsonkothileyo
Eyona nto ingathandekiyo ye-Sturnus kukukwazi kwayo funda iincoko zemiyalezo esebenzisa uguqulelo oluntsonkothileyo ekupheleni ukuya ekupheleninjenge-WhatsApp, iTelegram (kwiingxoxo zayo ezifihliweyo), okanye uMqondiso. Ukuqala nje, kunokubonakala ngathi i-malware ikwazile ukubeka esichengeni i-algorithms ye-cryptographic, kodwa inyani iyinyani kwaye iyakhathaza.
Endaweni yokuhlasela ukuhanjiswa kwemiyalezo, I-Sturnus iphakamisa iNkonzo yokuFikelela kwi-Android ukujonga izicelo eziboniswe ngaphambili. Xa ibona ukuba umsebenzisi uvula enye yezi apps zemiyalezo, iTrojan ngokulula... funda ngokuthe ngqo umxholo ovela kwisikrini.
Ngamanye amazwi, ayilophuli uguqulelo oluntsonkothileyo kuhambo: linda isicelo ngokwaso ukuba sisuse ukuntsonkotha kwemiyalezo kwaye uzibonise kumsebenzisi. Ngelo xesha, i-malware inokufikelela kumbhalo, amagama oqhagamshelwano, imisonto yencoko, imiyalezo engenayo nephumayo, kunye nezinye iinkcukacha ezikhoyo kwi-interface.
Le ndlela ivumela uSturnus Ukugqitha ngokupheleleyo ekupheleni-ukuya-ekupheleni ukhuseleko lofihlo ngaphandle kokuyiqhawula ngokwembono yezibalo. Kubahlaseli, ifowuni isebenza njengefestile evulekileyo ebonisa ulwazi oluthi, kwithiyori, kufuneka luhlale luyimfihlo nakwi-intermediaries kunye nababoneleli benkonzo.
Amanyathelo okhuseleko kubasebenzisi be-Android eSpain naseYurophu
Ejongene nezisongelo ezifana ne-Sturnus, i Iingcali zokhuseleko zincoma ukuqinisa imikhwa emininzi esisiseko ekusetyenzisweni kwefowuni yonke imihla:
- Kuphephe ukufaka iifayile ze-APK zifunyenwe ngaphandle kwevenkile kaGoogle esemthethweni, ngaphandle kokuba zivela kwimithombo engqinisiswe ngokupheleleyo neyimfuneko ngokungqongqo.
- Phonononga ngononophelo i iimvume ezicelwe ziziceloNayiphi na i-app ecela ukufikelela kwiNkonzo yokuFikelela ngaphandle kwesizathu esicacileyo kufuneka iphakamise iiflegi ezibomvu.
- Zilumkele izicelo ezivela amalungelo omlawuli wesixhoboapho kwiimeko ezininzi ayimfuneko ekusebenzeni okuqhelekileyo kwe-app eqhelekileyo.
- Gcina I-Google Play Protect kunye nezinye izisombululo zokhuseleko Hlaziya ngokusebenzayo inkqubo yokusebenza kunye neeapps ezifakiweyo rhoqo, kwaye uphonononge rhoqo uluhlu lwezicelo ezineemvume ezibuthathaka.
- Qaphela ukuziphatha okungaqhelekanga (izikrini zebhanki ezikrokrelayo, izicelo zokuqinisekisa ezingalindelekanga, ukucotha ngequbuliso) kwaye wenze ngoko nangoko kulo naluphi na uphawu lwesilumkiso.
Kwimeko yosulelo olukrokrelekayo, enye impendulo enokwenzeka kukuba ukurhoxisa ngesandla umlawuli kunye namalungelo ofikelelo Ukusuka kwiisetingi zenkqubo, khupha naziphi na ii-apps ezingaziwayo. Ukuba isixhobo siyaqhubeka sibonisa iimpawu, kunokuba yimfuneko ukugcina idatha ebalulekileyo kwaye wenze ukusetha kabusha kwefektri, ukubuyisela kuphela oko kuyimfuneko.
Ukubonakala kukaSturnus kuqinisekisa ukuba I-ecosystem ye-Android ihleli iyinto ephambili ekujoliswe kuyo Le Trojan, eyenzelwe amaqela olwaphulo-mthetho kunye nezibonelelo kunye nenkuthazo yezemali, idibanisa ubusela bebhanki, i-encrypted messages espionage, kunye nolawulo olukude kwiphakheji enye. Isebenzisa iimvume zofikelelo kunye nemijelo yonxibelelwano efihliweyo ukuze isebenze ngokufihlakeleyo. Kwimeko apho abasebenzisi abaninzi nangakumbi eSpain naseYurophu baxhomekeke kwiifowuni zabo eziphathwayo ukulawula imali yabo kunye nonxibelelwano lwabucala, ukuhlala uphaphile kunye nokwamkela iindlela ezilungileyo zedijithali kubaluleka ukunqanda ukuba lixhoba lezoyikiso ezifanayo.
Ndingumntu othanda itekhnoloji ojike umdla wakhe we "geek" waba ngumsebenzi. Ndichithe ngaphezulu kweminyaka eli-10 yobomi bam ndisebenzisa itekhnoloji yokusika kwaye ndikhenkceza ngazo zonke iintlobo zeenkqubo ngenxa yokufuna ukwazi okumsulwa. Ngoku ndiqeqeshelwe ubugcisa bekhompyutha nakwimidlalo yevidiyo. Oku kungenxa yokuba ngaphezu kweminyaka emi-5 ndibhalela iiwebhusayithi ezahlukeneyo kwitekhnoloji kunye nemidlalo yevidiyo, ndisenza amanqaku afuna ukukunika ulwazi oludingayo ngolwimi oluqondakalayo kuye wonke umntu.
Ukuba unayo nayiphi na imibuzo, ulwazi lwam lusuka kuyo yonke into enxulumene nenkqubo yokusebenza yeWindows kunye ne-Android yeefowuni eziphathwayo. Kwaye ukuzinikela kwam kukuwe, ndihlala ndikulungele ukuchitha imizuzu embalwa kwaye ndikuncede usombulule nayiphi na imibuzo onokuba nayo kweli lizwe le-intanethi.