Isilumkiso se-malware ye-Android: iitrojans zebhanki, ukuhlola kwe-DNG, kunye nobuqhetseba be-NFC buyanda.

Iifowuni ze-Android zihlala kwindawo ebonakalayo, kwaye ngokophando lwamva nje, Imbono ayizolanga ncam.. phakathi Banking Trojans ukuba akhawunti engenanto, Ispyware esisebenzisa ukuba semngciphekweni kosuku-zero kunye nobuqhophololo obungaqhagamshelwangaUmphezulu wokuhlaselwa ukhula ngokuhambelana nokwamkelwa kwedijithali eYurophu naseSpain.

Kwiiveki zokugqibela Amaphulo kunye neenkcukacha ziye zavela ezipeyinta umfanekiso onzima: Iiapps ezingama-239 ezinobungozi kuDlalo lukaGoogle ukuqokelela ngaphezu kwezigidi ezingama-42 ezikhutshelweyo, a entsha yebhanki Trojan kunye nezigqubuthelo ezikwaziyo ukuthatha ulawulo lwesixhobo, kwabizwa ispyware Ukufika komhlaba oko kudlula Imifanekiso yeDNG kunye nesicwangciso se ukwenza ikhadi nge-NFC (NGate) Ivela eYurophu kwaye isanda kwiLatin America.

Isifinyezo sokunyuka kwe-malware ephathwayo kwi-Android

Ingxelo yamva nje ye-Zscaler ityhila ukuba phakathi kukaJuni ka-2024 kunye noMeyi ka-2025 I-Google Play isingathe ii-apps ezinobungozi ezingama-239 olugqithise kwizigidi ezingama-42 zofakelo. Umsebenzi we-malware weselula Ikhule ngama-67% unyaka nonyaka, kunye nobukho obukhethekileyo kwizixhobo kunye necandelo lokuvelisa, apho abahlaseli bazifihla njengezixhobo ezibonakala zisemthethweni.

Le nguqulelo iguqulela kutshintsho olucacileyo kumaqhinga: I-Adware yenza i-69% yokufunyanwangelixa usapho lweJoker luwela kwi-23%. Ngelizwe, i-Indiya (i-26%), i-United States (i-15%), kunye ne-Canada (i-14%) ikhokela izibalo, kodwa eYurophu, ukuhla kuye kwabonwa. iinguqu eziphawulekayo eItalingokunyuka okubukhali kakhulu konyaka nonyaka, kunye nezilumkiso malunga nokusasazeka okunokwenzeka komngcipheko kwilizwekazi liphela.

Ukujongana nale meko, uGoogle uqinise ulawulo lwayo kumphuhlisi we-ecosystem nge imilinganiselo eyongezelelweyo yokuqinisekisa isazisi yokupapashwa kwi-Android. Injongo kukuphakamisa umgangatho wokungena kunye nokulandelelwa, ukunciphisa amandla e-cybercriminals ukusabalalisa i-malware kwiivenkile ezisemthethweni.

Ukongeza kwivolumu, ubuchwephesha yinkxalabo: I-Zscaler iqaqambisa iintsapho ezisebenzayo, phakathi kwazo Anatsa (iTrojan yebhanki), I-Android Void/Vo1d (i-backdoor kwizixhobo ezine-AOSP yelifa, enezixhobo ezingaphezu kwe-1,6 yezigidi ezichaphazelekayo) kunye XnotI-RAT eyenzelwe ukuba iziqinisekiso kunye neekhowudi ze-2FA. EYurophu, amaziko emali kunye nabasebenzisi beebhanki eziphathwayo Babonisa umngcipheko ocacileyo.

Iingcali zalatha kwinguqu ukusuka kubuqhetseba bekhadi letyala lakudala ukuya iintlawulo eziphathwayo kunye nobuchwepheshe bezentlalo (i-phishing, smishing kunye ne-SIM swapping), efuna ukuphakamisa ucoceko lwedijithali lomsebenzisi wokugqibela kunye nokomeleza ukukhuselwa kwamajelo eselula equmrhu.

I-Android/I-BankBot-YNRK: Ukwaleka, ukuFikelela, kunye nobusela beBhanki

Abaphandi baseCyfirma baye babhala a itrojan yebhanki ye-Android ebizwa ngokuba “yi-Android/BankBot‑YNRK”, yayiyilwe ukwenza usetyenziso olusemthethweni emva koko luvule iiNkonzo zokuFikelela ukufumana ulawulo olupheleleyo yesixhobo. Ubungcali bayo kukuhlaselwa okungaphezulu: kuyadala izikrini zokungena ezingeyonyani malunga neebhanki zangempela kunye ne-crypto apps zokubamba iziqinisekiso.

Unikezelo ludibanisa i Ivenkile yokudlala (kumaza agqitha izihluzo) anamaphepha anobuqhophololo anikezela ngee-APK, kusetyenziswa amagama epakethe nezihloko ezilinganisa iinkonzo ezidumileyo. Phakathi kwezichongi zobugcisa ezichongiweyo zininzi SHA-256 hashes kwaye kuqikelelwa ukuba umsebenzi uya kusebenza phantsi I-Malware-njenge-iNkonzo, eyenza kube lula ukwanda kwayo kumazwe ahlukeneyo, kuquka iSpeyin.

Nje ukuba ingene ngaphakathi, inyanzelisa iimvume zokufikeleleka, izongeza njengomlawuli wesixhobo, kwaye ifunde oko kuvela kwiscreen. cofa amaqhosha enyani kwaye ugcwalise iifomInokuthi ithintele iikhowudi ze-2FA, isebenzise izaziso, kunye udluliselo oluzenzekelayozonke ngaphandle kokuphakamisa naziphi na izikrokro ezibonakalayo.

Abahlalutyi badibanisa esi soyikiso kwi-BankBot / usapho lwe-Anubis, esebenzayo ukususela ngo-2016, kunye neentlobo ezininzi. Ziyavela ukuze ziphephe isoftware ye-antivirus kunye nolawulo lwevenkile. Amaphulo adla ngokujoliswa kwii-apps zemali ezisetyenziswa ngokubanzi, okwandisa impembelelo enokubakho xa ingabonwa ngexesha.

Kubasebenzisi kunye namashishini e-EU, isincomo kukuqinisa ulawulo lwemvumeHlaziya useto lofikelelo kwaye ujonge ukuziphatha kweapps zemali. Ukuba uyathandabuza, kungcono ukukhupha, ukuskena isixhobo sakho, kunye tshintsha iziqinisekiso ngolungelelwaniso neziko.

Ukuwa komhlaba: Ubuntlola obuthuleyo obusebenzisa imifanekiso ye-DNG kunye ne-zero-day glitches

Olunye uphando, olukhokelwa yiYunithi ye-42 yePalo Alto Networks, yafumanisa a ispyware for Android ebizwa Ukufika komhlaba exhaphaze ubuthathaka bosuku oluyiqanda kwilayibrari yokucwangcisa imifanekiso (libimagecodec.quram.so) ukwenza ikhowudi xa decode iifayile zeDNGOko kwakwanele. fumana umfanekiso ngokuthumela umyalezo ukuze uhlaselo lwenziwe ngaphandle kokunxibelelana.

Iimpawu zokuqala zibuyela kuJulayi ka-2024 kwaye isigwebo sahlelwa njenge I-CVE‑2025‑21042 (kunye nolungiso olongezelelweyo CVE-2025-21043 emva kweenyanga). Eli phulo lijolise kugxininiso oluthile Izixhobo ze-Samsung Galaxy kwaye ibenempembelelo enkulu kuMbindi Mpuma, nangona iingcali zilumkisa ngokuba le misebenzi inokwanda ngokulula kangakanani ngokwejografi.

Emva kokuba uzinikele, Ukuwa phantsi kuvunyelwe ukutsalwa iifoto ngaphandle kokuzifaka kwilifuimiyalezo, abafowunelwa, kunye nezikhuni zokufowuna, Ukwengeza kwi uvule imakrofoni ngokufihlakeleyoUkumodareyitha kwespyware kunye nokuzingisa kwayo phantse unyaka wonke ngaphandle kokufunyanwa kugxininisa tsiba ngobunzulu ezo zinikwa yizoyikiso eziphambili eziphathwayo.

Ukunciphisa umngcipheko, kubalulekile Faka uhlaziyo lokhuseleko lomenzi, ukunciphisa ukuvezwa kwiifayile ezifunyenwe kubafowunelwa abangangqiniswanga, kwaye ugcine iindlela zokukhusela inkqubo zisebenza., kuzo zombini iitheminali zokusetyenziswa komntu kunye nakwizithuthi zenkampani.

Ngate: NFC ikhadi cloning, ukusuka Czech Republic ukuya Brazil

Uluntu lwe-cybersecurity nalo lugxile Ngate, a I-malware ye-Android eyilelwe ubuqhophololo bezemali obuxhaphaza i-NFC ngenxa ikopi yedatha yekhadi kwaye uzilinganise kwesinye isixhobo. Amaphulo abhalwe kuMbindi Yurophu (iRiphabhliki yaseCzech) ebandakanya ukulinganisa kweebhanki zasekhaya kunye nenguquko eyalandelayo ejolise ekubeni abasebenzisi baseBrazil.

Inkohliso idibanisa i-smishing, ubunjineli bezentlalo, kunye nokusetyenziswa kwe PWA/WebAPK kunye neewebhusayithi ezilinganisa i-Google Play ukuququzelela ukufakela. Nje ukuba ingene ngaphakathi, ikhokela ixhoba ukuba livule i-NFC kwaye lifake i-PIN, lithintele utshintshiselwano, kwaye liyidlulisele ngokusebenzisa izixhobo ezinje. NFCGate, ukuvumela ukutsalwa kwemali kwii-ATM kunye neentlawulo zePOS ezingaqhagamshelwanga.

Ababoneleli abahlukeneyo Babona izinto ezahlukeneyo phantsi kweethegi ezifana ne-Android/Spy.NGate.B kunye neTrojan-Banker heuristicsNangona kungekho bungqina boluntu bemikhankaso esebenzayo eSpain, iindlela ezisetyenziswayo zi idluliselwe kuwo nawuphi na ummandla ngebhanki eyamkelwa ngokubanzi ngaphandle koqhagamshelwano.

Indlela yokunciphisa umngcipheko: iindlela ezifanelekileyo

Phambi kokufaka, thatha imizuzwana embalwa ukujonga i umhleli, iireyithingi kunye nomhla ye-app. Zilumkele izicelo zemvume ezingahambelani nomsebenzi ochaziweyo. (ngakumbi Ukufikeleleka kunye noLawulo yesixhobo).

Gcina inkqubo kunye nee-apps ihlala ihlaziywaVula iGoogle Play Protect kwaye wenze iscan rhoqo. Kwiindawo zeshishini, kuyacetyiswa ukuba kuphunyezwe imigaqo-nkqubo ye-MDM. Uluhlu lwebhloko kunye nokuhlolwa okungaqhelekanga kwezithuthi.

Kuphephe ukukhuphela ii-APKs kwimiyalezo ye-SMS, imidiya yoluntu, okanye ii-imeyile, kwaye uphephe ... amaphepha afana noDlalo lukaGoogleUkuba i-app yebhanki icela i-PIN yekhadi lakho okanye ikucela ukuba ubambe ikhadi lakho kufutshane nefowuni yakho, rhanela kwaye ujonge kwibhanki yakho.

Ukuba ubona iimpawu zosulelo (idatha engaqhelekanga okanye ukusetyenziswa kwebhetri, izaziso ezingaqhelekanga(izikrini ezivelelayo), khupha idatha, khupha ii-apps ezikrokrisayo, skena isixhobo sakho, kwaye utshintshe iinkcukacha zakho. Qhagamshelana nebhanki yakho ukuba uyabhaqa iintshukumo ezingagunyaziswanga.

Kwimida yobungcali, Ibandakanya ii-IoCs ezipapashwe ngabaphandi (iindawo, ihashes, kunye neepakethi ezijongiweyo) kuluhlu lwakho lwebhloko, kwaye ulungelelanise impendulo kunye necandelo le-CSIRT ukusika imitya enokwenzeka losulelo.

I-ecosystem ye-Android idlula kwinqanaba loxinzelelo oluphezulu oluvela kulwaphulo-mthetho lwe-cyber: ukusuka usetyenziso oluyingozi kwiivenkile ezisemthethweni Oku kuquka iiTrojans zebhanki ezinokwaleka, ispyware exhaphaza imifanekiso yeDNG, kunye nobuqhophololo be-NFC ngokulinganisa ikhadi. Ngohlaziyo lwangoku, isilumkiso ngexesha lofakelo, kunye nokubekwa kweliso okusebenzayo kweemvume kunye neentengiselwano zebhanki, kuyenzeka ukubanqanda. ukunciphisa kakhulu ukutyhileka bobabini abasebenzisi kunye nemibutho eSpain nakwiYurophu iphela.

Inqaku elinxulumene nalo:

Uyisebenzisa njani i-Snapdrop njengenye indlela yokwenyani kwi-AirDrop phakathi kweWindows, Linux, Android kunye ne-iPhone

UAlberto Navarro

Ndingumntu othanda itekhnoloji ojike umdla wakhe we "geek" waba ngumsebenzi. Ndichithe ngaphezulu kweminyaka eli-10 yobomi bam ndisebenzisa itekhnoloji yokusika kwaye ndikhenkceza ngazo zonke iintlobo zeenkqubo ngenxa yokufuna ukwazi okumsulwa. Ngoku ndiqeqeshelwe ubugcisa bekhompyutha nakwimidlalo yevidiyo. Oku kungenxa yokuba ngaphezu kweminyaka emi-5 ndibhalela iiwebhusayithi ezahlukeneyo kwitekhnoloji kunye nemidlalo yevidiyo, ndisenza amanqaku afuna ukukunika ulwazi oludingayo ngolwimi oluqondakalayo kuye wonke umntu.

Ukuba unayo nayiphi na imibuzo, ulwazi lwam lusuka kuyo yonke into enxulumene nenkqubo yokusebenza yeWindows kunye ne-Android yeefowuni eziphathwayo. Kwaye ukuzinikela kwam kukuwe, ndihlala ndikulungele ukuchitha imizuzu embalwa kwaye ndikuncede usombulule nayiphi na imibuzo onokuba nayo kweli lizwe le-intanethi.