- Uhlelo olungayilungele ikhompuyutha oluyimfihlo lusebenzisa amasu ayimfihlo (ama-rootkits, i-virtualization, ukuchofoza iqanda) ukuze igweme ukutholwa.
- U-Crocodilus no-Godfather ku-Android bantshontsha imininingwane yasebhange nge-spoofing ethuthukisiwe nezimvume.
- Ukuphikelela kwe-UEFI (CosmicStrand) kusinda ekufakweni kabusha kwesistimu; ukuhlanganisa izivikelo kuyisihluthulelo.
I-Cybersecurity isiphenduke inkinga yansuku zonke, kodwa, izinsongo eziningi ziyaqhubeka zinganakwa ngokumelene nabasebenzisi namathuluzi okuzivikela. Phakathi kwalezi zinsongo okuthiwa "i-malware engabonakali," isethi yamasu inhloso yawo ilula: fihla obala futhi ufihle amathrekhi abo ukuze uhlale usebenza isikhathi eside ngangokunokwenzeka.
Kude nokuba indaba eqanjiwe yesayensi, sikhuluma ngezindlela esezisakazwa kakade: kusuka ama-rootkits ahlangana ohlelweni kuze kube Ama-Trojans eselula ekwazi ukuzenza izikrini zasebhange noma ukuhlola ngaphandle kokuthi sithinte noma yini. Futhi yebo, zikhona futhi ukuhlasela ngokuchofoza iqanda kanye nezimo ezimbi kakhulu ku-firmware esinda ekufakweni kabusha kwe-OS.
Sisho ukuthini ngokuthi “i-malware engabonakali”?
Uma sikhuluma "ngokungabonakali," akukhona ukuthi ikhodi ayikwazi ukubonwa ngokoqobo, kodwa lokho kusetshenziswa izindlela zokufihla okuhloswe ngayo ukufihla izinguquko nemisebenzi yohlelo olungayilungele ikhompuyutha ohlelweni oluthelelekile. Le ncazelo ihlanganisa, isibonelo, ama-rootkit, ekhohlisa isistimu ukuze ifihle amafayela, izinqubo, okhiye bokubhalisa noma ukuxhumana.
Empeleni, lezi zinhlobo zingakwazi thatha imisebenzi yesistimu kanye nokululaza ukusebenza ngaphandle kokuphakamisa izinsolo. Noma ngabe i-antivirus ithola ukuziphatha okuxakile, izindlela zokungabonakali ziyakuvumela gwema noma hlehlisa ukutholwa, ngokwesibonelo, ngokusuka kude nefayela elingcolisiwe, ukulihlanganisela kwenye idrayivu, noma ukufihla usayizi wamafayela kushintshiwe. Konke lokhu kwenza kube nzima ukusebenza kwe- izinjini zokubona kanye nokuhlaziywa kwe-forensic.
Lingena kanjani futhi licasha kanjani
“Igciwane elingabonakali,” noma, kabanzi, uhlelo olungayilungele ikhompuyutha elisebenzisa amasu obuqili, lingafika ngezindlela eziningana: okunamathiselwe okunonya kuma-imeyili, okulandwayo okuvela kumawebhusayithi angabazisayo, isoftware akuqinisekisiwe, izinhlelo zokusebenza eziwumgunyathi ezibonakala njengezinsiza ezidumile noma ukufakwa ngokusebenzisa izixhumanisi ezinkundleni zokuxhumana kanye nemiyalezo.
Uma esengaphakathi, isu lakhe licacile: phikelela engabonakaliOkunye okuhlukile "kuyasusa" kufayela elinegciwane lapho basolwa ukuskena, bazikopishele kwenye indawo bese beshiya a esikhundleni esihlanzekile ukugwema ukuphakamisa izexwayiso. Abanye bafihla imethadatha, osayizi bamafayela, nokufakiwe kwesistimu, okwenza ukuphila kube nzima izinjini zokubona kanye ukubuyiselwa kwefayela ngemva kokutheleleka.
I-Rootkits: incazelo, izingozi, kanye nokusetshenziswa okungenzeka kube semthethweni
Emsuka wayo ezindaweni I-UNIX, i-rootkit yayiyisethi yamathuluzi avela kusistimu ngokwayo (njenge ps, netstat noma passwd) kushintshwe umhlaseli waba gcina ukufinyelela kwezimpande ngaphandle kokutholwaIgama elithi "impande," i-superuser, livela kuyo. Namuhla, ku-Windows nakwezinye izinhlelo, umqondo usafana: izinhlelo eziklanyelwe ukufihla izakhi (amafayela, izinqubo, okhiye bokubhalisa, inkumbulo ngisho nokuxhumana) ohlelweni lokusebenza noma izinhlelo zokusebenza zokuphepha.
Ukusetshenziswa kobuchwepheshe be-stealth, ngokwako, akulona unya ngokwemvelo. Ingasetshenziselwa izinhloso ezisemthethweni ezifana ukuqapha kwenkampani, ukuvikela impahla esunguliwe, noma ukuvikela iphutha lomsebenzisi. Inkinga ivela uma la makhono esetshenziswa kuwo vala uhlelo olungayilungele ikhompuyutha, i-backdoors, nemisebenzi yobugebengu, ukuhambisana nokuguquguquka kwamanje kobugebengu bamakhompuyutha, obufuna ukwandisa isikhathi esiphezulu ngaphandle kokudonsa ukunaka.
Ungawathola kanjani futhi unciphise ama-rootkits
Ayikho inqubo eyodwa engenaphutha, ngakho-ke isu elihle kakhulu hlanganisa izindlela kanye namathuluzi. Izindlela zakudala nezithuthukisiwe zifaka:
- Ukutholwa kwesiginesha: Ukuskena nokuqhathanisa ngokumelene nekhathalogi eyaziwayo yohlelo olungayilungele ikhompuyutha. Isebenza ngempumelelo okuhlukile osekufakwe kukhathalogi, ngaphandle kokungashicilelwe.
- I-Heuristic noma isuselwa ekuziphatheni: ikhomba ukuchezuka emsebenzini ojwayelekile yohlelo, luwusizo ekutholeni imindeni emisha noma eguquliwe.
- Ukutholwa ngokuqhathanisa: iqhathanisa lokho okubikwa yisistimu nokufunda kukho izinga eliphansi; uma kukhona ukungahambisani, ukufihla kuyasolwa.
- Ubuqotho: Ihlola amafayela nememori ngokumelene ne-a isimo senkomba esithembekile (isisekelo) ukukhombisa izinguquko.
Ezingeni lokuvimbela, kuyalulekwa ukuthi kusetshenziswe a i-antimalware enhle iyasebenza futhi ibuyekeziwe, sebenzisa izindonga zomlilo, gcina amasistimu nezinhlelo zokusebenza zisesikhathini samanje namapheshana, futhi ukhawule amalungelo. Ngezinye izikhathi, ukuze kutholwe izifo ezithile, kuyanconywa qalisa kumidiya yangaphandle futhi siskena “ngaphandle” lesi simiso esisengozini, nakuba ngisho nangaleso sikhathi eminye imikhaya ikwazi lokho hlanganisa kabusha kwamanye amafayela esistimu.
Amacala amabili ohlelo olungayilungele ikhompuyutha olungabonakali: i-XWorm ne-NotDoor
Lezi kungaba izinsongo eziyingozi kakhulu ezingabonakali zohlelo olungayilungele ikhompuyutha okwamanje. Ukuze wazi ukuthi ungazivikela kanjani kuzo, kungcono ukuziqonda kahle:
I-XWorm
I-XWorm Uhlelo olungayilungele ikhompuyutha olwaziwayo olusanda kuvela ngendlela eshaqisayo ngokusebenzisa amagama amafayela asebenzisekayo abukeka esemthethweni. Lokhu kuvumela ukuthi sizifihle njengohlelo lokusebenza olungenabungozi, ukuthola ukwethenjwa kokubili abasebenzisi namasistimu.
Ukuhlasela kuqala ngo-a ifayela le-.lnk elifihliwe Ivamise ukusatshalaliswa ngemikhankaso yobugebengu bokweba imininingwane ebucayi, yenze imiyalo engalungile ye-PowerShell, ilande ifayela lombhalo kuhla lwemibhalo lwesikhashana lwesistimu, bese yethula okusebenzisekayo okungelona iqiniso okubizwa ngokuthi i-discord.exe kusuka kuseva ekude.
Uma isingenile ku-PC yethu, i-XWorm ingakwazi yenza zonke izinhlobo zemiyalo ekude, kusuka ekulandisweni kwamafayela kanye ne-URL iqondise kabusha ekuhlaselweni kwe-DDoS.
NotDoor
Esinye sezinsongo eziyingozi kakhulu ezingabonakali ze-malware okwamanje NotDoorInhloso yaleli gciwane eliyinkimbinkimbi elakhiwe ngabaduni baseRussia yi Abasebenzisi be-Outlook, abantshontsha kuye idatha eyimfihlo. Kungase futhi kuthathe ukulawula okuphelele kwezinhlelo ezisengozini. Ukuthuthukiswa kwayo kudalwe yi-APT28, iqembu elaziwayo le-cyberespionage laseRussia.
I-NotDoor yaziwa ukuthi iyini i-malware efihliwe ebhalwe ku-Visual Basic for Applications (VBA), ekwazi ukuqapha ama-imeyili angenayo amagama angukhiye athile. Isebenzisa amandla ohlelo ukuze isebenze ngokwalo. Ibe isidala uhla lwemibhalo olufihliwe ukuze lugcine amafayela esikhashana alawulwa umhlaseli.
Izindlela ezingcono kakhulu zokuzivikela (nokuthi wenzenjani uma usuvele uthelelekile)
Ukuzivikela okuphumelelayo kuhlanganisa imikhuba nobuchwepheshe. Ngaphandle "komqondo ojwayelekile," udinga izinqubo namathuluzi ezinciphisa ubungozi bangempela ku-PC nakuselula:
- Faka izinhlelo zokusebenza ezivela emithonjeni esemthethweni kuphela futhi uhlole unjiniyela, izimvume, namazwana. Qaphela izixhumanisi emilayezweni, ezinkundleni zokuxhumana, noma kumawebhusayithi angaziwa.
- Sebenzisa izixazululo ezithembekile zokuphepha kumakhalekhukhwini kanye ne-PC; ababoni izinhlelo zokusebenza ezinonya kuphela, futhi bayakwazisa ukuziphatha okusolisayo.
- Gcina konke kusesikhathini: isistimu, isiphequluli, nezinhlelo zokusebenza. Amapheshana asikiwe izindlela zokuxhashazwa ethandwa kakhulu phakathi kwabahlaseli.
- Sebenzisa ukuqinisekiswa kwezinyathelo ezimbili emabhange, ngeposi, nasezinsizeni ezibucayi. Akuyona into engenaphutha, kodwa yengeza a isithiyo esengeziwe.
- Gada izimvume zokufinyeleleka nezaziso; uma insiza elula icela ukulawula okugcwele, Kukhona okungahambi kahle.
- Qala kabusha noma vala iselula yakho ngezikhathi ezithile; ukuvala shaqa kwamasonto onke kungaqeda ukufakwa kwenkumbulo futhi kwenza ukuphikelela kube nzima.
- Yenza kusebenze futhi ulungiselele i-firewall, futhi ikhawulela ukusetshenziswa kwama-akhawunti anezimvume zomlawuli ngaphandle uma kunesidingo.
Uma usola ubukhona bokutheleleka okungabonakali kohlelo olungayilungele ikhompuyutha (iselula ehamba kancane, ukushisa okungenasizathu, ukuqalisa kabusha okungajwayelekile, izinhlelo zokusebenza ongazikhumbuli zizifaka noma ukuziphatha okungavamile): susa izinhlelo zokusebenza ezisolisayo, qala iselula ngemodi ephephile bese udlula iskena esigcwele, shintsha amagama ayimfihlo ukusuka enye idivayisi, yazise ibhange lakho kanye nenani a ukusetha kabusha kwasefekthri Uma izimpawu ziqhubeka, cabanga ukubhutha imidiya yangaphandle ku-PC ukuze uskene ngaphandle kokulawula uhlelo olungayilungele ikhompuyutha.
Khumbula ukuthi uhlelo olungayilungele ikhompuyutha olungabonakali ludlala ngesigqi sethu: shintsha umsindo omncane ngeziteleka zokuhlinzwa. Akulona usongo abstract, kodwa ikhathalogi of amasu okufihla enika amandla konke okunye: iTrojan yasebhange, i-spyware, ukwebiwa komazisi, noma ukuphikelela kwe-firmware. Uma uqinisa imikhuba yakho futhi ukhetha amathuluzi akho kahle, uzoba isinyathelo esisodwa phambili lokungabonwayo.
Umhleli okhethekile kwezobuchwepheshe kanye nezindaba ze-inthanethi onolwazi olungaphezu kweminyaka eyishumi kumidiya ehlukene yedijithali. Ngisebenze njengomhleli kanye nomdali wokuqukethwe kwe-e-commerce, ukuxhumana, ukumaketha ku-inthanethi kanye nezinkampani zokukhangisa. Ngike ngabhala kumawebhusayithi ezomnotho, ezezimali neminye imikhakha. Umsebenzi wami nawo uwuthando lwami. Manje, ngokusebenzisa izihloko zami ku Tecnobits, ngizama ukuhlola zonke izindaba namathuba amasha izwe lobuchwepheshe elisinikeza lona nsuku zonke ukuze sithuthukise izimpilo zethu.