Michal Marek Nooca ransomware-ka shaqeeya ee "virus" ayaa ku yimid Mac markii ugu horeysay abid. Caabuqani wuxuu u shaqeeyaa isagoo sir siinaya xogta isticmaalaha, isticmaaluhuna waa inuu bixiyaa "madaxfurasho" kuwa soo weeraray si ay xogtooda dib ugu helaan. Lacag bixinta waxaa badanaa lagu sameeyaa bitcoins, kuwaas oo dammaanad u ah inaan la ogaan karin kuwa weeraray. Isha caabuqu waxay ahayd macmiil il furan oo shabakada bittorrent ah Gudbinta nooca 2.90.
Xaqiiqda aan fiicnayn ayaa ah in gabal kood xaasidnimo ah loo yaqaan OSX.KeRanger.A si toos ah u galay xirmada rakibaadda rasmiga ah. Sidaa darteed rakibayuhu wuxuu lahaa shahaado horumariye oo saxeexan oo uu sidaas ku maareeyay Gatekeeper, nidaamka kale ee lagu kalsoonaan karo ee ilaalinta OS X.
Intaa ka dib, ma jiraan wax ka hor istaagi kara abuurista faylalka lagama maarmaanka ah, xidhitaanka faylalka isticmaalaha, iyo samaynta xidhiidhka ka dhexeeya kombiyuutarka cudurka qaba iyo server-yada weerarka iyada oo loo marayo shabakadda Tor. Isticmaalayaasha ayaa sidoo kale loo wareejiyay Tor si ay u bixiyaan lacag hal bitcoin ah si ay u furaan faylasha, iyadoo hal bitcoin uu hadda qiimihiisu yahay $400.
Way wanaagsan tahay in la sheego, si kastaba ha ahaatee, xogta isticmaalaha waa la sir ah ilaa saddex maalmood ka dib marka la rakibo xirmada. Ilaa iyo markaas, ma jirto calaamad muujinaysa jiritaanka fayras waxaana lagu ogaan karaa oo keliya Kormeeraha Hawlaha, halkaas oo habka lagu calaamadiyay "adeegga kernel" uu socdo haddii caabuqa. Si aad u ogaato malware-ka, sidoo kale ka raadi faylasha soo socda Mac kaaga (haddii aad hesho, Mac-gaagu waxa ay u badan tahay in uu cudurka qaaday):
/Applications/Transmission.app/Contents/Resources/General.rtf
/Volumes/Transmission/Transmission.app/Contents/Resources/General.rtf
Falcelinta Apple ma qaadan waqti dheer oo shahaadada horumariyaha ayaa mar hore la buriyay. Markaa marka isticmaaluhu uu hadda rabo inuu socodsiiyo rakibaha cudurka qaba, si adag ayaa looga digayaa khatarta suurtagalka ah. Nidaamka ka hortagga XProtect sidoo kale waa la cusboonaysiiyay. Wuxuu sidoo kale ka jawaabay hanjabaadda Mareegta gudbinta, halkaasoo digniin la soo dhejiyay oo ku saabsan baahida loo qabo in la cusboonaysiiyo macmiilka torrent nooca 2.92, kaas oo hagaajiya dhibaatada kana saaraya malware-ka OS X. Si kastaba ha ahaatee, rakibaha xaasidnimada leh ayaa weli la heli karaa ku dhawaad 48 saacadood, laga bilaabo Maarso 4 ilaa 5.
Isticmaalayaasha u maleeyay in ay xaliyaan dhibaatadan iyaga oo dib u soo celinaya xogta iyada oo loo marayo Machine Time, warka xun ayaa ah xaqiiqda ah in KeRanger, sida ransomware-ka loo yaqaan, uu sidoo kale weeraro faylasha la taageeray. Taas marka la yiraahdo, isticmaalayaasha rakibay rakibaha dembiilayaasha waa in lagu keydiyaa iyadoo la rakibayo noocii ugu dambeeyay ee Gudbinta ka website-ka mashruuca.
Kuwa ku cusboonaysiiyay codsiga ilaa 2.90 khatar kuma jiraan...
Kuwa ku nuuga durdurrada wax kale ma mudan yihiin waxaan madaxfurasho ahayn...
waayahay
Haddana xukunkii doqonka ahaa dharbaaxo:(
Ma u malaynaysay in borotokoolka torrent la isticmaali karo oo weliba loo isticmaalo qaybinta sw?
Hmmm, marka aan soo dejiyo qaybinta Linux, waxaa ugu wanaagsan Torrent, oo ah waxa borotokoolka la bixiyay markii hore loo sameeyay, xaqiiqda ah in lagu xadgudbay waa arrin kale.