📱 2022-03-30 05:09:15 - Paris/France.
Uphando olwenziwe yi-cybersecurity firm i-ESET ifumanise “inkqubo ephucukileyo” esasaza iinkqubo zeTrojan eziguqulwe njengezipaji ze-cryptocurrency ezidumileyo.
Iskimu esikhohlakeleyo sijolise kwizixhobo eziphathwayo ezisebenzisa i-Android okanye i-Apple (iOS) iisistim ezithi zichaphazeleke xa umsebenzisi ekhuphela isicelo somgunyathi.
Ngokutsho kophando lwe-ESET, ezi zixhobo ezinobungozi zisasazwa kwiiwebhusayithi zobuxoki kwaye zixelisa i-crypto wallets esemthethweni, kuquka i-MetaMask, i-Coinbase, i-Trust Wallet, i-TokenPocket, i-Bitpie, i-imToken, kunye ne-OneKey.
Ifemu iphinde yafumanisa izicelo ezinobungozi ezili-13 ezizenza isipaji seJaxx Liberty, esifumaneka kuGoogle Play Store. UGoogle uselususile usetyenziso olukhubekisayo, olufakwe ngaphezulu kwamaxesha ali-1, kodwa kusekho ezininzi ezincame kwezinye iiwebhusayithi kunye namaqonga eendaba ezentlalo.
Abadlali bezoyikiso basasaza izinto zabo ngokusebenzisa amaqela eendaba ezentlalo kwi-Facebook kunye neTelegram, enenjongo yokuba i-crypto assets kumaxhoba abo. I-ESET ithi ifumene "izicelo ezininzi ze-wallet ye-cryptocurrency ye-Trojanized," eyaqala ngoMeyi 2021. Iphinde yathi inkqubo, ethi iyinkqubo yeqela elinye, ijolise ikakhulu kubasebenzisi baseTshayina ngokusebenzisa iiwebhusayithi zaseTshayina.
U-Lukáš Štefanko, umphandi oye watyhila isikimu, wathi kukho ezinye izinto ezisongelayo, ezifana nokuthumela amabinzana embewu kumncedisi womhlaseli usebenzisa uxhulumaniso olungakhuselekanga, wongeza:
“Oku kuthetha ukuba iimali zamaxhoba zinokubiwa hayi kuphela ngumsebenzisi wale nkqubo, kodwa nangomnye umhlaseli ophulaphule kwakulo nethiwekhi. »
Ii-apps zesipaji zomgunyathi ziziphatha ngokwahlukileyo ngokuxhomekeke apho zifakwe khona. Kwi-Android, ijolise kwi-cryptocurrency entsha anokuthi umsebenzisi angayithengisanga ngaphambili, ekhuthaza umsebenzisi ukuba afake i-wallet efanelekileyo. Kwi-iOS, usetyenziso kufuneka lukhutshelwe kusetyenziswa izatifikethi zokusayina zekhowudi ezithembekileyo ngokudlula iApple App Store. Oku kuthetha ukuba umsebenzisi unokuba nezipaji ezimbini ezifakwe ngaxeshanye, eyona yokwenyani kunye neTrojan, kodwa ibeka isoyikiso esingaphantsi kuba uninzi lwabasebenzisi luxhomekeke ekuqinisekiseni iSitolo seApp kwiiapps zabo.
Idibeneyo: Zilumkele iiHodler! I-malware entsha ijolise kwi-MetaMask kunye nezinye i-40 wallets ye-crypto
I-ESET icebisa abatyali-mali kunye nabarhwebi be-cryptocurrency ukuba bafakele kuphela izipaji ezivela kwimithombo ethembekileyo eqhagamshelwe kwiwebhusayithi esemthethweni yotshintshiselwano okanye inkampani.
NgoFebruwari, iLifu likaGoogle lityhile inkqubo yeVirtual Machine Threat Detection (VMTD), ejonga kwaye ibone "i-cryptojacking" i-malware eyilelwe ukuqweqwedisa izixhobo zokumba asethi yedijithali.
Ngokutsho kwengxelo ye-Chainalysis ukususela ngoJanuwari, i-cryptojacking ibalwa kwi-73% yexabiso elipheleleyo elifunyenwe yi-wallet ehambelana ne-malware kunye needilesi phakathi kwe-2017 kunye ne-2021.
SOURCE: Uphonononga Iindaba
Ungalibazisi ukwabelana ngenqaku lethu kwiinethiwekhi zentlalo ukusinika ukomelela okuqinileyo. 📱