✔️ 2022-09-05 07:00:03 - Paris/France.
Inguqulelo entsha ehlaziywayo ye-malware-targeting banking kunye ne-crypto app kutshanje iphinde yavela kwiVenkile kaGoogle Play, ngoku inamandla okuba iikuki kwii-akhawunti zokungena kunye nokudlula iminwe okanye iimfuno zephasiwedi.
Isilumkiso malunga nenguqu entsha ye-malware yabelwa ngumhlalutyi we-malware u-Alberto Segura kunye nokuhlaziywa kwe-intelligence umhlalutyi uMike Stokkel kwi-akhawunti ye-Twitter ngoSeptemba 2, ukwabelana ngenqaku labo elibhaliweyo kwiFox IT blog.
Sifumene inguqulelo entsha ye #SharkbotDropper kuGoogle Play esetyenziselwa ukukhuphela kunye nokufaka #Sharkbot! Iidropha ezifunyenweyo zisetyenziswe kwiphulo elijolise kwi-UK kunye ne-IT! Umsebenzi omhle @Mike_stokkel! https://t.co/uXt7qgcCXb
– Alberto Segura (@alberto__segura) ngoSeptemba 2, 2022
Ngokutsho kweSegura, inguqulelo entsha ye-malware yafunyanwa ngo-Agasti 22 kwaye "inokwenza ukuhlaselwa kwe-overlay, intshontshe idatha nge-keylogging, ibambe imiyalezo ye-SMS, okanye inike abahlaseli ulawulo olukude olukude lwesixhobo sokusingatha ngokusebenzisa kakubi iinkonzo zokufikeleleka. ”
Inguqulelo entsha ye-malware ifunyenwe kwii-apps ezimbini ze-Android - "Umnumzana we-Phone Cleaner" kunye ne "Kylhavy Mobile Security", eziye zaqokelela i-50 kunye ne-000 yokukhuphela ngokulandelanayo.
Zombini ii-apps ekuqaleni zakwazi ukuyenza kwiVenkile yePlay ngenxa yokuba uphononongo lwekhowudi lukaGoogle oluzenzekelayo alukhange lubone nayiphi na ikhowudi engalunganga, nangona sele isusiwe evenkileni.
Abanye abakhi-mkhanyo bacebisa ukuba abasebenzisi abafakele ii-apps basenokuba basemngciphekweni kwaye kufuneka bazisuse ngesandla usetyenziso.
Uhlalutyo olunzulu yinkampani yokhuseleko yase-Italiya i-Cleafy ibonise ukuba iithagethi ezingama-22 zichongiwe yi-SharkBot, equka utshintshiselwano lwe-cryptocurrency ezintlanu kunye nenani leebhanki zamazwe ngamazwe e-US, e-UK nase-Italy.
Ngokuphathelele indlela yohlaselo lwe-malware, inguqulelo yangaphambili ye-malware ye-SharkBot "ixhomekeke kwiimvume zokufikeleleka ukugqiba ngokuzenzekelayo ukufakela i-SharkBot dropper malware."
Kodwa le nguqulo intsha yahlukile kuba "icela ixhoba ukuba lifake i-malware njengohlaziyo olungeyonyani ukugcina i-antivirus ikhuselwe kwizisongelo."
Nje ukuba ifakelwe, ukuba ixhoba lingena kwiakhawunti yalo yebhanki okanye ye-crypto, iSharkBot iyakwazi ukubuyisela icookie yeseshoni yayo esebenzayo ngomyalelo we "logsCookie", ogqitha naluphi na ushicilelo lweminwe okanye iindlela zokuqinisekisa ezisetyenzisiweyo.
Inika umdla!
I-malware ye-Sharkbot Android ibeka ngaphezulu "ukungena ngeminwe yakho" iingxoxo ukuze abasebenzisi banyanzeliswe ukuba bafake igama lomsebenzisi kunye negama lokugqitha.
(ngokutsho @foxit blog) pic.twitter.com/fmEfM5h8Gu– Łukasz (@maldr0id) nge-3 kaSeptemba 2022
Inguqulelo yokuqala ye-malware ye-SharkBot yafunyanwa okokuqala nguCleafy ngo-Okthobha wama-2021.
Eyeleleneyo: I-app yeToliki kaGoogle yomgunyathi ifakela i-crypto miner kwiiPC eziyi-112
Ngokohlalutyo lokuqala lukaCleafy lweSharkBot, eyona njongo iphambili kaSharkBot “yayikukuqalisa udluliselo lwemali kwizixhobo ezisengozini kusetyenziswa ubuchule beAutomatic Transfer Systems (ATS) ngokugqitha kwiindlela zokuqinisekisa ngezinto ezininzi.” .
SOURCE: Uphonononga Iindaba
Ungalibazisi ukwabelana ngenqaku lethu kwiinethiwekhi zentlalo ukusinika ukomelela okuqinileyo. 🤟