Avast wuxuu daaha ka qaaday khatarta sare ee ransomware iyo weerarrada Trojan ee RAT

LA avast sii daayay kiisii Warbixinta Hanjabaadda Q2021 XNUMX. Muddadan, Avast Threat Shaybaadhka ayaa arkay khatarta sii kordheysa ee shirkadaha iyo isticmaalayaasha in la weeraro Afduubka xogta y Trojans-ka fog ee gelitaanka fog (RATs). RAT-yadu waxay awood u leeyihiin in loo isticmaalo basaasnimada warshadaha, xatooyada aqoonsiga, dabagalka, iyo xataa weerarada diidmada adeegga (DDoS). Culimadu waxay sidoo kale arkeen hal-abuur cusub oo ku saabsan dembiyada internetka ee weligood sii kordhaya, oo leh habab cusub oo ay adeegsadaan xirmooyinka ka faa'iidaysiga iyo Trojan-ka bangiyada. flubot qalab mobile smart.

Ransomware iyo RAT-yada khatarta geliya shirkadaha

Horraantii rubucii ugu dambeeyay ee 2021, meeraha waxa uu goob joog ka ahaa weerar ballaaran oo silsilad sahay ah oo ka dhan ah iibiyaha software maamulka IT: kasey, iyo macaamiisheeda adeeg, oo wata ransomware Sodinokibi/REvil. Avast Threat Labs ayaa aqoonsaday oo xannibay weerarkan si fiican 2.400 dhibcood final. Ka dib ku lug lahaanshaha siyaasadeed ka dib, hawl wadeenada ransomware waxay sii daayeen furaha furaha iyo kaabayaasha Sodinokibi hoos ayay u dhaceen, iyada oo aan wax kala duwanaansho ah lahayn wareegga ilaa Sebtembar 9, wakhtigaas oo Avast ka digay oo xannibay kala duwanaansho gaar ah. Guud ahaan, rubucii ugu dambeeyay ee sanadkan, Avast Threat Labs waxa uu arkay heerka khatarta weerarrada madaxfurasho oo cirka isku shareeray. 5%marka la barbar dhigo muddada saddexda bilood ee labaad iyo ilaa 22% marka loo eego muddada saddexda bilood ee ugu horreysa ee 2021.

RAT-yadu waxay sidoo kale khatar ku ahaayeen shirkadaha iyo isticmaalayaasha, iyagoo noqday kuwo aad u baahsan rubucii ugu dambeeyay marka loo eego rubucii hore. Avast waxay aqoonsatay saddex nooc oo cusub oo RAT ah, kuwaas oo ku dhex jira jiir dilaa ah - xubno leh anti-VM, VBA RATkaas oo qarxiya albaabka amni darada ee Internet Explorer CVE-2021-26411 -, iyo version gaar ah roga RAT oo leh lambarka ururinta 2.0, kaas oo ku daray dabin sawireedka webcam, xatooyada faylka, iyo sifooyinka lidka ku ah AV.

"RAT-yadu waxay awood u leeyihiin inay khatar koowaad ku noqdaan shirkadaha, maadaama ay awood u leeyihiin in loo isticmaalo basaasnimada warshadaha," ayuu yidhi Jakub Kroustek, maamulaha cilmi-baarista malware ee Avast. Si kastaba ha ahaatee, RATs ayaa wali awood u leh in loo isticmaalo dadka isticmaala, tusaale ahaan, si ay u xadaan aqoonsigooda, ku daraan kombuyuutarkooda botnet ee weerarrada DDoS, iyo nasiib daro cagajuglaynta internetka, taas oo keeni karta dhaawac weyn oo gaar ah iyo amniga. maaddo”.

Kordhinta qaybinta rootkit-yada, ikhtiraacida xirmooyinka ka faa'iidaysiga iyo tredans bangiyada ee qalab mobile smarts

Avast Threat Shaybaadhka ayaa sidoo kale arkay horumar la taaban karo oo ku saabsan dhaqdhaqaaqa khatarta ah. rootkit Dhammaadkii rubucii ugu dambeeyay, kaas oo ka mid ahaa kororkii firfircoonida ee muddada saddexda bilood ah. Rootkit waa barnaamij xaasidnimo ah oo la sameeyay si loogu ogolaado marin-u-helka dembiilayaasha internetka oo leh oggolaansho nidaam aad u sarreeya. Rootkits inta badan waxay siiyan adeegyo malware-ka kale ee qaabka isticmaalaha.

Qayb kale oo ka mid ah software-ka xaasidnimada leh ee u muuqda inuu dib u soo laabanayo waa Exploit Kits, oo leh hal-abuuro muuqda oo weeraraya ammaan-darrada Google iyo Google chrome. Xirmada ka faa'iidaysiga ee aad u firfircoon ayaa ahayd FoxPurple, kaas oo Avast uu ka ilaaliyo, celcelis ahaan, in ka badan 6.000 oo qof maalin kasta. Rig iyo Magnitude ayaa sidoo kale xukumayay dhammaan muddada saddexda bilood ah. Xirmada ka faa'iidaysiga Underminer ayaa hurdada ka kacday ka dib muddo dheer oo aan firfircoonayn oo bilaabay inay faa'iido u yeelato HiddenBee iyo Amadey waqti ka waqti. Xirmooyinka ka faa'iidaysiga qaarkood, gaar ahaan PurpleFox iyo Magnitude, ayaa ku socda dib u habayn weyn, iyagoo si joogto ah u helaya astaamo cusub iyo awoodo ka faa'iidaysi.

Avast Threat Shaybaadhka ayaa sidoo kale kormeeray tabaha cusub ee shaashadaha moobilka ee smart, oo ay la socdaan flubot - Hanjabaadda fariinta qoraalka bangiga ee Android - iyada oo diiradda saareysa injineernimada caanka ah. Jakub Kroustek wuxuu iftiimiyay: "FluBot-kii ugu horreeyay ayaa faafay, isaga oo iska dhigaya adeeg qaybin si loogu dhiirrigeliyo dhibbanayaasha si ay u soo dejiyaan "app raadraaca" badeecadaha ay dhawaan lumiyeen ama ay tahay inay sugaan in la keeno. Saddexdii bilood ee u dambeeyay, Avast waxay aragtay heerar cusub oo faafitaanka malware-kan. Kiis muunad ah ayaa iska dhigaya duubayaasha codka. Kuwo kale waa ku dhawaaqida beenta ah ee sawiro shaqsiyeed oo soo bixi lahaa. Kala duwanaanshahan aadka u daran ayaa weli dhibbanaha ku soo jiidi doona bog been abuur ah, iyaga oo ku andacoonaya in dhibbanaha uu hadda ku dhacay FluBot, wakhti ay u badan tahay in aanay weli helin, oo ay ku khiyaaneeyeen inay ku rakibaan "daaw" cudurka "cudurrada" " " Tani "daawaynta" waxay noqon doontaa FluBot malware-kayaga si kastaba."

hargabkaBOT waxa ay sii ballaadhintay halkii ay markii hore diiradda saartay Yurub saddexdii bilood ee labaad (Spain, Italy, Germany) si ay markaas u gaadho Yurub inteeda kale iyo dalalka kale sida Australia iyo New Zealand.

Si aad u hesho macluumaad badan oo sifayn ah, booqo warbixinta dhammaatay.

Tommy Banks
Waan ku farxi doonaa inaan maqalno waxaad u malaynayso

jawaab ka tag

TechnoBreak | Soo jeedinta iyo dib u eegis
Logo
Ku xooji isqorista goobaha - guud ahaan
Gaadiidka iibka