- Ama-Trojans e-Android azifihla njengezinsizakalo noma izinhlelo zokusebenza ezisemthethweni ukuze antshontshe idatha, imali, futhi alawule idivayisi ngokufinyeleleka kanye nezinye izimvume ezibalulekile.
- Imindeni efana ne-Android.Phantom, Triada, RatOn, BRATA, kanye ne-Joker isebenzisa imidlalo eguquliwe, i-firmware exubile, kanye nezinhlelo zokusebenza mbumbulu zasebhange ukuze zithelele omakhalekhukhwini ngobuningi.
- Ukusetshenziswa kwebhethri nedatha okungavamile, izinhlelo zokusebenza ezingaziwa, izindleko zeprimiyamu, kanye nokushisa ngokweqile kuyizimpawu ezivamile zokutheleleka nge-malware ku-Android.
- Landa kuphela emithonjeni esemthethweni, hlola izimvume, ubuyekeze uhlelo, bese usebenzisa uhlelo lokusebenza lokuphepha oluthembekile kunciphisa kakhulu ingozi yokuwela kula maTrojans.
I-Los AmaTrojans e-Android ezizenza izinsizakalo ezisemthethweni Sebeyinye yezinsongo ezinkulu kakhulu kunoma ubani osebenzisa ifoni ephathekayo ukuxoxa, ukudlala imidlalo, ukuthenga, noma ukuphatha ama-akhawunti akhe asebhange. Asikhulumi nje ngama-virus acasulayo abonisa izikhangiso, kodwa sikhuluma ngemindeni ethuthukile kakhulu ye-malware ekwaziyo lawula idivayisi ukude, webe imali, uhlole izingxoxo, futhi usule ngisho nocingo. ukungashiyi mkhondo.
Eminyakeni yamuva nje, kuye kwatholakala imikhankaso eyahlukahlukene esebenzisa izinhlelo zokusebenza mbumbulu, i-firmware eguquliwe, imidlalo eguquliwe, noma izinguqulo eziphangiwe zezinhlelo zokusebenza ezidumile Ukuze uthole lezi zinhlobo zamaTrojan: i-Android.Phantom, i-Triada, i-BRATA, i-RatOn, i-Joker, kanye nezinhlobo zamaTrojan asebhange asebenzisa izinsizakalo zokufinyelela. Zonke zifana ngento eyodwa: Bazifihla njengento ebonakala ingenangozi ukuze umsebenzisi ehlise ukuqapha futhi amnike izimvume ezibalulekile ezivula umnyango wesistimu yonke. Ukuze kutholakale ukuyekethisa okujulile njenge-firmware ephazamisekile, kunconywa amathuluzi akhethekile (Sebenzisa i-MVT ukuthola ukuthi i-Android yakho igetshengiwe yini).
Iyini i-Android Trojan futhi kungani iyingozi kangaka?
Ihhashi iTroy, noma Ihhashi leTrojan ku-AndroidIhhashi leTrojan uhlobo lwe-malware oluzifihla njengohlelo lokusebenza noma ifayela eliwusizo ukuze lukhohlise umsebenzisi ukuthi alifake ngokuzithandela. Ngokungafani nezinye izinhlobo ze-malware, ihhashi leTrojan alivamile ukusabalala lodwa; sebenzisa ukwethenjwa komsebenzisi kuhlelo lokusebenza, umdlalo, isixhumanisi, noma isevisi okucatshangwa ukuthi izongena ohlelweni.
Ku-Android, la maTrojan angazenza sengathi izinhlelo zokusebenza zasebhange, amathuluzi okukhiqiza, izidlali zemidiya, imidlalo, izinhlelo zokusebenza zemiyalezo, noma ngisho nezibuyekezo zesistimuUma usungaphakathi, umgomo uvame ukuba ukweba iziqinisekiso, idatha yezezimali, amakhodi okuqinisekisa nge-SMS, noma ukuntshontsha ama-akhawunti ezinkundla zokuxhumana. ukuthumela ugaxekile noma ukusebenzisa ifoni yakho ephathekayo njengengxenye yenethiwekhi yedivayisi esengozini.
Ukuze kufezwe lokhu, eziningi zalezi zinhlelo ze-malware zisebenzisa kabi i- Izinsiza Zokufinyeleleka ze-Android, isici esenzelwe ukusiza abantu abanobunzima bokubona noma bokuhamba, kodwa futhi esivumela umhlaseli ukuthi afunde okusesikrinini, acindezele izinkinobho ezingokoqobo, azinike izimvume ezintsha futhi afake nezinye izinhlelo zokusebenza ngaphandle kokuthi umsebenzisi angenelele.
Ngaphezu kwalokho, amaTrojan anamuhla avame ukufaka amamojula engeziwe angakwazi Shintsha izixhumanisi zesiphequluli, vimba izaziso, uqophe isikrini, wenze kusebenze iseva yommeleli yangemuva, noma ukopishe idatha ye-NFC ukwenza ukukhwabanisa okuthuthukile. Umphumela uba ukuthi ifoni yakho ephathekayo ingagcina isiyithuluzi nje elisezandleni zezigebengu ze-inthanethi.
I-Android.Phantom: iTrojan esebenzisa ukufunda komshini futhi icasha emidlalweni nakuma-mods
Omunye wemindeni yakamuva ehlaba umxhwele kakhulu I-Android.PhantomKutholwe abacwaningi elabhorethri yezokuphepha kwe-cybersecurity Doctor Web. Le Trojan isatshalaliswa kakhulu ngokusebenzisa Imidlalo nezinhlelo zokusebenza ezidumile eziguquliwefuthi ivelele ngoba ihlanganisa amasu ukufunda ngomshini ukuze benze imisebenzi yabo enonya ibe ngokuzenzakalela.
I-Android.Phantom ingasebenza ngezindlela ezimbili ezahlukene, ezisebenza ngokwemiyalo yomyalo okude kanye neseva yokulawula: imodi yesipoki y imodi yokusayinaNgenxa yalezi ziphrofayili ezimbili zokusebenza, i-malware iyakwazi ukudala ukukhwabanisa kokukhangisa nokusebenzisa idivayisi ethelelekile emisebenzini engathi sína kakhulu, njengokuthi ukuhlaselwa kokunqatshelwa kwenkonzo okusabalalisiwe (i-DDoS) noma ukwabelana ngedatha okuyimfihlo.
Kukholi imodi yesipokiI-Trojan ilayisha okuqukethwe kwewebhu ngemuva futhi ilingise ukuchofoza ezikhangisweni ezinonya isebenzisa izikripthi ezenzakalelayo ezithembele ku- I-TensorFlowJS, uhlaka lokufunda komshini lweJavaScript. Konke lokhu kwenzeka ngaphandle kokuba umsebenzisi abone noma yini esikrinini, okwenza kube nzima kakhulu ukubona ukuthi kukhona okungahambi kahle.
Lapho i- imodi yokusayinaI-Android.Phantom iyakwazi ukushintshanisa idatha, umsindo kanye nevidiyo ngesikhathi sangempela ngaphandle kwesidingo sokufaka noma yiziphi izinhlelo ezintsha. Ngale ndlela, ifoni ephathekayo eyonakele ingaba yi-node esebenzayo ngaphakathi kwengqalasizinda yokuhlukumeza, isibonelo ukuhlanganisa ukuhlaselwa, ukudlulisa kabusha okuqukethwe, noma ukusebenza njengesisekelo sezinye izenzo zobugebengu eziku-inthanethi.
Ingozi enkulu yalo mndeni akuyona nje ukukhwabanisa kokukhangisa, kodwa nokusetshenziswa okukhulu kwamafoni anegciwane njenge amathuluzi okuthumela ugaxekile, ukuhlanganyela ekukhwabaniseni okuku-inthanethi, ukuqalisa ukuhlaselwa kwe-DDoS, noma ukweba ulwazi lomuntu siquNakuba eziningi zalezi zenzo zingasho lutho, zivame ukushiya izinkomba: ukusetshenziswa kwebhethri okuphezulu ngendlela engavamile, ukwanda kwethrafikhi yedatha yeselula ngaphandle kwencazelo ecacile kanye nokusebenza okuhamba kancane kakhulu.
Ngokusho kukaDoctor Web, umkhankaso wokusabalalisa i-Android.Phantom uthinta kakhulu Amadivayisi we-XiaomiI-Trojan itholakale ezinhlelweni zokusebenza ezitholakala esitolo esisemthethweni. Isitolo seMi, kulayishwe ngunjiniyela okhonjwe njengo Inethiwekhi yeShenzhen RuirenEzimweni eziningi, izinhlelo zokusebenza zaqala ukushicilelwa ngaphandle kwekhodi enonya kanye ne- Isibuyekezo esilandelayo sethule ihhashi iTrojanLokhu kwakha ukwethembana phakathi kwabasebenzisi ngaphambi kokuba ukutheleleka kubulawe.
Ngaphezu kwalokho, izinhlobo ze-Android.Phantom zitholakale zisakazeka ngokusebenzisa izinguqulo eziguquliwe ze-Spotify izici zeprimiyamu zamahhala ezithembisayo. Lezi zinguqulo eziguquliwe zisatshalaliswa ngokusebenzisa Iziteshi zeTelegram namakhasi angekho emthethweni, indlela yakudala yokudonsa labo abafuna ukugwema imikhawulo yezinhlelo zokusebenza ezisemthethweni.
Ochwepheshe batusa kakhulu Ungalandi ama-APK aguquliwe kusuka kumawebhusayithi noma iziteshi zeTelegram ezinemvelaphi engabazisayo, gcina i- ukuvuselelwa kwama-antivirus ocingweni futhi uqaphe ukuziphatha kwedivayisi. Uma kusolwa ukuthi inegciwane, kungcono ukuvula ifoni Imodi ephephileBuyekeza uhlu lwezinhlelo zokusebenza ezifakiwe mathupha, khipha noma yiziphi izinhlelo ezisolisayo, bese uvula I-Google Play Vikela ukwenza ukuhlaziywa kokuphepha.
I-Triada: i-Trojan efika ifakwe kusengaphambili ku-firmware futhi ilawula zonke izinhlelo zakho zokusebenza
Uma i-Android.Phantom isivele izwakala ikhathaza, umndeni Kathathu Kuhamba ibanga elide. Okokuqala kwatholakala ngo-2016 ngochwepheshe beKaspersky, iTriada yaphawula inkathi yokuguquka kwesimo sezulu. I-malware yeselula ethuthukisiwe ye-AndroidLolu songo lufakwa cishe kuzo zonke izinqubo ezisebenza kudivayisi, luhlala ikakhulukazi ku-RAM, futhi luyakwazi ukwenza lokhu. ukungenelela kwizicelo eziningi ngesikhathi esisodwa.
Ngokuhamba kwesikhathi, i-Google kanye nabakhiqizi baqinisa ukuphepha kwesistimu, baze banciphisa ngisho nokuguqulwa kwezingxenye zesistimu kubasebenzisi abanamalungelo ezimpande. Kodwa-ke, abadlali abasekela i-Triada Bathuthukise le ndlela futhi baqala ukuthelela i-firmware ku-supply chain, okungukuthi, ngaphambi kokuba ifoni ifike kumsebenzisi wokugcina.
Enguqulweni yesimanje, ekhonjwe ngokuthi I-Backdoor.AndroidOS.Triada.zIThrojani liyeza kufakwe kusengaphambili ezingxeni zesistimu zamafoni e-Android mbumbulu ithengiswa ezimakethe eziku-inthanethi. Ngenxa yokuthi ihlanganiswe ezingeni eliphansi kangaka, ukuyisusa cishe akunakwenzeka ngaphandle Phinda ukhanyise i-firmware esemthethweni noma ushintshe idivayisi.
Isici esibalulekile salolu hlobo ukuthi lungakwazi hlasela noma yiluphi uhlelo lokusebenza olusebenza ocingweniIsikhathi ngasinye lapho umsebenzisi evula uhlelo lokusebenza, i-Triada ifaka ikhophi yayo futhi ingasetshenziswa uma kudingeka. Iphinde ifake amamojula akhethekile e- I-Telegram, i-WhatsApp, i-Instagram, iziphequluli, i-TikTok, i-Facebook, i-LINE, i-Skype, kanye nezinhlelo zokusebenza ze-cryptocurrency, phakathi kokunye okuningi.
Isibonelo, ku yocingo Ilanda amamojula amabili: elilodwa elixhuma nsuku zonke kuseva yomyalo kanye neyokulawula ukuthumela inombolo yocingo yesisulu kanye nedatha ephelele yokuqinisekisa (kufaka phakathi ithokheni yokufinyelela), kanye nenye ehlunga yonke imiyalezo, ixhumana ne-bot, futhi isuse izaziso mayelana nokungena okusha ukuze umsebenzisi angasoli lutho.
En InstagramI-Triada isesha amakhukhi esikhathi asebenzayo bese iwathumela kubahlaseli, okuvumela thatha ukulawula okugcwele kwe-akhawuntiKuziphequluli ezifana I-Chrome, i-Opera, noma i-FirefoxImojuli ixhuma kwiseva yomyalo nge-TCP kanye iqondisa kabusha izixhumanisi ezisemthethweni kumasayithi okukhangisa noma, uma abahlaseli benquma kanjalo, amakhasi obugebengu bokweba imininingwane eyimfihlo aklanyelwe ukweba iziqinisekiso.
En WhatsAppI-Trojan inamamojula amabili: elilodwa elithumela idatha yeseshini kuseva njalo ngemizuzu embalwa, okwenza kube lula ukufinyelela ku-akhawunti, kanye nelinye elithumela idatha yeseshini kuseva. Ivimba imisebenzi yokuthumela nokwamukela imiyalezo.Ngale ndlela, i-malware ingathumela imiyalezo egameni lesisulu futhi iyisuse ngokushesha, okwenza kube nzima ukuthola umsebenzi ononya.
Kuzinhlelo zokusebenza ezifana LINE o SkypeUkuziphatha kuyafana: ukuqoqwa kwamathokheni, amakhukhi, kanye nedatha yangaphakathi evumela izigebengu zenza umsebenzisi kusuka kwamanye amadivayisi. TikTokI-Triada ikhipha ulwazi kumakhukhi kanye nedatha edingekayo ukuze isebenzisane ne-API yeplatifomu.
Kodwa akupheleli lapho: I-Triad ifaka phakathi Imojuli ye-SMS okwazi ukufunda yonke imiyalezo engenayo, ukukhipha amakhodi (isb., amakhodi okuqinisekisa asebhange), ukuphendula ngokuzenzakalelayo eminye imiyalezo ye-SMS ukuze ubhalisele isisulu kumasevisi akhokhelwayo kanye thumela imiyalezo engahleliwe uma iseva iyalela kanjalo. Enye imojuli ehambisanayo ikhubaza ukuvikelwa kwemvelo kwe-Android ekuthumeleni imiyalezo ye-SMS ye-premium ngaphandle kwemvume.
Iphinde ifake i- imojuli yocingokuhlanganiswe nohlelo lokusebenza lwefoni, oluvele lusebenzisa ingxenye yemisebenzi ye ukukhohlisa ngezinomboloNakuba kubonakala sengathi isathuthukiswa, ihlose ukuvumela izingcingo eziphumayo ukuthi zibonise inombolo ehlukile kuneyangempela, okwenza kube lula ukukhwabanisa okusha.
Esinye isici esiyingozi kakhulu yi- i-proxy ehlehlayo Lokhu kuguqula ifoni ibe yiseva yomlamuleli, okunikeza abahlaseli ukufinyelela kumakheli e-IP angahleliwe "njengokungathi" avela kudivayisi yesisulu. Lokhu kubavumela ukuthi bafihle umthombo wangempela wemisebenzi ehlukahlukene engekho emthethweni eku-inthanethi.
Kubasebenzisi be-cryptocurrency, i-Triada ifaka i- isiqeshana eqapha ibhodi lokunamathisela bese ishintsha ngokuzenzakalelayo amakheli esikhwama esikopishiwe ngamakheli alawulwa abahlaseli. Ngaphezu kwalokho, i- isela le-cryptocurrency Ihlaziya umsebenzi wesisulu futhi ishintsha amakheli noma kuphi ku-interface, ngisho nokushintsha izinkinobho noma izithombe ngamakhodi e-QR ukuze iqondise kabusha imali. Kulinganiselwa ukuthi ngalezi zindlela, izigebengu zikwazile ukweba amakhulu ezinkulungwane zamaRandi ezimpahleni ze-crypto.
Uphenyo lubonisa ukuthi, kumadivayisi athintekile, igama le-firmware lihlukile kwelisemthethweni. uhlamvu olulodwa njeIsibonelo, lapho i-firmware esemthethweni kuyi-TGPMIXM, i-fake ethelelekile ivela njenge-TGPMIXN. Konke kukhomba ku- uhileleke esigabeni esithile sochungechunge lokuhlinzekanezitolo ezithengisa amafoni abonakala emisha ngaphandle kokwazi ukuthi aphazanyiswe efektri.
Ukuzivikela okungcono kakhulu ku-Triad kuhilela Thenga amafoni kubasabalalisi abasemthethweni kuphela.Hlola i-firmware bese ufaka isisombululo sokuphepha se-Android esithembekile. Uma i-Triada itholakala, isinyathelo esinconywayo yilesi faka i-firmware esemthethweni noma uxhumane nesevisi yobuchwepheshe, ubuyekeze wonke ama-akhawunti emiyalezo kanye nezinkundla zokuxhumana, uvale noma yiziphi izikhathi ezisebenzayo ezisolisayo futhi shintsha amaphasiwedi ngosizo lomphathi wephasiwedi ophephile. Njengengxenye yalolo sivikelo, kuyalulekwa Faka ikhambi lokuphepha elithembekile le-Android futhi ulandele imikhuba emihle.
I-RatOn, i-BRATA kanye namanye ama-trojan asebhange azenza izinsizakalo
Kanye ne-Android. Phantom kanye ne-Triada, eminye imindeni ye- ama-trojan asebhange e-Android ikakhulukazi egxile ekwebeni imali kanye nokuntshontsha ama-akhawunti ezezimali. Amagama amathathu okufanele uwakhumbule yilawa: URatOn, uBRATA noJokerkanye nezinhlobo ezahlukene ze-malware ezizifihla njengezinhlelo zokusebenza ezivela kumasevisi, amabhange noma amapulatifomu adumile.
Igundane Liyihhashi elisha kakhulu leTrojan eliklanywe kusukela ekuqaleni ngenxa yokukhwabanisa ebhangeKwaqala njengethuluzi lokuhlasela kwe-NFC relay (kusetshenziswa amasu afana ne-Ghost Tap), kodwa sekuguquke kwaba yi- itrojani yokufinyelela kude (RAT) ngamakhono ohlelo lokudlulisa oluzenzakalelayo (i-ATS). Lokhu kusho ukuthi ingakwazi Yenza ukudluliselwa kwebhange okuphelele ngokuzenzakalelayongaphandle kokuthi umsebenzisi athinte isikrini.
Le malware ihlanganisa ukuhlaselwa kwe-superposition (izikrini mbumbulu ezimboza izinhlelo zokusebenza ezisemthethweni), ukunyakaza kwesixhumi esibonakalayo okuzenzakalelayo, ukudluliselwa kwe-NFC, kanye nokusetshenziswa kabi kokufinyelela ukulawula ifoni. Yenzelwe ukweba ama-akhawunti kuyo izinhlelo zokusebenza ze-cryptocurrency ezifana ne-MetaMask, i-Trust Wallet, i-Blockchain.com, noma i-Phantomfuthi ingenza ngokuzenzakalelayo ukudluliselwa kwemali ngezinhlelo zokusebenza zasebhange ezifana George Česko, esetshenziswa kabanzi eCzech Republic.
I-RatOn isatshalaliswa nge- Amakhasi mbumbulu alingisa i-Google Play Isitololapho kunikezwa khona inguqulo ethi “TikTok 18+” noma efanayo. Uma umsebenzisi esefake uhlelo lokusebenza “lwe-dropper”, ucela izimvume zokuthi faka izinhlelo zokusebenza ezivela emithonjeni engaziwa bese ulanda isigaba sesibili nesesithathu se-malware, kufaka phakathi uhlobo lwe-NFSkate (olwaziwa nangokuthi yi-NGate), ngokusekelwe kuthuluzi elisemthethweni le-NFGCate.
IThrojani icela imvume ku Umphathi wedivayisi, ukufinyeleleka, ukufunda nokubhala oxhumana nabo, kanye nokulawula izilungiselelo zesistimuLokhu kukuvumela ukuthi unikeze izimvume ezintsha, ulande izingxenye ezengeziwe, uqophe isikrini, uqalise futhi ulawule izinhlelo zokusebenza zasebhange neze-cryptocurrency, ngisho bonisa amanothi esihlengo angewona angempela ezivimba idivayisi futhi zisole umsebenzisi ngamacala amakhulu ukuze zimphoqe ukuthi avule uhlelo lokusebenza lwe-cryptocurrency futhi enze inkokhelo.
Phakathi kwemiyalo i-RatOn eyisebenzisayo kukhona imiyalo yokuthi thumela izaziso zohlelo lokusebenza ezingamanga (send_push), shintsha isikhathi sokukhiya isikrini (screen_lock), vula i-WhatsApp noma i-Facebook, shintsha uhlu lwezinhlelo zokusebenza zezimali eziqondiwe (app_inject), thumela i-SMS ngokufinyeleleka (send_sms), Landa bese usebenzisa i-NFSkate (nfs), qala ukudluliselwa kwe-ATS (ukudluliselwa), vala idivayisi (ukuvala), dala oxhumana nabo (add_contact) kanye qala noma umise izikhathi zokuqopha isikrini (irekhodi, isikrini).
Ngakolunye uhlangothi, I-BRATA Kuyi-Trojan yasebhange ye-Android eyatholakala ngo-2019, ngokuhamba kwesikhathi, eye yafaka amakhono anamandla kakhulu. Isatshalaliswa nge- i-dropper okusiza ukugwema isofthiwe yokulwa namagciwane, futhi ubonise intshisekelo eqhubekayo ku- amabhange nezikhungo zezimali emazweni ahlukene.
Izinhlobo zakamuva ze-BRATA zifaka phakathi "ukuvala iswishi" Lokhu kuphoqa idivayisi ukuthi yenze ukusetha kabusha kwasefekthri ezimweni ezimbili: ngemva kokuqeda ngempumelelo ukukhwabanisa kwebhange kanye nalapho ithola ukuthi isebenza endaweni yokuhlaziya noma yokulingisa. Lokhu kuchitha isikhathi somsebenzisi ezama ukuqonda okwenzekile, kuyilapho abahlaseli beqinisa ukweba.
Ngaphezu kwalokho, i-BRATA icela izimvume ezivela ku- Indawo ye-GPSNgokusobala, lokhu kulungiselelwa izici zesikhathi esizayo ezifana nokukhomba izisulu emazweni athile noma ukuzama izindlela ezithile zokukhokha (isb., ukukhipha imali ngaphandle kwekhadi). Ngesikhathi esifanayo, ithuthukise amasu ayo okwenza ukufiphaza kanye nokulanda okunamandla kwengqikithi yayo enonya ukugwema ukutholakala ngezixazululo zokuphepha.
Elinye igama elaziwayo lithi joker, i-malware esebenza njenge i-spyware kanye nobhalisile buthule kumasevisi e-premiumI-Joker igxile ekuqoqeni imiyalezo ye-SMS, uhlu loxhumana nabo, kanye nolwazi lwedivayisi, ngenkathi iphinda ibhalise ifoni ephathekayo ku Izinsizakalo zokukhokha ze-SMS ngaphandle kwemvume yomnikazi, okudala izindleko ezingalindelekile ebhili.
UJoker usengomunye wabalingisi i-malware yeselula evame kakhuluikakhulukazi ngoba isatshalaliswa ngokusebenzisa izinhlelo zokusebenza ezinonya ezisingathwe ku-Google PlayImiyalezo, ezempilo, izinhlelo zokusebenza zokuhumusha, nezinye izigaba eziningi. Nakuba i-Google izisusa lezi zinhlelo zokusebenza uma sezitholiwe, zivame ukukwazi ukufinyelela. izinkulungwane zokulandaFuthi ababhali baphinda bashicilele izinhlelo zokusebenza ezintsha ngekhodi efanayo enonya.
Ngaphezu kwale mindeni ethile, izifundo ezahlukahlukene zikhombe Ama-trojan asebhange azenza izinsizakalo ezisemthethweni (amathuluzi okusetshenziswa, izinhlelo zokusebenza zokukhiqiza, izinhlelo zokusebenza zasebhange ezisemthethweni, njll.). Uma sezisetshenzisiwe, lawa maTrojan ayahlola ukuthi idivayisi iyiqiniso yini bese ecela izimvume zokufinyeleleka kanye nokuphatha futhi kusukela lapho, bathatha ukulawula okugcwele kokufunda isikrini, bacindezele izinkinobho, bagcwalise amafomu, Dala izikrini zokungena ngemvume ezingamanga zezinhlelo zokusebenza zasebhange noma ze-cryptocurrency bese uthumela lonke ulwazi kuseva ekude.
Abahlaseli bangakwazi-ke Buyekeza i-malware, susa umkhondo wayo, bese uthulisa izaziso nemisindo. ukuze umsebenzisi angaboni izexwayiso zokuphepha ezivela ebhange lakhe noma ku-Google, futhi asakaze ukutheleleka ezifundeni ezintsha, kuqala ezindaweni ezifana ne-Southeast Asia kodwa okungenzeka ukuthi andise emhlabeni jikeleleUkuze uthole izibonelo zezinye izinsongo ezisebenza ngendlela efanayo, kunezihlaziyi zemindeni ethile efana Umbala Ozenzakalelayo.
Ezinye izinhlobo ze-malware ku-Android nokuthi zingena kanjani efonini yakho
Nakuba ama-trojan asebhange eba yizihloko eziningi, i-Android nayo ihlushwa ezinye izinhlobo ze-malware. i-malware evame ukufika ifihliwe njengezinsizakalo noma izinsizaPhakathi kwezinto ezivame kakhulu yi-adware, i-spyware, i-ransomware, kanye ne-cryptomining enonya.
El adware Yisofthiwe engafuneki egcwalisa ifoni yakho ngezikhangiso, ngokuvamile isebenzisa amaqhinga akhohlisayo ukuze izifake eceleni kwezinye izinhlelo zokusebenza noma ngokuzenza ithuluzi elisemthethweni. Ngaphandle kokucasula, ingakwazi dlulisela ithrafikhi kumawebhusayithi ayingozi futhi usebenzise idatha nebhethri.
El spyware Igxila ekuhloleni ngasese umsebenzi womsebenzisi: ukuthi yiziphi izinhlelo zokusebenza abazisebenzisayo, bakhuluma nobani, babhala ini, nokuthi bavakashela ziphi izingosi. Lonke lolu lwazi luthunyelwa kubahlaseli, abangalusebenzisa ukuze ukwebiwa kobunikazi, ukuphanga, noma ukuthengiswa ezimakethe ezimnyama.
El I-ransomware Ku-Android, lolu hlobo lokuhlasela luvame ukuhilela ukuvimba ukufinyelela kudivayisi noma ukubethela amafayela, bese kufunwa inkokhelo nge-cryptocurrency ukuze kubuyiselwe ukulawula kumsebenzisi. Njengoba omakhalekhukhwini bequkethe izithombe zomuntu siqu, izingxoxo zangasese, kanye nedatha evame ukusebenza, lolu hlobo lokuhlasela lungaba yingozi kakhulu, futhi ngaphandle kwama-backup, Kunzima ukubuyisa ulwazi.
La ukukhwabanisa nge-crypto okunonya Ukukhwabanisa nge-Crypto kuhilela ukufaka isofthiwe esebenzisa iprosesa yefoni yeselula ukumba ama-cryptocurrencies abahlaseli. Ingxenye embi kakhulu ukuthi ivame ukunganakwa: izimpawu ezisobala kakhulu zokuhlaselwa kuphela ezibonakala kuhadiwe yefoni. Izimpawu zifaka phakathi ibhethri elihamba ngokushesha, ukushisa ngokweqile, kanye nokusebenza kabi.Okwamanje, umhlaseli ukhiqiza imali engenayo ngezindleko zezinsizakusebenza zedivayisi.
Ezimweni eziningi, ukutheleleka kungena nge- isiphequluli noma izinhlelo zokusebenza ezilandiweKusiphequluli, abahlaseli bangasebenzisa ubuthakathaka kubuchwepheshe bewebhu noma babonise izikhangiso ezinonya ezisebenzisa ikhodi ngaphandle kokuba umsebenzisi enze noma yini ngaphandle kokuvakashela ikhasi elisengozini. Kuzinhlelo zokusebenza, isu elivamile... Ihhashi leTrojan lifihliwe njengohlelo lokusebenza olusemthethweniokungase kusebenze njengoba kukhangisiwe kodwa, "ngemuva kwezigcawu," kweba idatha, kufaka ezinye izinhlelo zokusebenza, noma kuvulele umnyango we-malware eyengeziwe. Uma ubona i- Thumela umyalezo wokuthi unegciwane uma ungena kuwebhusayithi, luphawu olujwayelekile lwale mikhankaso (indlela yokwenza ngokuvumelana naleso sixwayiso).
Kukhona nezinye izinketho futhi: amafoni ashibhile ane-firmware esivele inegciwaneama-imeyili anezinamathiselo ezinonya, imikhankaso yobugebengu bokweba imininingwane eyimfihlo ephoqa abasebenzisi ukuthi balande “ama-patches” noma “izibuyekezo” ezingamanga, kanye nokukhwabanisa kokusekelwa kobuchwepheshe okucela abasebenzisi ukuthi bafake amathuluzi “osizo” angamaTrojan empeleni.
Izimpawu zokuthi idivayisi yakho ye-Android ingase itheleleke yi-Trojan noma i-malware
Into eyingozi kakhulu ngamaningi ala maTrojan ukuthi aklanyelwe ukungabonwa isikhathi eside ngangokunokwenzekaNoma kunjalo, kunezimpawu eziningana ezingase zibonise ukuthi kukhona okungajwayelekile okwenzekayo ngefoni yakho ephathekayo nokuthi kufanelekile ukuphenya.
Enye yezinkomba ezivame kakhulu yi- ukubonakala okuqhubekayo kwamafasitela nezikhangiso ezivelelayoNgisho noma ungaphequluli noma ungasebenzisi izinhlelo zokusebenza ezingakaze zibonise izikhangiso ngaphambili. Uma ukuthepha lezo zikhangiso kukuyisa kumawebhusayithi angajwayelekile noma angabonakali, kungenzeka kakhulu ukuthi kufakwe i-adware noma enye ingxenye enonya.
Esinye isibonakaliso ukwanda okungazelelwe nokungachazeki kokusetshenziswa kwedatha yeselulaAmaTrojan amaningi adinga ukudlulisa ulwazi kumaseva awo (idatha yeseshini, ama-keylogger, izithombe-skrini, njll.) noma abonise izikhangiso, okwandisa ithrafikhi ephumayo. Uma ibhili yakho yedatha ikhuphuka ngaphandle kwesizathu, kungenzeka ukuthi kukhona okusebenza ngemuva ngaphandle kwemvume yakho.
Kufanele futhi usole uma uqala ukubona izindleko ezingavamile ebhilini lomthwaliikakhulukazi lezo ezihlobene nemiyalezo ye-SMS ye-premium noma izingcingo eziya ezinombolweni zesilinganiso se-premium. Lokhu kuvame ukukhombisa ukuthi i-malware ikwazile ukuthumela imiyalezo buthule noma ukwenza izingcingo ezinsizeni ezikhokhelwayo ukuze ikhiqize imali kubahlaseli.
El ukuguguleka kwebhethri okusheshisiwe Ukushisa ngokweqile kungenye yezimpawu ezivamile. I-Malware ivame ukusebenzisa kakhulu i-CPU, inethiwekhi, futhi ngezinye izikhathi i-GPU (uma kwenzeka ukumba i-crypto noma ukuqoshwa kwesikrini), okubangela ukuthi ifoni ishise futhi kunciphisa kakhulu impilo yebhethri. Uma ifoni ishisa ngisho noma ingasebenzi, kufanelekile ukuyihlola.
Ukuba khona izinhlelo zokusebenza ongazikhumbuli zizifaka Lokhu futhi kuyisibonakaliso esingathi sína. Amanye amaTrojan alanda ngokuzenzakalelayo ezinye izinhlelo zokusebenza noma azifihle ngemuva kwamagama ajwayelekile “esevisi” noma “okuvuselela”. Uma ubona noma yini esolisayo ohlwini lwezinhlelo zokusebenza, noma izithonjana ezingaziwa, kungcono ukuyihlola (isibonelo, indlela yokuthola izinhlelo zokusebenza noma umsebenzi wakamuva).
Okokugcina, naka ukuziphatha okufana nokusebenzisa ifoni ephathekayo. Vula i-WiFi noma idatha yeselula kuphelaUma oxhumana nabo bekutshela ukuthi bathola imiyalezo engavamile evela enombolweni yakho, noma uma ubona ukwehla okukhulu ngaphandle kwesizathu esicacile, konke lokhu kuyizimpawu zokuthi uhlelo lokusebenza lungase lubangele izinkinga. ukulawula idivayisi ngemuva kwakho.
Indlela yokuvikela i-Android yakho kuma-Trojans azenza amasevisi
Izindaba ezinhle ukuthi, ngezimbalwa imikhuba emihle yokuphepha Ngokusekelwa kohlelo lokusebenza lokuvikela oluthembekile, unganciphisa kakhulu ingozi yokutheleleka ngamaTrojans kanye namanye ama-malware ku-Android. Asikho isidingo sokwesaba, kodwa kufanele ucabange ngokujulile futhi ugweme ukuchofoza kukho konke okunyakazayo.
Okokuqala, kubalulekile Faka izinhlelo zokusebenza ezivela emithonjeni ethembekile kuphelanjenge-Google Play Store noma, lapho kufanele khona, izitolo ezisemthethweni zomenzi wezinhlelo zokusebenza. Noma kunjalo, kufanele uqaphele, ngoba izinhlelo zokusebenza ezinonya ngezinye izikhathi ziyadlula, kodwa ingozi iphansi kakhulu kunokulanda ama-APK kumawebhusayithi angaziwa, amaforamu, iziteshi zeTelegram, noma izixhumanisi zemiyalezo ye-SMS kanye nezinkundla zokuxhumana.
Ngaphambi kokufaka uhlelo lokusebenza, kuyalulekwa buyekeza izimvume zakho ngokucophelelaUma uhlelo lokusebenza lokubala lucela ukufinyelela koxhumana nabo, imiyalezo ye-SMS, izingcingo, noma izinsizakalo zokufinyeleleka, lokho kuyisibonakaliso esibomvu. Kunjalo nangohlelo lokusebenza lwethoshi olufuna ukuthatha amalungelo okuphatha idivayisi. Zibuze njalo, "Ingabe ludinga ngempela le mvume ukuze lusebenze?" Uma impendulo ingucha, kungcono ukufuna enye indlela.
Esinye isisekelo esiyisisekelo ukugcina I-Android nezinhlelo zokusebenza ezibuyekeziweIzibuyekezo zilungisa ubuthakathaka obusetshenziswa amaTrojan amaningi ukuze kwandiswe amalungelo noma kudlule imikhawulo. Ukushiya uhlelo lwakho luphelelwe yisikhathi kufana... vala umnyango kodwa ushiye ifasitela livuliwe kubahlaseli.
Kunconywa futhi ukuba neyodwa uhlelo lokusebenza lokuphepha noma lwe-antivirus lwe-Android kusuka kumhlinzeki othembekile. Lawa mathuluzi athola futhi asuse izinsongo eziningi ezaziwayo, akuxwayise ngokuziphatha okusolisayo, askena izixhumanisi zesiphequluli ukuze athole ubugebengu bokweba imininingwane ebucayi, futhi akuvumela ukuthi usebenzise ukuskena okufunwayo uma usola ukuthi kukhona okungahambi kahle.
Ngaphezu kwalokho, ezinye iziqondiso eziyisisekelo zisiza ukuvikela idivayisi: Ungavuli okunamathiselwe okuvela kuma-imeyili angaziwaGwema ukuchofoza izixhumanisi ezingajwayelekile noma ngabe zibonakala zivela kubangani, qaphela izingcingo ezicela imininingwane yasebhange noma amaphasiwedi, futhi ungafaki "izibuyekezo" noma "ama-optimizer" afika ngemiyalezo engalindelekile.
Uma usola ukuthi idivayisi yakho ye-Android ingase itheleleke, into engcono kakhulu ongayenza Faka ikhambi lokulwa ne-malware bese uskena ngokupheleleNgaphezu kokuqala kabusha kumodi ephephile, ungakhipha izinhlelo zokusebenza ezisolisayo ngaphandle kokuthi zisebenze. Ezimweni ezibucayi (isibonelo, i-ransomware noma i-Trojans eqhubekayo), kungadingeka ukuthi... idivayisi yokusetha kabusha njengasekuqaleniNgakho-ke, ukuba namakhophi agciniwe ezithombe, izingxoxo, kanye namadokhumenti njalo kubalulekile.
Isimo sama-Android Trojans azenza amasevisi asemthethweni siya ngokuya siba yinkimbinkimbi futhi siyinkimbinkimbi, lapho imindeni efana ne-Android.Phantom, Triada, RatOn, BRATA, kanye ne-Joker isebenzisa yonke into kusukela emidlalweni eguquliwe kanye nezinguqulo eziphangiwe zezinhlelo zokusebenza ezidumile kuya ku-firmware esengozini kanye nezinsizakalo zebhange mbumbulu. Ukuqonda ukuthi zisebenza kanjani, yiziphi izimpawu ezibangela, kanye nemikhuba yokuphepha okufanele uyisebenzise nsuku zonke kuyindlela engcono kakhulu yokuzivikela. Qhubeka usebenzisa ifoni yakho ephathekayo ngokuthula kwengqondo ngaphandle kokuba yisisulu esilandelayo.
Umbhali oshisekayo ngomhlaba wamabhayithi nobuchwepheshe ngokujwayelekile. Ngiyathanda ukwabelana ngolwazi lwami ngokubhala, futhi yilokho engizokwenza kule bhulogi, ngikubonise zonke izinto ezithakazelisayo kakhulu ngamagajethi, isofthiwe, ihadiwe, izitayela zobuchwepheshe, nokuningi. Inhloso yami ukukusiza ukuthi uzulazule emhlabeni wedijithali ngendlela elula nejabulisayo.