kukho into oyaziyo ngayo PhantomLance Backdoor? Iqela labahlaseli bebesebenzisa iGoogle Play ukusasaza i-malware esetyenziselwe ukubiwa idatha yabucala ukusukela ngo-2016.
I-Kaspersky Laboratories yabelane ngengxelo eneenkcukacha kwi-PhantomLance Trojan backdoor, ebizwa ngokuba luhlobo oluntsonkothileyo lwe-malware, akunzima nje ukuyibona kodwa kunzima ukuyiphanda.
Iiapps zikaGoogle Play Store ezosulelwe yiPhantomLance Backdoor beziba idatha ukusukela ngo-2016
UKaspersky unika ingxelo yokuba i-malware inokufumana ukufikelela kulo lonke ulwazi kwi-smartphone eyosulelekileyo:
Eyona njongo iphambili yePhantomLance kukuqokelela ulwazi olubuthathaka kwisixhobo sexhoba. I-malware inokubonelela abaqokeleli bayo ngedatha yendawo, iinkuni zokufowuna, imiyalezo ebhaliweyo, uluhlu lwezicelo ezifakiweyo, kunye nolwazi olupheleleyo malunga neselfowuni esosulelekileyo.
Ngaphaya koko, ukusebenza kwayo kunokwandiswa nangaliphi na ixesha ngokufaka nje iimodyuli ezongezelelweyo kwi-C&C server.
I-Malware kuGoogle Play apps
Ngexesha lophando, i-malware yafunyanwa kwii -apps ezidumileyo kunye nezinto eziluncedo ezivumela abasebenzisi ukuba batshintshe iifonti, basuse iintengiso, kwaye benze ukucoca inkqubo. Abaphuhlisi abasemva kwezi apps bakwazile ukudlula naluphi na uhlolo lokhuseleko kwiVenkile kaGoogle Play ngokuqala ngeenguqulelo ezingenalunya zeapps zabo.
Nje ukuba ii -apps zipapashwe, zikwazile ukongeza izinto ezikhohlakeleyo kamva ngohlaziyo, olungakhange lulawuleke kuGoogle Play Store. Abaphuhlisi baye bakwazi ukwenza iiprofayili ezizodwa kwi-GitHub ukwenza njengemithombo yophuhliso ethembekileyo.
Ezona njongo ziphambili ze-PhantomLance kuthiwa ingabasebenzisi baseVietnam. Nangona kunjalo, ii-apps ezosulelekileyo ziye zakhutshelwa kwezinye iindawo zehlabathi. I-Trojan idibaniswe neqela elibizwa ngokuba yi-OceanLotus, enembali yohlaselo olufanayo lwe-malware kwiinkqubo zokusebenza zedesktop. La maqela asoloko exhaswa ngamagosa aphakamileyo kwanoorhulumente.
Nangona uGoogle ezisusile ezi apps kwiPlay Store, zisafumaneka kwi-intanethi kwiiwebhusayithi ezahlukeneyo zokukhuphela i-APK kunye nezinye iivenkile zomntu wesithathu.
Kubonakala ngathi nokuba ufaka kuphela usetyenziso olusuka kuGoogle Play Store, alukakhuselekanga ngaphandle kokuba uqinisekisa ubunyani babaphuhlisi. Ukukhangela okukhawulezileyo kukaGoogle kunokuveza ulwazi oluninzi oluthembekileyo malunga nabaphuhlisi, kwaye ukuba kukho into ekhangeleka ithandabuzekayo kwiziphumo zokukhangela, ziphephe ezo setyenziso.
Ubume obuvulekileyo be-Android bunokusebenza ngokuchasene nayo, njengoko nabani na enokuthi abhalisele i-Play Store kwaye apapashe usetyenziso olubi.
Oku kuseyothusa kweyona nkqubo isebenzayo yehlabathi, nokuba yidesktop okanye iselfowuni. I-Android isetyenziswa kwi-2.500 yeebhiliyoni zezixhobo kwihlabathi jikelele, kwaye uGoogle uye wasilela ngokuphindaphindiweyo ukunika ubumfihlo obaneleyo kunye neziqinisekiso zokhuseleko kubasebenzisi kwiiapps ezisasazwa kwindawo yentengiso esemthethweni.
Ukuba unomdla kwimvelaphi yobuchwephesha bendlela esebenza ngayo i-malware kunye nophando olwenziwa ngasemva kweKaspersky Labs, funda ingxelo yabo eneenkcukacha apha.