Vhara shambadzo
News

Masque Attack inogona kuisa fake apps paIOS zvishandiso uye kuunganidza data remushandisi

Ondrej Holzman
20

Vasina hanya uye vasina hanya iOS vashandisi vanotarisana nenjodzi dzekuwedzera. Kwangopera vhiki mushure mekuwanikwa WireLurker malware kambani yekuchengetedza FireEye yakazivisa kuti yakawana rimwe gomba rekuchengetedza muPhones uye iPads rinogona kurwiswa uchishandisa nzira inonzi "Masque Attack". Inogona kutevedzera kana kutsiva maapplication aripo kuburikidza nekunyepera yechitatu-bato maapplication uye wozowana mushandisi data.

Avo vanodhawunirodha maapplication kumidziyo yeIOS chete kuburikidza neApp Store havafanirwe kutya iyo Masque Attack, nekuti iyo malware nyowani inoshanda nenzira yekuti mushandisi anodhawunirodha application kunze kwechitoro chepamutemo software, kune email yekunyepedzera kana meseji ( semuenzaniso, ine download link nyowani vhezheni yemutambo wakakurumbira Flappy Shiri, ona vhidhiyo pazasi).

Kana mushandisi angodzvanya pane chinongedzo chekubiridzira, vanoendeswa kune peji rewebhu vachivakumbira kuti vatore app inoita seFlappy Shiri, asi iri fake vhezheni yeGmail inodzosera iyo yekutanga app yakatorwa zviri pamutemo kubva kuApp Store. Iyo application inoramba ichiita nenzira imwechete, inongoisa Trojan bhiza mukati mayo, iyo inowana ese ega data kubva kwairi. Kurwiswa kunogona kunge kusingangoiti nezve Gmail chete, asiwo, semuenzaniso, mabhengi ekushandisa. Uye zvakare, iyi malware inogona zvakare kuwana iyo yepakutanga data yenzvimbo yezvikumbiro inogona kunge yakatodzimwa, uye kuwana, semuenzaniso, kanenge kakachengetedzwa zvitupa zvekupinda.

[youtube id=”76ogdpbBlsU” wide=”620″ height=”360″]

Shanduro dzemanyepo dzinogona kutsiva iyo yekutanga app nekuda kwekuti ivo vane imwechete yakasarudzika nhamba yekuzivikanwa iyo Apple inopa kune maapplication, uye zvakanyanya kuomera vashandisi kusiyanisa imwe kubva kune imwe. Iyo yakavanzika fake vhezheni yobva yarekodha e-mail mameseji, maSMS, nharembozha uye imwe data, nekuti iOS haipindire kune maapplication ane yakafanana chitupa data.

Masque Attack haigone kutsiva default iOS maapplication seSafari kana Email, asi inogona kurwisa zviri nyore akawanda maapplication akatorwa kubva kuApp Store uye inogona kutyisidzira hombe kupfuura iyo WireLurker yakawanikwa svondo rapfuura. Apple yakaita nekukurumidza kuWireLurker uye yakavharira zvitupa zvekambani kuburikidza iyo maapplication akaiswa, asi Masque Attack inoshandisa yakasarudzika manhamba ekuzivisa kupinza maapplication aripo.

Kambani yekuchengetedza FireEye yakaona kuti Masque Attack inoshanda paIOS 7.1.1, 7.1.2, 8.0, 8.1 uye 8.1.1 beta, uye Apple inonzi yakashuma dambudziko mukupera kwaChikunguru gore rino. Nekudaro, ivo vashandisi pachavo vanogona kuzvidzivirira panjodzi inogona nyore nyore - kungosaisa chero zvikumbiro kunze kweApp Store uye usavhure chero zvinonyumwira zvinongedzo mumae-mail uye mameseji. Apple haisati yataura nezve chikanganiso chekuchengetedza.

Kunobva: Chitendero cheMac, MacRumors
Source
Kukurukurirana
Misoro ,

Related



Vazhinji vanoverenga zvinyorwa

.