An samo malware a cikin maɓallin Arch (AUR)

Isaac

2 minti

malware

Kwanakin baya gano malware ko lambar ɓarna a cikin sanannen wurin ajiye kayan Arch Linux distro, musamman a Arch User Repository ko AUR kamar yadda aka sani. Kuma ba wani sabon abu bane, mun riga mun gani a wasu lokutan yadda wasu masu aikata laifuka a yanar gizo suka afkawa wasu sabobin inda aka shirya rabarwar Linux da kayan software don gyara su tare da wasu mugayen lambobi ko bayan fage kuma har ma an gyara wuraren bincike don masu amfani basu san wannan harin ba. kuma cewa suna girka wani abu mara tsaro a kwamfutocin su.

Da kyau, wannan lokacin yana cikin wuraren ajiya na AUR, don haka wannan lambar ƙirar za ta iya kamuwa da wasu masu amfani waɗanda suka yi amfani da wannan manajan kunshin a cikin ɓatarwarsu kuma wannan ya ƙunshi hakan lambar cutarwa. Ya kamata a tabbatar da fakitin kafin kafuwa, tunda duk da abubuwanda AUR ke bayarwa don tarawa da girkawa fakitoci a sauƙaƙe daga lambar tushe, ba yana nufin cewa dole ne mu amince da lambar asalin ba. Sabili da haka, duk masu amfani yakamata suyi taka tsantsan kafin girkawa, musamman idan muna aiki azaman sysadmins don babbar sabar ko tsarin ...

A zahiri, gidan yanar gizon AUR da kansa yayi gargadin cewa dole ne a yi amfani da abun cikin ƙarƙashin alhakin mai amfani, wanda dole ne ya ɗauki haɗarin. Kuma gano wannan matsalar ta malware ya tabbatar da haka, a wannan yanayin Karatu an canza shi a ranar 7 ga watan Yuli, wani kunshin da maraya ne kuma bashi da mai kulawa ya faru da mai amfani da ake kira xeactor wanda ya hada da umarni don zazzage lambar rubutu ta atomatik daga pastebin, wanda ya ƙaddamar da wani rubutun wanda kuma daga baya suka samar da girka tsarin tsari saboda haka zasu gudanar da wani rubutun daga baya.

Kuma ya bayyana cewa an sake inganta wasu fakitin AUR guda biyu iri ɗaya don dalilai na haram. A halin yanzu, waɗanda ke da alhakin repo sun kawar da kunshin da aka canza kuma sun share asusun mai amfani wanda ya aikata hakan, don haka da alama sauran fakitin zasu kasance masu aminci na wannan lokacin. Bugu da kari, don kwanciyar hankali na wadanda abin ya shafa, lambar sharri da aka hada bata yi wani abu mai mahimmanci a cikin injunan da abin ya shafa ba, kawai gwada (i, saboda kuskure a daya daga cikin rubutun ya hana mummunan mugunta) don ɗora wasu bayanai daga tsarin wanda aka cutar.


Bar tsokaci

Your email address ba za a buga. Bukata filayen suna alama da *

*

*

  1. Wanda ke da alhakin bayanan: Miguel Ángel Gatón
  2. Manufar bayanan: Sarrafa SPAM, sarrafa sharhi.
  3. Halacci: Yarda da yarda
  4. Sadarwar bayanan: Ba za a sanar da wasu bayanan ga wasu kamfanoni ba sai ta hanyar wajibcin doka.
  5. Ajiye bayanai: Bayanin yanar gizo wanda Occentus Networks (EU) suka dauki nauyi
  6. Hakkoki: A kowane lokaci zaka iyakance, dawo da share bayanan ka.