Kimanin masu amfani da Android miliyan goma ne suka kamu da cutar shahararren masarrafar karanta lambar "Barcode Scanner", bayan halattaccen aikace-aikacen ya zama malware. Masu bincike daga kamfanin tsaro na Malwarebytes ne suka fallasa mummunar halayyar software ɗin, waɗanda suka ba da rahoto ga Google kuma sakamakon haka an cire aikace-aikacen daga shagon yanar gizo.
A ƙarshen Disambar da ta gabata ne lokacin da masu bincike suka fara karɓar kira don neman taimako. Masu amfani da na'urar Android. Kamfanin ikirarin waɗancan masu amfani suna ganin tallace-tallace suna ɓullowa daga wani wuri ta hanyar tsoffin masu bincike. Abu mafi ban mamaki game da tallan da ke bautar annoba shine babu ɗayansu wanda ya girka ƙa'idodin kwanan nan. Koyaya, duk ayyukan da suka girka tun daga lokacin sun zo kai tsaye daga Google Play.
Tallace-tallacen ya ci gaba har sai daya daga cikin wadanda suka cutar da cutar ya gano cewa tallace-tallacen na zuwa ne daga wata shigar da aka dade ana sanyawa mai suna Barcode Scanner
Masu binciken sun kara ganowa da sauri, bayan mai amfani ya fadakar kuma Google ya cire aikin daga shagon. Yawancin masu amfani sun yi amfani da app ɗin akan wayoyin su na dogon lokaci, gami da mai amfani ɗaya wanda ya girka shi tsawon shekaru.
Bayan sabuntawa da aka fitar a watan Disamba, aikace-aikace Scanner na Barcode ya tafi daga abin da ya kamata- an ba da mai karanta lambar QR da janareta na lambar ƙira, mai amfani mai amfani don na'urorin hannu, don kammala malware. Kodayake Google ya riga ya cire wannan aikace-aikacen, amma kamfanin tsaro ya yi imanin cewa sabuntawa ya faru ne a ranar 4 ga Disamba, 2020, wanda ya canza ayyukan aikace-aikacen don aika sanarwa ba tare da sanarwa ba.
Duk da yake yawancin masu haɓakawa sun haɗa tallace-tallace a cikin software don bayar da sigar kyauta, kuma aikace-aikacen da aka biya ba sa nuna tallace-tallace, a cikin 'yan shekarun nan, canjin ya faru dare ɗaya. Aikace-aikacen kayan amfani masu amfani ga adware suna zama gama gari.
“SDK na talla za su iya zuwa daga kamfanoni na ɓangare na uku kuma su zama tushen samun kuɗi ga mai haɓaka aikace-aikacen. Yanayi ne mai nasara-inji, ”Malwarebytes ya lura. “Masu amfani suna samun aikace-aikacen kyauta, yayin da masu haɓaka app da masu tallata tallan SDK ke biya. Amma kowane lokaci, sannan, Kamfanin Ads SDK na iya canza wani abu kuma tallace-tallacen na iya fara yin ɗan rikici.
Wasu lokuta wasu kamfanoni na iya shiga ayyukan "m" na talla, amma wannan ba haka bane game da wannan mai karanta lambar. Madadin haka, masu binciken sun ce an shigar da mummunar lambar a cikin sabuntawar Disamba kuma an ɓoye ta ɓoye don kaucewa ganowa. An kuma sanya hannu kan sabuntawar tare da takaddar shaidar tsaro wacce aka yi amfani da ita a cikin sifofin Android na baya.
“A’a, a game da Barcode Scanner, an ƙara lambar ƙira wacce ba ta cikin sigar aikin da ta gabata. Hakanan, lambar da aka kara tayi amfani da obfuscation mai karfi don kaucewa ganowa. Don tabbatar da cewa ya fito ne daga mai haɓaka aikace-aikacen ɗaya, mun tabbatar cewa an sanya sa hannu ta hanyar takaddar dijital iri ɗaya kamar sigogin tsabta da suka gabata ”.
Gaskiyar cewa Google ya cire aikin daga Google Play ba yana nufin cewa aikace-aikacen zai ɓace daga na'urorin da abin ya shafa ba. Wannan shine ainihin matsalar da masu amfani waɗanda suka girka Barcode Scanner suka fuskanta. Don kawo ƙarshen shi, dole ne masu amfani su cire aikace-aikacen ɓarnatar yanzu da hannu.
Masu bincike ba su iya tantance takamaiman tsawon lokacin da masarrafar karatun lambar yabo ta kasance halal mai ƙa'ida a kantin Google Play kafin ya zama mai cutarwa.
“Dangane da yawan girke-girke da ra'ayoyin mai amfani, munyi imanin cewa ya kasance shekara da shekaru. Yana da ban tsoro cewa da ɗaukakawa sau ɗaya, aikace-aikace na iya zama mai cutarwa yayin da yake ƙarƙashin radar Google Play Protect. Yana ba ni mamaki cewa mai haɓaka ƙa'ida tare da sanannen ƙa'idodin ƙa'ida zai iya juya shi zuwa malware. Shin shirin ne daga farko, don samun aikin banza, yana jiran isa bayan ya kai ga shahara? Ina tsammanin ba za mu taba sani ba, ”in ji rahoton masu binciken.
Source: https://blog.malwarebytes.com/
A yanzu haka, idan na bincika Shagon Barcode Play Store, yana nuna mini aikace-aikacen “Barcode Scanner” guda biyu daga masu haɓakawa daban-daban. Dole ne a nuna marubucin saboda ba shi yiwuwa a gano manhaja da suna.
Da kyau, lafiya, na aika tallace-tallace, bisa ga rubutun: ba m. Abin da app ba?
Lokacin da na girka wani app koyaushe nakan bincika idan ya kawo tallace-tallace da izini a cikin «Bayani. na app ».
Da alama ba za ku iya karantawa ba saboda labarin ya bayyana shi sosai. Abu daya shine talla, kamar yadda yake a cikin yawancin aikace-aikacen, wanda ba yawanci bane yake shigowa lokaci zuwa lokaci kuma wani abu shine abin da suke faɗi a cikin labarin, wanda ya zama tallan kutsa kai sosai, har zuwa matakin da aka bayyana daidai saboda wannan ƙari na talla.
"Wasu lokuta wasu kamfanoni na iya aiwatar da ayyukan talla" na ta'adi ", amma ba haka lamarin yake ba da wannan mai karanta lambar."
Kuma ya ci gaba:
"Maimakon haka, masu binciken sun ce an shigar da mummunar lambar a cikin sabuntawar Disamba kuma an ɓoye ta sosai don guje wa ganowa."
Menene matsalar.
Na gode da lokacinku ... koda kuwa bashi da amfani.