Mazuva mashoma apfuura iyo KudzoreredzaLabs vaongorori vakaburitswa kuburikidza neye blog positi, mhedzisiro yekuongororwa kwekushandisa kwe typosquatting mune iyo RubyGems repository. Kazhinji typosquatting yaishandiswa kugovera mapakeji akashata yakagadzirirwa kubvumira unattended mugadziri kuti aite typo kana kusaona mutsauko.
Chidzidzo chakaburitsa anopfuura mazana manomwe emapakeji, cMazita avo akafanana nemapakeji akakurumbira uye anosiyana mune zvidiki zvidiki, semuenzaniso, kutsiva tsamba dzakafanana kana kushandisa mabrowser panzvimbo pehunyengeri.
Kuti udzivise matanho akadaro, vanhu vane hutsinye vanogara vachitsvaga matsva ekurwisa. Imwe vector yakadaro, inonzi software yekupa cheni kurwisa, iri kuramba ichiwedzera kufarirwa.
Pamapakeji akaongororwa, zvakaonekwa kuti mapakeji anodarika mazana mana akaonekwa aine zvinhu zvinofungidzirwa de yakaipa mabasa. Kunyanya, mukati me Iyo faira yaive aaa.png, iyo yaisanganisira inoitisa kodhi mu PE fomati.
Nezve mapakeji
Iwo mapakeji akashata aisanganisira faira rePNG rine faira rinogoneka yeiyo Windows chikuva panzvimbo yemufananidzo. Iyo faira yakagadzirwa uchishandisa iyo Ocra Ruby2Exe utility uye yaisanganisira yekuzvichengeta-ichiburitsa dura ine Ruby script uye muturikiri weRuby.
Paunenge uchiisa iyo package, iyo png faira yakatumidzwazve zita kuti exe ndokutanga. Panguva yekuurayiwa, faira reVBScript rakagadzirwa uye rakawedzerwa kuostostart.
Iyo yakaipa VBScript yakatsanangurwa muchiuno yakaongorora clipboard yezvinyorwa neruzivo rwakafanana nekrispto chikwama kero uye kana ichinge yaonekwa, yakatsiva nhamba yechikwama netarisiro yekuti mushandisi aisazoona misiyano uye aizoendesa mari kune chikwama chisiri icho.
Typosquatting inonyanya kufadza. Vachishandisa rudzi urwu rwekurwiswa vanotumidza nemaune mapakeji akaipa kuti afanane neakakurumbira zvakanyanya sezvinobvira, netarisiro yekuti mushandisi asingafungire achapotsa zita racho uye asingazivi kuisa pasuru yakaipa panzvimbo.
Chidzidzo chacho chakaratidza kuti hazvisi zvakaoma kuwedzera mapakeji ane ngozi kune chimwe chezvinyorwa zvakakurumbira uye mapakeji aya anogona kuenda asingazivikanwe, kunyangwe paine huwandu hwakanyanya hwekuburitsa. Izvo zvinofanirwa kucherechedzwa kuti nyaya haina kunangana neRubyGems uye inoshanda kune mamwe anozivikanwa marekodhi.
Semuenzaniso, gore rapfuura, ivo vaongorori vakawana mu iyo yekuchengetera ye NPM yakaipa bb-builder package inoshandisa nzira yakafanana kumhanyisa faira rinobatika kuba mapassword. Izvi zvisati zvaitika, yekunze yekunze yakawanikwa zvichienderana neyakaitika rukova NPM package uye yakaipa code yakadzorwa ingangoita mamirioni masere. Mapakeji akashata anoonekwawo nguva nenguva muzvinyorwa zvePyPI.
Aya mapakeji ivo vaibatanidzwa nenhoroondo mbiri kuburikidza nazvo, Kubva munaFebruary 16 kusvika Kukadzi 25, 2020, 724 mapakeji akashata akaburitswas muRubyGems iyo yakazara yakaburitswa kanosvika zviuru makumi mapfumbamwe neshanu.
Vatsvagiri vazivisa RubyGems manejimendi uye akaonekwa malware mapakeji akatobviswa mudura.
Uku kurwisa zvisina kunanga kutyisidzira masangano nekurwisa vechitatu-bato vatengesi vanovapa iwo software kana masevhisi. Sezvo vatengesi vakadaro vachiwanzoonekwa sevaparidzi vakavimbika, masangano anowanzo shandisa nguva shoma kuona kuti mapakeji avanoshandisa haana mahara.
Pamatambudziko akaonekwa mapakeji, akanyanya kuzivikanwa aive atlas-mutengi, iyo pakutanga kuona ingangove isinganzwisisike kubva kune chaiyo atlas_client package. Iyo yakatsanangurwa package yakadzvanywa ka2100 nguva (yakajairika pasuru yakadzingwa ka6496 times, ndiko kuti, vashandisi vakanganisa mune ingangoita 25% yematambudziko).
Iwo mapakeji akasara akaburitswa paavhareji ka100-150 nguva uye akafukidzirwa mamwe mapakeji kushandisa imwecheteyo inoratidzira uye hyphen yekutsiva matekinoroji (semuenzaniso, pakati pemapaketi akashata: appium-lib, action-mail_cache_delivery, activemodel_validators, asciidoctor_bibliography, assets-pipeline, assets-validators, ar_octopus- replication tracking, aliyun-open_search, aliyun-mns, ab_split, apns-tsika).
Kana iwe uchida kuziva zvakawanda nezve chidzidzo chakaitwa, unogona kutarisa ruzivo mune iyo inotevera chinongedzo.