Vatsvagiridzi vachangobva kuwana mutsva musiyano wemarware zvefoni nhare Chinyararire chakabata hutachiona hwemamirioni makumi maviri nemashanu vasina vashandisi kuona.
Yakavanzika sechishandiso chakabatana neGoogle, musimboti wemarware inoshandisa zvinoverengeka zvinozivikanwa kutadza kweAroid uye zvinobva zvatsiva zvakaiswa maapplication pane chishandiso nemhando dzakashata pasina kupindira kwevashandisi. Maitiro aya akaita kuti vaongorori vape zita rekuti malware Agent Smith.
Iyi malware parizvino iri kuwana zviwanikwa zvemuchina kuratidza kushambadza kubiridzira uye kuwana mari kuwana. Ichi chiitiko chakafanana nematambudziko apfuura senge Gooligan, HummingBad, uye CopyCat.
Kusvika ikozvino, vakanyanya kuurayiwa vari kuIndia, kunyangwe dzimwe nyika dzeAsia dzakaita sePakistan neBangladesh dzakawirwawo nedambudziko iri.
Munzvimbo yakachengeteka zvakanyanya yeApple, vanyori ve "Mumiriri Smith" inoita kunge yatama mumodi yakaoma kunzwisisa ye gara uchitarisa kutsva kutsva, senge Janus, Bundle, uye Man-in-the-Disk, kugadzira matatu-danho Infection maitiro uye kuvaka purofiti-yekugadzira botnet.
Mumiriri Smith ingangove yekutanga mhando yekukanganisa iyo yakabatanidza zvese izvi zvinokuvadza kuti zvishandiswe pamwechete.
Kana Agent Smith achishandiswa kuwana mari kuburikidza neshambadziro yakaipa, inogona kushandiswa nyore nyore kune zvinowedzera kusagadzikana uye zvinokuvadza zvinangwa, sekuba maID emabhangi.
Muchokwadi, kugona kwayo kusaratidza icon yayo mumununuri uye kuteedzera maficha akakurumbira aripo pachigadzirwa, inoipa nemikana isingaverengeke yekukuvadza mudziyo wemushandisi.
Pane Agent Smith kurwisa
Mumiriri Smith ane zvikamu zvitatu zvikuru:
- Chishandiso chejekiseni chinokurudzira akabatwa kuti azviise nekuzvidira. Iine pasuru muchimiro chemafaira akavharidzirwa. Mhando dzakasiyana dzeiyi jekiseni app inowanzo kuve zvishandiso zvemifananidzo, mitambo, kana vakuru maapplication.
- Iyo jekiseni app inozvinyora yega nekumisikidza iyo APK yekodhi yayo yakashata yakaipa kodhi, iyo inowedzera zvinokuvadza zvinokanganisa kumaapp. Iyo huru malware inowanzo kuvanzwa seGoogle gadziriso chirongwa, Google Gadziriso yeU, kana "com.google.vending." Iyo huru malware icon haina kuoneka mune yekutanga.
- Iyo huru malware inoburitsa runyorwa rwezvishandiso zvakaiswa pane chishandiso. Kana ikawana mashandisirwo ari chikamu chenyu chinyama chekutora (chakanyorwa kana kutumirwa nekuraira uye kudzora server), inoburitsa iyo base APK yekushandisa pane mudziyo, inowedzera malicious modules uye ma ads kuAPK, inodzosera uye inotsiva iyo yekutanga, sekunge yaive yekuvandudza.
Agent Smith repackages akanangwa kunyorera padanho re smali / baksmali. Munguva yekupedzisira yekumisikidza yekumisikidza maitiro, inovimba neJanus kudzvinyirira kupfuura nzira dzeApple dzinoongorora kuvimbika kweAAPK.
Iyo yepakati module
Agent Smith anoshandisa iyo yemukati module kuti apararire hutachiona:
Nhevedzano ye "Bundle" kushomeka inoshandiswa kuisa mashandiro pasina munhu akuvara aona.
Kushushikana kwaJanus, uko kunotendera iyo yekubira kutsiva chero application nehutachiona vhezheni.
Iyo yepakati module inotaurirana iwo wekuraira uye wekudzora server kuyedza kuwana runyorwa nyowani rwezvishandiso zvekutsvaga kana mune kutadza, inoshandisa runyorwa rweasipo maapplication:
- com whatsapp
- com.lenovo.anyshare.gps
- com.mxtech.videoplayer.ad
- com.jio.jioplay.tv
- com.jio.media.jiobeats
- com.jiochat.jiochatapp
- com.jio.join
- com.good.gamecollection
- com.opera.mini.native
- in.startv.hotstar
- com.meitu.beautyplusme
- com.domobile.applock
- com.touchtype.swiftkey
- com.flipkart.android
- cn.xender
- com.eternal
- com.trucaller
Iyo yakakosha module inotsvaga vhezheni yeimwe neimwe app mune irwo runyorwa uye yayo MD5 hash inoenderana pakati peakaiswa mafomu neaya anomhanya mushandisi nzvimbo. Kana zvese mamiriro zvasangana, "Agent Smith" anoedza kukanganisa chirwere chawanikwa.
Iyo yakakosha module inoshandisa imwe yeanotevera maitiro maviri kukanganisa hutachiona: kuora kana bhanari.
Pakupera kwecheni yehutachiona, inobira maapplication evashandisi vakanganisa kuratidza kushambadza.
Zvinoenderana nerumwe ruzivo ruzivo rwejekiseni rwe Mumiriri Smith ari kuwedzera kuburikidza ne "9Apps", yechitatu-bato app chitoro chinonyanya kunongedza vashandisi veIndia (Hindi), Arab, neIndonesia.