Iyo vhezheni yeRudzikunuroXX yeLinux yakaonekwa

Vanotsvaga kubva Kaspersky Lab ndaziva a Linux vhezheni dRwareware malware "RudzikunuroEXX".

Pakutanga, RudzikunuroXX yakagovewa chete papuratifomu yeWindows uye ikave nemukurumbira nekuda kwezviitiko zvakakura zvinoverengeka nekukundwa kwemasisitimu ehurumende akasiyana siyana nemakambani, kusanganisira Texas Dhipatimendi Rekufambisa uye Konica Minolta.

Nezve RudzikunuroEXX

RudzikunuroXX inonyora dhata pane diski uyezve inoda rudzikunuro kutora kiyi yekubvisa. 

Encryption yakarongeka uchishandisa raibhurari mbedtls de Vhura Sosi. Kamwe kakatangwa, iyo malware inogadzira 256-bit kiyi uye inoishandisa kunyorera mafaira ese aripo uchishandisa AES block encryption muECB modhi. 

Mushure maizvozvo, kiyi nyowani yeESES inogadzirwa sekondi yega yega, ndiko kuti, mafaera akasiyana akanyorwa nemakiyi eAES akasiyana.

Imwe neimwe kiyi yeAES yakavharidzirwa uchishandisa RSA-4096 kiyi yeruzhinji yakadzamirwa mune malware kodhi uye inosungirirwa kune yega yega yakavharidzirwa faira. Kuti udzivirire, iyo rudzikunuro inopa kutenga yakavanzika kiyi kubva kwavari.

Chinhu chakakosha cheRudzikunuroXX ndewako shandisa mukurwisa kwakanangwa, panguva iyo varwisi vanowana mukana weimwe yemaitiro padandemutande kuburikidza nekukanganisa kusagadzikana kana nzira dzekushambadzira, mushure mezvo vanorwisa mamwe masisitimu uye kuendesa yakasanganiswa yakasarudzika yemarware kune yega yega yakarwiswa zvivakwa, kusanganisira zita rekambani uye imwe neimwe akasiyana manhamba ekutaurirana.

Pakutanga, panguva yekurwiswa kwema network emakambani, vanorwisa vakaedza kutora kutonga yezvivakwa zvemabasa zvakawanda sezvinobvira kuisa malware pavari, asi zano iri rakazove risiri iro uye muzviitiko zvakawanda masisitimu aingodzoserwa achishandisa backup pasina kubhadhara rudzikunuro. 

Iye zvino cybercriminals 'zano rakachinja y chinangwa chavo chaive chekukunda zvakanyanya maseru server masisitimu uye kunyanya kumasisitimu epakati ekuchengetedza, kusanganisira iwo anomhanya Linux.

Naizvozvo, hazvingashamise kuona kuti maRhlengEXX vatengesi vazviita zvinojekesa muindasitiri; Vamwe vanoshandisa rudzikinuro vanogona zvakare kuendesa shanduro dzeLinux mune ramangwana.

Isu munguva pfupi yapfuura takawana nyowani yefaira yekunyorwa kweTrojan yakagadzirwa seELF inoitiswa uye inotarisirwa kunyorera data pamichina inodzorwa neLinux-based operating system.

Mushure mekuongorora kwekutanga, takaona kufanana mune kodhi yeTrojan, zvinyorwa zvemanyorerwo, uye nzira yakajairika yekubiridzira, zvichiratidza kuti takanga tawana Linux kuvaka kweyaimbozivikanwa RansomEXX mhuri yehlengoware. Iyi malware inozivikanwa kurwisa masangano makuru uye yainyanya kushingaira kutanga kwegore rino.

RudzikunuroEXX ndeye yakanyanya Trojan. Imwe neimwe yemarware sampuro ine ine rakaomeswa zita reanotambudzwa sangano. Zvakare, zvese kuwedzerwa kweiyo yakavharidzirwa faira uye email kero yekutaura nevabiridzi vanoshandisa zita remunhu akabatwa.

Uye kufamba uku kunoita sekunge kwatotanga. Zvinoenderana nekambani yekuchengetedza cyber Emsisoft, pamusoro peRhlengEXX, vanoshanda kuseri kweMespinoza (Pysa) rudzikunuro vakagadzirawo musiyano weLinux kutangira pane vhezheni yavo yeWindows. Sekureva kwaEmsisoft, iwo maRhlengEXX Linux akasiyana avakawana akatanga kuitwa muna Chikunguru.

Ino haisi nguva yekutanga kuti vashandisi ve malware vafunge nezvekuvandudza vhezheni yeLinux yemarware avo.

Semuenzaniso, tinogona kudoma nyaya yeKillDisk malware, iyo yanga yashandiswa kupomhodza gidhi remagetsi muUkraine muna 2015.

Izvi zvakasiyana zvakaita "michina yeLinux isakwanise kubhuroka, mushure mekunyora mafaira uye ichida rudzikunuro rukuru." Yakanga iine vhezheni yeWindows uye vhezheni yeLinux, "chinova chinhu chatisingaone mazuva ese," vaongorori veESET vakacherekedza.

Chekupedzisira, kana iwe uchida kuziva zvakawanda nezvazvo, unogona kutarisa izvo zvinyorwa zveKaspersky chinyorwa Mune inotevera chinongedzo.