Kungiyar tsaro ta Microsoft ta buga labarin da a cikinta yayi magana game da wani sabon malware don mac wanda ya samo asali a cikin shekarar da ta gabata don bayar da maharan a karuwar ci gaban iyawar sophisticated.
Iyalin malware, wanda Microsoft 365 Defender barazanar ƙungiyar leƙen asiri mai suna UpdateAgent, ya fara bayyana a watan Satumba na 2020. Tun daga wannan lokacin, ya canza yadda yake aiki daga mai karɓar bayanai mai sauƙi zuwa yanki na malware wanda zai iya sadar da wasu malware.
UpdateAgent na iya cutar da Macs masu amfani ta hanyar vectors kamar tuƙi ta hanyar zazzagewa ko tallan talla. A mafi yawan lokuta, ana gabatar da ita azaman halaltaccen yanki na software, kamar aikace-aikacen bidiyo ko wakili na tallafi (wani abu da masu amfani da Windows suka saba da shi sosai).
Wasu ayyukan malware, ba da izini ketare ikon tsaro na Ƙofar Apple ko amfani da izini na yanzu don cire shaidar wanzuwarsa akan Mac.
A watan Agusta 2021, an inganta shi tare da sabon ikon zuwa lambar allura m da za a iya gudu a matsayin tushen a cikin wani ganuwa baya tsari.
Wannan malware yana amfani da kayan aikin girgije na jama'a kamar Amazon S3 ko CloudFront don sadar da kaya na mataki na biyu kamar fayilolin .dmg ko .zip.
A cewar Microsoft game da wannan sabon malware:
UpdateAgent yana siffanta shi ta hanyar sabunta dabarun dagewa a hankali, wani mahimmin fasalin da ke nuna cewa da alama wannan Trojan ɗin zai ci gaba da yin amfani da ingantattun dabaru a sigogin gaba.
Aminta da izini kawai apps
UpdateAgent yana da maɓalli mai rauni idan aka kwatanta da sauran barazanar Mac: yana buƙatar mai amfani don saukar da fayil ɗin mugunta a sarari.
Idan ba ma son kamuwa da wannan malware, yana da kyau kawai ka shigar da apps daga masu haɓakawa da ka amince da su daga Apple da kuma daga Mac App Store. Kar a danna talla ko zazzage kowane app ta hanyar hanyar haɗi.