An gano wannan amfani ta kamfanin Malwarebytes, ɗayan sanannu dangane da binciken ɓarnatar software, ya faɗi a cikin sanarwa cewa gano mai saka malware wanda zai yi amfani da sabon fasalin shigar da kurakurai da aka gabatar a cikin sabon juzu'in OS X.
Musamman, zaku sami izini-matakin izini ta hanyar gyaran fayil ɗin sudoers na Mac ɗin da ake tambaya, barin shi mara kariya kuma a buɗe don shigar da adware kamar VSearch, bambancin Genieo, da MacKeeper.
Mun bar maganganun zahiri na Malwarebytes a ƙasa:
Kamar yadda kake gani daga lambar yanki da aka nuna anan, rubutun ya fashe yanayin rashin lafiyar DYLD_PRINT_TO_FILE wanda ke rubutawa fayil sannan a aiwatar dashi. An cire wani ɓangare na gyare-gyaren lokacin da kawai ya rubuta zuwa fayil ɗin.
Babban ɓangare na wannan gyare-gyaren ya ta'allaka ne a cikin fayil ɗin sudoers. Rubutun ya canza canji wanda zai ba da izinin yin umarnin harsashi azaman tushe ta amfani da sudo, ba tare da abin da ake buƙata don shigar da kalmar sirri ba.
Rubutun sannan yayi amfani da sabon halin rashin kalmar sirri na sudo don ƙaddamar da aikace-aikacen VSInstaller, wanda aka samo a cikin ɓoyayyen kundin adireshi a cikin hoton diski na mai sakawa, yana ba shi izini na babba kuma ta haka ne ikon sanya komai a ko'ina. (Wannan aikace-aikacen yana da alhakin girka adreshin VSearch.)
Ars Technica ya fara ba da rahoto game da wannan kwaro da aka gano ta mai bincike Stefan Esser makon da ya gabata, yana cewa masu haɓaka ba za su iya amfani da ladabi na tsaro na OS X tare da dyld ba. Esser ya ce yanayin rashin lafiyar yana nan cikin yanayin Apple na yanzu na OS X 10.10.4 kuma a cikin beta na kwanan nan na OS X 10.10.5, ba a cikin OS X 10.11 ba.
