Funda ukuthi ungayibona kanjani futhi uyisuse kanjani iThrojani 'yesela' le-bitcoin

Miguel Ángel Juncos

Imizuzu ye-2

i-bitcoin-trojan-Dele-0

Uma ukhumbula esikhathini esedlule, sakhuluma ngokuthi iTrojan entsha yahlelwa kanjani ukweba ama-bitcoins kumakhompyutha anegciwane avele kwinethiwekhi.

Ngokuqondile, iTrojan imayelana OSX/CoinThief futhi isatshalaliswe ngaphansi kwamagama amane ahlukene kuze kube manje kufaka iBitVanity, StealthBit, Bitcoin Ticker TTM, neLitecoin Ticker.

Phakathi kwazo zonke lezi zinhlobonhlobo zamagama siyazi ukuthi lawo ahambelana neBitVanity neStealthBit asatshalaliswa ngeplathifomu yeGithub, ngenkathi I-Bitcoin Ticker TTM neLitecoin Ticker Benze okufanayo ngeThandwa.com nakuMacUpdate.com ngokulandelana.

Into ehlekisayo ukuthi lawa magama akhethwe ezinhlelweni ezisemthethweni ezivela kwi-Mac App Store ngenhloso esobala yokukhohlisa umsebenzisi, noma kunjalo into ebi kakhulu akuyona le kodwa ukuthi uma isebenza ngemuva ifaka isandiso kusiphequluli, noma I-Chrome, iSafari noma iFirefox.

Uma sekufakiwe sizobona okuthile okufana nalokhu 'I-Pop-Up Blocker 1.0.0 ″ kepha akukho okunye okuqhubekayo okuvela eqinisweni, ngoba uzomane uxhumana ukude neseva ukuzama ukuqoqa okhiye bokufinyelela ngokushesha nje lapho ufinyelela iwebhusayithi ehlobene neBitcoin, ushiye inqubo enonya ngemuva isebenza unomphela ngomsebenzi owethulwe.

Ukukuqeda kuzofanele silandele lezi zinyathelo ezilula:

  1. Sizobheka inqubo "com.google.softwareUpdateAgent" nge-Activity Monitor kufolda ye-Utilities.
  2. Bheka ukuthi sinesandiso se- "Pop-Up Blocker" ku-Safari, i-Chrome noma esinye isiphequluli, ngenqubo eshiwo ngenhla ikhona ku-Activity Monitor, kufanele siyisuse.
  3. Sizosebenzisa imiyalo ku-terminal yalokhu, yize ngaphambi kokuthi kufanele sisuse iBitVanity, iStealhBit ... noma yiluphi uhlelo olufakiwe, siludonsele kudoti.
  4. Sivula ukuphela bese sifaka lo myalo:
    launchctl ethula ~ / Library / LaunchAgents / com.google.softwareUpdateAgent.plist
    Lokhu kuzomisa inqubo enonya leyo ugijima ngemuva noma kungenzeka ukuthi ibuyisa okuthi "Alikho lelo fayela noma umkhombandlela, akukho okutholakele ukulayishwa" ngakho-ke kuzokhombisa ukuthi inqubo esetshenzisiwe ayisebenzi yize inganele ukuyibheka.
  5. Isinyathelo esilandelayo ukuhambisa ifayili noma i-malware uqobo kudeskithophu bese uyisusa ngokuyihudulela kudoti ngomyalo olandelayo:
    mv ~ / Library / Support Support / .com.google.softwareUpdateAgent ~ / Desktop / com.google.softwareUpdateAgent
  6. Ekugcineni kuzofanele senze kuphela hamba kudeskithophu futhi nefayela eliqalisa ukwethulwa, okuyinqubo yangemuva exhumana neseva ekude:
    mv ~ / Library / LaunchAgents / com.google.softwareUpdateAgent.plist ~ / Desktop / com.google.softwareUpdateAgent.plist

Kusele ukuqeda kuphela noma yimuphi umkhondo wesandiso kusiphequluli se-Pop-Up Blocker futhi sizobe sikulungele ukudlulisa amehlo 'ngokukhululeka kakhudlwana'.

Imininingwane engaphezulu - Kuvela iTrojan ekwazi ukweba amaBitcoins kuma-Macs


Shiya umbono wakho

Ikheli lakho le ngeke ishicilelwe. Ezidingekayo ibhalwe nge *

*

*

  1. Ubhekele imininingwane: Miguel Ángel Gatón
  2. Inhloso yedatha: Lawula Ugaxekile, ukuphathwa kwamazwana.
  3. Ukusemthethweni: Imvume yakho
  4. Ukuxhumana kwemininingwane: Imininingwane ngeke idluliselwe kubantu besithathu ngaphandle kwesibopho esisemthethweni.
  5. Isitoreji sedatha: Idatabase ebanjwe yi-Occentus Networks (EU)
  6. Amalungelo: Nganoma yisiphi isikhathi ungakhawulela, uthole futhi ususe imininingwane yakho.