ICyber ​​espionage group isebenzisa imbobo yangaphakathi yeWindows ukuhlasela i-OS X

Igciwane kukhodi yohlelo

Iqembu labaduni elaziwa ukuthi belingabaqambi bokuhlaselwa okuhlukahlukene phambilini ngokumelene ne-US Defense Industrial Base, kanye nezinye izinkampani ezibalulekile kulo mkhakha, muva nje usuqalile ukusebenzisa uhlelo olufaka i-backdoor yokuhlasela amasistimu ane-OS X.

Abacwaningi bezokuphepha bakwaFireEye sebevele baphawule nge-blog ngoLwesine ukuthi ikhodi yangemuva yathunyelwa ku-OS X kusuka kufasitela elingaphandle leWindows elisetshenziswe kakhulu ekuhlaselweni okuhlosiwe kule minyaka embalwa edlule, sekuvuselelwe kaningi kunqubo.

Uhlelo olunonya lubizwa nge-XSLCmd futhi luyakwazi ukuvula igobolondo elibuyela emuva lokulawulwa nokudluliswa kwamafayela, kanye nokufakwa kwezinye izinhlelo ezinonya kwikhompyutha enegciwane. Ukuhluka kwe-OS X nakho kungabhalisa ukuchofoza izinkinobho nezithombe-skrini, ngokusho kwabaphenyi beFireEye.

Lapho ifakwa kwi-Mac, le malware iyazifaka ku »/ Library / Logs / clipboardd» naku »HOME / Library / LaunchAgents / clipboardd«. Iphinde idale ifayela le-com.apple.service.clipboardd.plist ukuqinisekisa ukuthi isebenza ngemuva kokuthi uhlelo luqale kabusha. I-malware iqukethe ikhodi ehlola inguqulo ye-OS X, kepha hhayi izinhlobo ezingaphezulu kwe-OS X 10.8 (Mountain Lion). Lokhu kusikisela ukuthi inguqulo 10.8 kungaba uhlobo lokugcina lwe-OS X ngenkathi uhlelo lubhalwa noma okungenani oluvame kakhulu lusetshenziselwa izinhloso zalo ezihlosiwe.

I-XSLCmd backdoor yadalwa futhi yasetshenziswa iqembu le-cyber espionage ebelilokhu likhona isebenza kusukela okungenani ngo-2009 futhi ubizwe ngeGREF ngabaphenyi beFireEye. "Ngokomlando, iGREF ihole izinhlangano ezahlukahlukene, kubandakanya i-United States Defence Industrial Base (DIB), izinkampani ze-elekthronikhi nezobunjiniyela emhlabeni wonke, kanye nezisekelo nezinye izinhlangano ezingekho ngaphansi kukahulumeni, ikakhulukazi lezo ezinezifiso e-Asia.» .

Ngokusho kukaFireEye:

I-OS X isike yathandwa ngamabhizinisi, abasebenzisi abangenalwazi basheshe bazivumelanisa nohlelo olusha futhi bakuthola kulula ukusebenza, ngisho nabasebenzisa ubuchwepheshe obuphezulu basebenzisa izici ezinamandla kakhulu, kanye nabaphathi […] Abantu abaningi futhi bakuthatha njengokuningi ipulatifomu evikelekile yekhompyutha, engaholela emqondweni oyingozi wokuzethemba eminyangweni yomibili ye-IT. Eqinisweni, ngenkathi imboni yezokuphepha isiqalile ukunikela ngemikhiqizo eminingi yezinhlelo ze-OS X, lezi zinhlelo kwesinye isikhathi azilawulwa futhi zibhekwe ezindaweni zebhizinisi kunabalingani bazo beWindows.


Yiba ngowokuqala ukuphawula

Shiya umbono wakho

Ikheli lakho le ngeke ishicilelwe. Ezidingekayo ibhalwe nge *

*

*

  1. Ubhekele imininingwane: Miguel Ángel Gatón
  2. Inhloso yedatha: Lawula Ugaxekile, ukuphathwa kwamazwana.
  3. Ukusemthethweni: Imvume yakho
  4. Ukuxhumana kwemininingwane: Imininingwane ngeke idluliselwe kubantu besithathu ngaphandle kwesibopho esisemthethweni.
  5. Isitoreji sedatha: Idatabase ebanjwe yi-Occentus Networks (EU)
  6. Amalungelo: Nganoma yisiphi isikhathi ungakhawulela, uthole futhi ususe imininingwane yakho.