tare da toshe jerin ɓarna add-ons zuwa Chrome browser, wanda ya shafi miliyoyin masu amfani. A mataki na farko, mai bincike mai zaman kanta Jamila Kaya () da Duo Security sun gano 71 add-ons na mugunta a cikin Shagon Yanar Gizon Chrome. Gabaɗaya, waɗannan add-on ɗin sun haɗa sama da shigarwa miliyan 1.7. Bayan sanar da Google game da matsalar, an sami irin wannan add-ons fiye da 430 a cikin kundin, wanda ba a ba da rahoton adadin abubuwan da aka shigar ba.
Musamman ma, duk da ban sha'awa yawan shigarwar, babu ɗayan ƙararrakin da ke da matsala da ke da sake dubawar mai amfani, yana tayar da tambayoyi game da yadda aka shigar da add-kan da kuma yadda ba a gano mugun aiki ba. An cire duk abubuwan da ke da matsala yanzu daga Shagon Yanar Gizon Chrome.
A cewar masu binciken, munanan ayyuka masu alaƙa da katange add-ons suna gudana tun watan Janairu 2019, amma kowane yanki da aka yi amfani da su don yin munanan ayyukan an yi rajista a cikin 2017.
Ga mafi yawancin, an gabatar da add-ons masu ɓarna azaman kayan aiki don haɓaka samfura da shiga ayyukan talla (mai amfani yana kallon tallace-tallace kuma yana karɓar sarauta). Add-ons sun yi amfani da dabarar turawa zuwa shafukan da aka tallata lokacin buɗe shafuka, waɗanda aka nuna a cikin sarkar kafin a nuna rukunin da ake buƙata.
Duk add-ons sun yi amfani da dabara iri ɗaya don ɓoye ayyukan ɓarna da ƙetare hanyoyin tabbatar da ƙari a cikin Shagon Yanar Gizon Chrome. Lambar don duk add-ons kusan iri ɗaya ne a matakin tushe, ban da sunayen ayyuka, waɗanda suka keɓanta a kowane ƙari. An watsa ma'anar ƙeta daga sabar kulawa ta tsakiya. Da farko, an haɗa add-on zuwa yankin da ke da suna iri ɗaya da sunan ƙara (misali, Mapstrek.com), bayan haka an tura shi zuwa ɗaya daga cikin sabar masu sarrafawa, wanda ya ba da rubutun don ƙarin ayyuka. .
Wasu daga cikin ayyukan da aka yi ta hanyar add-ons sun haɗa da loda bayanan mai amfani na sirri zuwa uwar garken waje, tura zuwa shafukan yanar gizo da kuma shiga cikin shigar da mugayen aikace-aikacen (misali, ana nuna saƙo cewa kwamfutar ta kamu da cutar kuma ana ba da malware a ƙarƙashinsa. rigar riga-kafi ko sabunta browser). Wuraren da aka yi turawa sun haɗa da wurare daban-daban na phishing da shafuka don yin amfani da abubuwan binciken da ba a sabunta su ba waɗanda ke ɗauke da lahani marasa lahani (misali, bayan an yi amfani da su, an yi ƙoƙarin shigar da malware wanda ya katse maɓallan shiga da kuma bincikar canja wurin bayanan sirri ta hanyar allo).
source: budenet.ru