Masu bincike daga Jami'ar Leiden (Netherlands) sun yi bincike kan amfani da samfuran amfani da jabu a GitHub, wanda ke ɗauke da lambar mugunta da aka tsara don kai hari ga masu amfani da suka yi ƙoƙarin amfani da amfani da amfani don gwada rauni. An yi nazarin jimillar ma'ajiyar amfani da ... injunan kama-da-wane.
An gano manyan nau'ikan ɓarna guda biyu: abubuwan amfani waɗanda ke ɗauke da lambar ɓarna, alal misali, barin ƙofar baya a cikin tsarin, zazzage Trojan, ko haɗa na'ura zuwa botnet, da cin gajiyar tattarawa da aika bayanan sirri game da mai amfani. . Bugu da kari, an kuma gano wani nau'in fa'ida na bogi mara lahani wanda baya yin munanan ayyuka, amma kuma baya ƙunshe da aikin da ake tsammani, misali, ƙirƙira don ɓata ko kuma faɗakar da masu amfani da ke gudanar da lambar da ba a tantance ba daga hanyar sadarwar.
An yi amfani da gwaje-gwaje da yawa don gano munanan ayyuka:
- An yi nazarin lambar amfani da ita don kasancewar jama'a da aka haɗa Adireshin IP, bayan haka an kuma duba adiresoshin da aka gano da bayanan da ke ɗauke da jerin sunayen masu masaukin baki da ake amfani da su don sarrafa botnets da kuma rarraba fayilolin ɓarna.
- Abubuwan amfani da aka kawo a cikin tsari an duba su a cikin software na anti-virus.
- An gano lambar don kasancewar juji na hexadecimal da ba a saba gani ba ko sakawa a cikin tsarin base64, bayan haka an yanke waɗannan abubuwan da aka saka kuma an bincika su.
source: budenet.ru
