Kaspersky Lab ya gano wani mugun kayan aiki mai suna Reductor, wanda ke ba ka damar zubar da janareta na lambar bazuwar da ake amfani da shi don rufaffen bayanai yayin watsa shi daga mai lilo zuwa shafukan HTTPS. Wannan yana buɗe kofa ga maharan don yin leken asiri akan ayyukan burauzar su ba tare da mai amfani ya sani ba. Bugu da kari, samfuran da aka samo sun haɗa da ayyukan gudanarwa na nesa, wanda ke haɓaka ƙarfin wannan software.
Ta hanyar amfani da wannan kayan aiki, maharan sun gudanar da ayyukan leƙen asiri ta yanar gizo akan ayyukan diflomasiyya a cikin ƙasashen CIS, galibi suna lura da zirga-zirgar masu amfani.
Shigar da malware yana faruwa ne musamman ta hanyar amfani da shirin qeta na COMPfun, wanda a baya aka gano a matsayin kayan aiki na rukunin yanar gizo na Turla, ko kuma ta hanyar musanya software mai “tsabta” yayin zazzagewa daga halaltacciyar hanya zuwa kwamfutar mai amfani. Wataƙila wannan yana nufin cewa maharan suna da iko akan tashar hanyar sadarwar wanda aka azabtar.
“Wannan shi ne karo na farko da muka ci karo da irin wannan nau’in malware, wanda ke ba mu damar tsallake boye-boye na browser kuma mu kasance ba a gano su ba na dogon lokaci. Matsayinsa na rikitarwa yana nuna cewa masu ƙirƙirar Reductor ƙwararrun ƙwararru ne. Sau da yawa irin waɗannan malware ana ƙirƙira su tare da tallafin gwamnati. Koyaya, ba mu da shaidar cewa Reductor yana da alaƙa da kowane takamaiman rukunin yanar gizo, ”in ji Kurt Baumgartner, babban ƙwararriyar riga-kafi a Kaspersky Lab.
Duk mafita na Kaspersky Lab sun sami nasarar ganewa da toshe shirin Reductor. Don guje wa kamuwa da cuta, Kaspersky Lab yana ba da shawarar:
- gudanar da bincike na tsaro akai-akai na kayan aikin IT na kamfanoni;
- shigar da ingantaccen bayani na tsaro tare da sashin kariya na barazanar yanar gizo wanda ke ba ku damar ganewa da toshe barazanar da ke ƙoƙarin kutsawa cikin tsarin ta hanyar rufaffiyar tashoshi, kamar Kaspersky Security don Kasuwanci, da kuma matakin matakin kasuwanci wanda ke gano hadaddun barazanar a matakin cibiyar sadarwa a matakin farko, misali Kaspersky Anti Targeted Attack Platform;
- haɗa ƙungiyar SOC zuwa tsarin leƙen asiri na barazanar ta yadda za ta sami damar samun damar samun bayanai game da sabbin dabaru da dabarun da maharan ke amfani da su;
- gudanar da horo akai-akai don inganta ilimin dijital na ma'aikata.
source: 3dnews.ru