Kwararru kan harkokin tsaro na Microsoft sun gargadi masu amfani da su game da hare-haren da wani mai hakar ma'adinan cryptocurrency mai suna Dexhot, ke kai hari kan kwamfutocin Windows tun watan Oktoban bara. An yi rikodin ayyukan malware a cikin watan Yuni na wannan shekara, lokacin da fiye da kwamfutoci 80 a duniya suka kamu da cutar.
Rahoton ya bayyana cewa don kutsawa cikin kwamfutocin da abin ya shafa, malware na amfani da hanyoyi daban-daban don ketare kariyar, da suka hada da rufa-rufa, rufa-rufa, da yin amfani da sunayen fayilolin bazuwar don ɓoye tsarin shigarwa. Hakanan an san cewa mai hakar ma'adinai ba ya amfani da kowane fayiloli yayin aiwatar da farawa, yana aiwatar da lambar ƙeta kai tsaye a cikin ƙwaƙwalwar ajiya. Saboda haka, yana barin ƴan alamun da za a rubuta kasancewarsa. Don guje wa ganowa, Dexphot yana satar halaltattun hanyoyin Windows, gami da unzip.exe, rundll32.exe, msiexec.exe, da sauransu.
Idan mai amfani ya yi ƙoƙarin cire malware daga kwamfuta, ana kunna ayyukan sa ido kuma an fara kamuwa da cuta. Rahoton ya lura cewa an sanya Dexphot akan kwamfutocin da suka riga sun kamu da cutar. A matsayin wani ɓangare na yaƙin neman zaɓe na yanzu, malware ya kai ga tsarin da suka kamu da ƙwayar cuta ta ICLoader. Ana sauke nau'ikan ƙeta daga URL da yawa, waɗanda kuma ana amfani da su don sabunta malware da aiwatar da sake kamuwa da cuta.
"Dexhot ba shine nau'in harin da ke jan hankalin kafofin watsa labarai ba. Wannan na ɗaya daga cikin yaƙin neman zaɓe da aka daɗe ana yi. Manufarta ta yadu a cikin da'irar masu aikata laifuka ta yanar gizo kuma tana tasowa don shigar da ma'adinan cryptocurrency wanda ke amfani da albarkatun kwamfuta a asirce don amfanin maharan," in ji Microsoft Defender ATP malware Analyst Hazel Kim.
source: 3dnews.ru