Zaj dab neeg ntawm kev tshem tawm los ntawm NPM repository ntawm peb lub pob tsis zoo uas tau theej cov cai ntawm UAParser.js lub tsev qiv ntawv tau txais kev npaj txhij txog txuas ntxiv - tsis paub tus neeg tawm tsam tau txeeb tswj hwm tus account ntawm tus sau ntawm UAParser.js qhov project thiab tso tawm cov hloov tshiab uas muaj cov cai rau nyiag passwords thiab mining cryptocurrencies.
Qhov teeb meem yog tias UAParser.js lub tsev qiv ntawv, uas muaj cov haujlwm rau kev txheeb xyuas tus neeg siv-tus neeg saib xyuas HTTP header, muaj txog 8 lab rub tawm hauv ib lub lis piam thiab siv los ua kev vam khom hauv ntau dua 1200 qhov haujlwm. Nws tau hais tias UAParser.js yog siv rau hauv cov haujlwm ntawm cov tuam txhab xws li Microsoft, Amazon, Facebook, Slack, Discord, Mozilla, Apple, ProtonMail, Autodesk, Reddit, Vimeo, Uber, Dell, IBM, Siemens, Oracle, HP thiab Verison .
Qhov kev tawm tsam tau ua tiav los ntawm kev nyiag ntawm tus as khauj ntawm tus tsim tawm qhov project, uas pom tau tias muaj qee yam tsis raug tom qab ib qho txawv txav ntawm spam poob rau hauv nws lub thawv ntawv. Yuav ua li cas raws nraim tus tsim tawm tus account raug hacked yog tsis qhia. Cov neeg tawm tsam tsim tawm 0.7.29, 0.8.0 thiab 1.0.0, qhia cov lej tsis zoo rau lawv. Tsis pub dhau ob peb teev, cov neeg tsim khoom tau txais kev tswj hwm ntawm qhov project thiab tsim cov kev hloov tshiab 0.7.30, 0.8.1 thiab 1.0.1 los kho qhov teeb meem. Cov ntawv phem tau tshaj tawm tsuas yog raws li pob khoom hauv NPM chaw cia khoom. Qhov project Git repository ntawm GitHub tsis cuam tshuam. Txhua tus neeg siv uas tau teeb tsa cov teeb meem versions, yog tias lawv pom cov ntaub ntawv jsextension ntawm Linux / macOS, thiab jsextension.exe thiab create.dll cov ntaub ntawv ntawm Windows, raug qhia kom xav txog qhov system cuam tshuam.
Cov kev hloov pauv tsis zoo ntxiv tau nco txog cov kev hloov pauv yav dhau los tau npaj tseg hauv clones ntawm UAParser.js, uas tau tshwm sim tau tso tawm los sim ua haujlwm ua ntej tshaj tawm qhov kev tawm tsam loj ntawm qhov haujlwm tseem ceeb. jsextension executable cov ntaub ntawv tau rub tawm thiab tso tawm mus rau tus neeg siv lub kaw lus los ntawm tus tswv tsev sab nraud, uas tau xaiv nyob ntawm tus neeg siv lub platform thiab txhawb kev ua haujlwm ntawm Linux, macOS thiab Windows. Rau lub Windows platform, ntxiv rau qhov kev pab cuam rau mining lub Monero cryptocurrency (lub XMRig miner tau siv), cov neeg tawm tsam kuj tau teeb tsa cov kev taw qhia ntawm lub tsev qiv ntawv create.dll los cuam tshuam cov passwords thiab xa lawv mus rau lwm tus tswv tsev.
Cov lej rub tawm tau ntxiv rau cov ntaub ntawv preinstall.sh, hauv qhov ntxig IP = $ (curl -k https://freegeoip.app/xml/ | grep 'RU|UA|BY|KZ') yog [ -z " $ IP" ] ... rub tawm thiab khiav cov ntaub ntawv executable fi
Raws li tuaj yeem pom los ntawm cov cai, tsab ntawv thawj zaug tau kuaj xyuas tus IP chaw nyob hauv qhov kev pabcuam freegeoip.app thiab tsis tau tso tawm daim ntawv thov phem rau cov neeg siv los ntawm Russia, Ukraine, Belarus thiab Kazakhstan.
Tau qhov twg los: opennet.ru