Doctor Web apeza chotsitsa cha Trojan pamndandanda wovomerezeka wa mapulogalamu a Android omwe amatha kulembetsa okha ogwiritsa ntchito omwe amalipidwa. Openda ma virus apeza zosintha zingapo za pulogalamu yoyipayi, yotchedwa , и . Kuti abise cholinga chawo chenicheni komanso kuchepetsa mwayi wopezeka ndi Trojan, owukira adagwiritsa ntchito njira zingapo.
Choyamba, anamanga makina odulira m’mapulogalamu opanda vuto—makamera ndi zosonkhanitsira zithunzi—zimene zinagwira ntchito imene anafuna. Chotsatira chake, panalibe chifukwa chomveka choti ogwiritsa ntchito ndi akatswiri achitetezo azidziwitso aziwona ngati zowopseza.
Chachiwiri, pulogalamu yaumbanda yonse idatetezedwa ndi phukusi la Jiagu lamalonda, lomwe limasokoneza kuzindikira ndi ma antivayirasi ndikusokoneza kusanthula kwamakhodi. Mwanjira iyi, Trojan inali ndi mwayi wabwinoko wopewa kuzindikirika ndi chitetezo chokhazikika cha bukhu la Google Play.
Chachitatu, olemba ma virus adayesa kubisa Trojan ngati malaibulale odziwika bwino otsatsa komanso owunikira. Akangowonjezeredwa ku mapulogalamu onyamula, adamangidwa mu ma SDK omwe alipo kuchokera ku Facebook ndi Kusintha, kubisala pakati pa zigawo zawo.
Kuphatikiza apo, wodulitsayo adawukira ogwiritsa ntchito mwachisawawa: sichinachite chilichonse choyipa ngati wozunzidwayo sanali wokhala m'modzi mwa mayiko omwe ali ndi chidwi ndi omwe akuukirawo.
M'munsimu muli zitsanzo za mapulogalamu omwe ali ndi Trojan ophatikizidwamo:
Mukakhazikitsa ndikuyambitsa chodulira (pambuyo pake, kusinthidwa kwake kudzagwiritsidwa ntchito ngati chitsanzo ) amayesa kupeza zidziwitso zamakina ogwiritsira ntchito powonetsa zotsatirazi:
Ngati wogwiritsa ntchito avomereza kuti amupatse zilolezo zofunika, Trojan azitha kubisa zidziwitso zonse za ma SMS omwe akubwera ndikulandila mameseji.
Kenako, choduliracho chimatumiza chidziwitso chaukadaulo chokhudza chipangizocho ku seva yowongolera ndikuwunika nambala ya SIM khadi ya wozunzidwayo. Ngati zikugwirizana ndi limodzi mwa mayiko omwe akuyembekezeredwa, imatumiza ku seva zambiri za nambala yafoni yolumikizidwa nayo. Nthawi yomweyo, chotsitsacho chimawonetsa ogwiritsa ntchito kuchokera kumayiko ena zenera lachinyengo pomwe amawapempha kuti alembe nambala kapena kulowa muakaunti yawo ya Google:
Ngati SIM khadi ya wozunzidwayo siili ya dziko lachidwi kwa omwe akuukira, Trojan sachitapo kanthu ndikuyimitsa ntchito yake yoyipa. Zosintha zofufuzidwa za anthu okhala m'maiko otsatirawa:
- Austria
- Italy
- France
- Таиланд
- Малайзия
- Germany
- Qatar
- Poland
- Greece
- Ireland
Pambuyo potumiza zambiri za nambala amadikirira malamulo kuchokera ku seva yoyang'anira. Imatumiza ntchito ku Trojan, yomwe ili ndi ma adilesi amasamba kuti mutsitse ndikuyika mu mtundu wa JavaScript. Khodi iyi imagwiritsidwa ntchito kuwongolera munthu amene akudina kudzera mu JavascriptInterface, kuwonetsa mauthenga a pop-up pachipangizo, kudina pamasamba, ndi zina.
Nditalandira adilesi ya webusayiti, imatsegula mu WebView yosaoneka, pomwe JavaScript yovomerezeka kale yokhala ndi magawo odina imayikidwanso. Mukatsegula tsamba lawebusayiti ndi ntchito yolipira, Trojan imangodinanso maulalo ndi mabatani oyenera. Kenako, amalandira manambala otsimikizira kuchokera ku SMS ndikutsimikizira paokha kulembetsa.
Ngakhale kuti clicker ilibe ntchito yogwira ntchito ndi SMS ndikupeza mauthenga, imadutsa malire awa. Zimakhala chonchi. Ntchito ya Trojan imayang'anira zidziwitso kuchokera ku pulogalamuyo, yomwe mwachisawawa imapatsidwa ntchito ndi SMS. Uthenga ukafika, ntchitoyo imabisa zidziwitso zofananira. Kenako imatulutsa zambiri za SMS yomwe idalandira kuchokera pamenepo ndikuitumiza kwa wolandila wa Trojan. Zotsatira zake, wogwiritsa ntchito sawona zidziwitso za SMS yomwe ikubwera ndipo sakudziwa zomwe zikuchitika. Amaphunzira za kulembetsa ntchito pokhapokha ndalama zikayamba kutha kuchokera ku akaunti yake, kapena pamene akupita ku mauthenga a mauthenga ndikuwona ma SMS okhudzana ndi utumiki wapamwamba.
Akatswiri a Doctor Web atalumikizana ndi Google, mapulogalamu oyipa omwe adapezeka adachotsedwa pa Google Play. Zosintha zonse zodziwika za clicker iyi zadziwika bwino ndikuchotsedwa ndi mankhwala a Dr.Web odana ndi ma virus a Android ndipo chifukwa chake siziwopsyeza ogwiritsa ntchito athu.
Source: www.habr.com