Awake Security Company za kuzindikira ku Google Chrome, kutumiza zinsinsi za ogwiritsa ntchito kumaseva akunja. Zowonjezerazo zinalinso ndi mwayi wojambula zithunzi, kuwerenga zomwe zili pa clipboard, kusanthula kupezeka kwa zizindikiro zopezeka mu Cookies, ndi kulowetsa zolembera mu mafomu a intaneti. Pazonse, zowonjezera zoyipa zomwe zadziwika zidatsitsa zotsitsa 32.9 miliyoni mu Chrome Web Store, ndipo zodziwika bwino (Search Manager) zidatsitsidwa nthawi 10 miliyoni ndikuphatikiza ndemanga 22.
Zimaganiziridwa kuti zowonjezera zonse zomwe zimaganiziridwa zidakonzedwa ndi gulu limodzi la owukira, popeza onse chiwembu chodziwikiratu chogawa ndikukonzekera kujambulidwa kwachinsinsi, komanso zinthu zomwe zimapangidwira komanso ma code obwerezabwereza. zokhala ndi khodi yoyipa zidayikidwa mu kalozera wa Chrome Store ndipo zidachotsedwa kale pambuyo potumiza chidziwitso chokhudza zoyipa. Zowonjezera zambiri zoyipa zidakopera magwiridwe antchito azowonjezera zotchuka zosiyanasiyana, kuphatikiza zomwe cholinga chake ndikupereka chitetezo chowonjezera cha asakatuli, kuwonjezera chinsinsi chakusaka, kutembenuka kwa PDF, ndikusintha mawonekedwe.
Madivelopa owonjezera adayika koyamba mtundu woyera wopanda khodi yoyipa mu Sitolo ya Chrome, adawunikiridwa ndi anzawo, kenako adawonjezera zosintha zina zomwe zidadzaza ma code oyipa pambuyo poika. Pofuna kubisa zomwe zachitika, njira yoyankhira idagwiritsidwanso ntchito - pempho loyamba lidabweza kutsitsa koyipa, ndipo zopempha zotsatila zidabweza deta yosakayikira.
Njira zazikulu zomwe zowonjezera zoyipa zimafalira ndikupititsa patsogolo mawebusayiti owoneka bwino (monga momwe zilili pachithunzi pansipa) ndikuyika mu Sitolo yapaintaneti ya Chrome, kudutsa njira zotsimikizira kuti mutsitse ma code kuchokera kumasamba akunja. Kuti alambalale zoletsa kukhazikitsa zowonjezera zokha kuchokera ku Chrome Web Store, owukirawo adagawira misonkhano yosiyana ya Chromium yokhala ndi zowonjezera zoyikiratu, ndikuziyikanso kudzera muzotsatsa (Adware) zomwe zilipo kale mudongosolo. Ochita kafukufuku adasanthula maukonde a 100 amakampani azachuma, atolankhani, azachipatala, azamankhwala, mafuta ndi gasi komanso makampani ogulitsa, komanso mabungwe amaphunziro ndi aboma, ndipo adapeza zowonetsa za kukhalapo kwa zowonjezera zoyipa pafupifupi pafupifupi onsewo.
Pa kampeni kugawira njiru zowonjezera, kuposa , kudutsa ndi masamba otchuka (mwachitsanzo, gmaille.com, youtubeunblocked.net, etc.) kapena olembetsedwa pambuyo pa kutha kwa nthawi yokonzanso madomeni omwe analipo kale. Madomeniwa adagwiritsidwanso ntchito poyang'anira zochitika zoyipa ndikutsitsa zoyika za JavaScript zoyipa zomwe zidachitika patsamba lomwe wogwiritsa ntchito adatsegula.
Ofufuzawo akukayikira chiwembu ndi a Galcomm domain registrar, momwe madera 15 zikwizikwi azinthu zoyipa adalembetsedwa (60% ya madambwe onse operekedwa ndi wolembetsayu), koma oyimira a Galcomm. Malingaliro awa adawonetsa kuti 25% ya madambwe omwe adalembedwa adachotsedwa kale kapena sanaperekedwe ndi Galcomm, ndipo ena onse, pafupifupi onse ndi madera oyimitsidwa. Oimira a Galcomm adanenanso kuti palibe amene adalumikizana nawo lipotilo lisanawululidwe, ndipo adalandira mndandanda wa madera omwe amagwiritsidwa ntchito pazinthu zoyipa kuchokera kwa anthu ena ndipo tsopano akuwunika.
Ofufuza omwe adazindikira vutoli akuyerekeza zowonjezera zoyipa ndi rootkit yatsopano - ntchito yayikulu ya ogwiritsa ntchito ambiri imachitika kudzera pa msakatuli, momwe amapezera kusungirako zikalata zogawana, machitidwe azidziwitso zamakampani ndi ntchito zachuma. Zikatero, n'zosamveka kwa owukira kufunafuna njira kusokoneza kwathunthu opaleshoni dongosolo kukhazikitsa zonse unayamba rootkit - n'zosavuta kukhazikitsa njiru osatsegula kuwonjezera pa ndi kulamulira otaya deta chinsinsi kudzera. izo. Kuphatikiza pa kuyang'anira zamayendedwe, zowonjezera zitha kupempha zilolezo kuti mupeze data yapafupi, kamera yapaintaneti, kapena malo. Monga momwe zimasonyezera, ogwiritsa ntchito ambiri salabadira zilolezo zomwe zapemphedwa, ndipo 80% mwazowonjezera zodziwika bwino za 1000 zimapempha mwayi wopeza zidziwitso zamasamba onse okonzedwa.
Source: opennet.ru