Zadziwika za ntchito yomwe ikukula ya FANTA Trojan, yomwe imaukira eni ake a zida za Android pogwiritsa ntchito ma intaneti osiyanasiyana, kuphatikiza Avito, AliExpress ndi Yula.
Izi zidanenedwa ndi oimira Gulu la IB, omwe akuchita kafukufuku pankhani yachitetezo chazidziwitso. Akatswiri adalemba kampeni ina pogwiritsa ntchito FANTA Trojan, yomwe imagwiritsidwa ntchito kuukira makasitomala a mabanki 70, njira zolipirira, ndi zikwama zapaintaneti. Choyamba, kampeniyi imayang'ana ogwiritsa ntchito omwe amakhala ku Russia ndi mayiko ena a CIS. Kuphatikiza apo, Trojan imayang'ana anthu omwe amatumiza zotsatsa zogula ndi zogulitsa papulatifomu yotchuka ya Avito. Malinga ndi akatswiri, chaka chino chokha kuwonongeka kwa FANTA Trojan kwa anthu aku Russia ndi pafupifupi ma ruble 35 miliyoni.
Ofufuza a Gulu IB adapeza kuti kuwonjezera pa Avito, Android Trojan imayang'ana ogwiritsa ntchito mautumiki ambiri otchuka, kuphatikizapo Yula, AliExpress, Trivago, Pandao, ndi zina zotero. Chiwembu chachinyengo chimaphatikizapo kugwiritsa ntchito masamba a phishing omwe amabisika ndi otsutsa ngati mawebusaiti enieni.
Pambuyo potsatsa malondawo, wozunzidwayo amalandira uthenga wa SMS wosonyeza kuti mtengo wonse wa katunduyo udzasamutsidwa. Kuti muwone zambiri, chonde tsatirani ulalo womwe walumikizidwa ndi uthengawo. Pamapeto pake, wozunzidwayo amathera pa tsamba la phishing, lomwe limawoneka mosiyana ndi masamba a Avito. Pambuyo powonera deta ndikudina batani la "Pitirizani", APK yoyipa FANTA imatsitsidwa ku chipangizo cha wogwiritsa ntchito, akuwoneka ngati pulogalamu yam'manja ya Avito.
Kenako, Trojan imazindikira mtundu wa chipangizocho ndikuwonetsa uthenga pazenera wosonyeza kuti kulephera kwadongosolo kwachitika. Zenera la System Security limawonetsedwa, kupangitsa wogwiritsa ntchito kulola pulogalamuyo kuti ipeze AccessibilityService. Atalandira chilolezo ichi, Trojan, popanda thandizo lakunja, amapeza ufulu wochita zinthu zina m'dongosolo, kuyerekezera makiyi kuti achite izi.
Akatswiri amazindikira kuti opanga Trojan adapereka chidwi kwambiri pakuphatikiza zida zomwe zimalola FANTA kudutsa njira zothana ndi ma virus za Android. Mukayika, Trojan imalepheretsa wogwiritsa ntchito kuyambitsa mapulogalamu monga Clean, MIUI Security, Kaspersky Antivirus AppLock & Web Security Beta, Dr.Web Mobile Control, etc.
Source: 3dnews.ru