Nkhani yakuchotsedwa m'nkhokwe ya NPM ya mapaketi atatu oyipa omwe adakopera ma code laibulale ya UAParser.js idalandira kupitiliza mosayembekezeka - owukira osadziwika adalanda akaunti ya wolemba projekiti ya UAParser.js ndikutulutsa zosintha zomwe zili ndi code ya kuba mapasiwedi ndi migodi cryptocurrencies.
Vuto ndiloti laibulale ya UAParser.js, yomwe imapereka ntchito zowerengera mutu wa User-Agent HTTP, imakhala ndi zotsitsa pafupifupi 8 miliyoni pa sabata ndipo imagwiritsidwa ntchito ngati kudalira ntchito zoposa 1200. Zimanenedwa kuti UAParser.js imagwiritsidwa ntchito m'makampani monga Microsoft, Amazon, Facebook, Slack, Discord, Mozilla, Apple, ProtonMail, Autodesk, Reddit, Vimeo, Uber, Dell, IBM, Siemens, Oracle, HP ndi Verison. .
Kuwukiraku kunachitika kudzera mukubedwa kwa akaunti ya wopanga projekitiyo, yemwe adazindikira kuti china chake chalakwika pambuyo poti sipamu yachilendo idagwera mubokosi lake la makalata. Sizikudziwika kuti akaunti ya wopangayo idaberedwa bwanji. Owukirawo adapanga zotulutsa 0.7.29, 0.8.0 ndi 1.0.0, ndikubweretsa code yoyipa mwa iwo. M'maola ochepa chabe, okonzawo adayambiranso ntchitoyo ndipo adapanga zosintha 0.7.30, 0.8.1 ndi 1.0.1 kuti athetse vutoli. Mabaibulo oyipa adasindikizidwa ngati mapaketi omwe ali m'nkhokwe ya NPM. Chosungira cha Git cha polojekitiyi pa GitHub sichinakhudzidwe. Ogwiritsa ntchito onse omwe adayika matembenuzidwe ovuta, ngati apeza fayilo ya jsextension pa Linux/macOS, ndi mafayilo a jsextension.exe ndi create.dll pa Windows, akulangizidwa kuti aganizire kuti dongosololi lidasokoneza.
Zosintha zoipa zomwe zidawonjezeredwa zinali kukumbukira zosintha zomwe zidapangidwa kale mu ma clones a UAParser.js, omwe adawoneka kuti amamasulidwa kuti ayese ntchito asanayambe kuukira kwakukulu kwa polojekiti yayikulu. Fayilo yoyeserera ya jsextension idatsitsidwa ndikukhazikitsidwa pakompyuta ya wogwiritsa ntchito kuchokera kwa wolandila wakunja, yemwe adasankhidwa kutengera nsanja ya wogwiritsa ntchito komanso ntchito yothandizira pa Linux, macOS ndi Windows. Kwa nsanja ya Windows, kuwonjezera pa pulogalamu yopangira migodi ya Monero cryptocurrency (mgodi wa XMRig adagwiritsidwa ntchito), owukirawo adakonzanso kuyambitsa laibulale ya create.dll kuti atseke mapasiwedi ndikuwatumiza kwa wolandila kunja.
Khodi yotsitsa idawonjezedwa kufayilo ya preinstall.sh, pomwe choyikapo IP=$(curl -k https://freegeoip.app/xml/ | grep 'RU|UA|BY|KZ') ngati [ -z " $ IP" ] ... tsitsani ndikuyendetsa fayilo yomwe mungathe kuchita fi
Monga momwe zikuwonekera kuchokera ku code, script idayang'ana kaye adilesi ya IP mu ntchito ya freegeoip.app ndipo sinayambitse pulogalamu yoyipa kwa ogwiritsa ntchito ochokera ku Russia, Ukraine, Belarus ndi Kazakhstan.
Source: opennet.ru