Wolemba msakatuli wa Pale Moon Zambiri zokhuza kusokoneza kwa seva ya archive.palemoon.org, yomwe idasunga zakale zomwe zatulutsidwa m'mbuyomu mpaka kuphatikiza mtundu 27.6.2. Panthawi ya kuthyolako, owukirawo adawononga mafayilo onse omwe angathe kuchitidwa ndi Pale Moon installers a Windows omwe ali pa seva ndi pulogalamu yaumbanda. Malinga ndi deta yoyambirira, kulowetsa pulogalamu yaumbanda kunachitika pa Disembala 27, 2017, ndipo kudadziwika pa Julayi 9, 2019, i.e. anakhalabe osadziΕ΅ika kwa chaka chimodzi ndi theka.
Seva yomwe ili ndi vuto ilibe pa intaneti kuti ifufuzidwe. Seva yomwe zatulutsidwa posachedwa
Pale Moon sichimakhudzidwa, vutoli limangokhudza mitundu yakale ya Windows yomwe idayikidwa kuchokera kumalo osungirako zakale (zotulutsa zimasunthidwa kumalo osungirako zakale pomwe mitundu yatsopano imatulutsidwa). Panthawi ya kuthyolako, seva inali kuyendetsa Windows ndipo inkagwira ntchito pamakina obwerekedwa kuchokera kwa Frantech/BuyVM. Sizikudziwikabe kuti ndi chiwopsezo chanji chomwe chinagwiritsidwa ntchito komanso ngati chinali cha Windows kapena chinakhudza ma seva ena a chipani chachitatu.
Atapeza mwayi, owukirawo adasankhira mafayilo onse a exe okhudzana ndi Pale Moon (oyimitsa ndi zosunga zakale) ndi pulogalamu ya Trojan. , cholinga chobera cryptocurrency posintha ma adilesi a bitcoin pa clipboard. Mafayilo omwe angagwiritsidwe ntchito mkati mwa zip zakale samakhudzidwa. Zosintha kwa okhazikitsa zitha kuzindikirika ndi wogwiritsa ntchito poyang'ana masiginecha a digito kapena ma SHA256 hashes omwe ali pamafayilo. Pulogalamu yaumbanda yomwe imagwiritsidwa ntchito ndi yabwinonso ma antivayirasi ambiri amakono.
Pa Meyi 26, 2019, panthawi yachitetezo cha owukira (sizikudziwika ngati awa anali owukira omwewo monga momwe adawonongera koyamba kapena ena), magwiridwe antchito a archive.palemoon.org adasokonekera - wolandilayo sanathe. kuti muyambitsenso, ndipo deta inawonongeka. Izi zinaphatikizapo kutayika kwa zipika zamakina, zomwe zikanaphatikizapo tsatanetsatane watsatanetsatane wosonyeza mtundu wa chiwembucho. Panthawi ya kulephera kumeneku, olamulira sankadziwa za kunyengerera ndipo adabwezeretsanso malo osungiramo zinthu zakale pogwiritsa ntchito malo atsopano a CentOS ndikusintha kutsitsa kwa FTP ndi HTTP. Popeza chochitikacho sichinazindikiridwe, mafayilo ochokera ku zosunga zobwezeretsera omwe anali ndi kachilombo kale adasamutsidwa ku seva yatsopano.
Kusanthula zifukwa zomwe zingayambitse kunyengerera, zikuganiziridwa kuti omwe akuwukirawo adapeza mwayi pongoyerekeza mawu achinsinsi ku akaunti ya ogwira ntchito, kupeza mwayi wolumikizana ndi seva, kuukira hypervisor kuti athe kuwongolera makina ena enieni, kubera gulu lowongolera ukonde. , kusokoneza gawo lakutali la desktop (protocol ya RDP idagwiritsidwa ntchito) kapena kugwiritsa ntchito chiwopsezo cha Windows Server. Zoyipazo zidachitika kwanuko pa seva pogwiritsa ntchito script kuti asinthe mafayilo omwe atha kuchitika, m'malo mowatsitsanso kuchokera kunja.
Wolemba pulojekitiyo akuti ndi iye yekha amene anali ndi mwayi wowongolera dongosolo, mwayi wofikira unali wochepera ku adilesi imodzi ya IP, ndipo Windows OS yoyambira idasinthidwa ndikutetezedwa ku ziwonetsero zakunja. Panthawi imodzimodziyo, ndondomeko za RDP ndi FTP zinagwiritsidwa ntchito popita kutali, ndipo mapulogalamu omwe angakhale osatetezeka anayambika pamakina enieni, omwe angayambitse kuwononga. Komabe, mlembi wa Pale Moon amakonda kukhulupirira kuti kuthyolako kudachitika chifukwa chosakwanira chitetezo cha makina opangira makina operekera (mwachitsanzo, nthawi ina, posankha mawu achinsinsi osatetezeka ogwiritsa ntchito mawonekedwe owongolera a virtualization. OpenSSL tsamba).
Source: opennet.ru