Awake Security Company nezvekuzivisa kuGoogle Chrome, kutumira zvakavanzika zvemushandisi data kumaseva ekunze. Iwo ma-add-ons zvakare aiwana mukana wekutora zvidzitiro, kuverenga zviri mukati me clipboard, kuongorora kuvepo kwematokeni ekuwana muCookie, uye kutora mapindiro mumafomu ewebhu. Pakazara, iwo akawedzera hutsinye akawonekwa anosvika 32.9 miriyoni kudhawunirodha muChrome Web Store, uye inonyanya kufarirwa (Search Manager) yakatorwa kanosvika miriyoni gumi uye inosanganisira zviuru makumi maviri nezviviri zveongororo.
Zvinofungidzirwa kuti zvese zvinotariswa zvekuwedzera zvakagadzirirwa neboka rimwe revanorwisa, sezvo mune zvese chirongwa chakajairwa chekugovera uye kuronga kubatwa kwechakavanzika data, pamwe neyakajairwa dhizaini zvinhu uye yakadzokororwa kodhi. nekodhi yakaipa yakaiswa mukatalogi yeChitoro cheChrome uye yakatodzimwa mushure mekutumira chiziviso nezvekuita kwakashata. Mazhinji ekuwedzera ane hutsinye akateedzera mashandiro eakasiyana-siyana akakurumbira ekuwedzera, kusanganisira ayo ane chinangwa chekuwedzera chengetedzo yebrowser, kuwedzera kuvanzika kwekutsvaga, kushandurwa kwePDF, uye kushandura fomati.
Vagadziri vekuwedzera vakatanga kutumira vhezheni yakachena isina kodhi yakashata muChitoro cheChrome, vakaongororwa nevezera ravo, vobva vawedzera shanduko mune imwe yezvigadziriso yakaisa kodhi yakaipa mushure mekuiswa. Kuvanza zvisaririra zvezviitwa zvakashata, nzira yekupindura yakasarudzika yakashandiswawo - chikumbiro chekutanga chakadzosera kurodha kwakashata, uye zvikumbiro zvakatevera zvakadzosa data risingafungidzirwe.
Nzira huru dzekuparadzira kwakashata kuri kuburikidza nekusimudzirwa kwemasaiti anotaridzika (sepamufananidzo pazasi) uye kuiswa muChrome Web Store, nekupfuura nzira dzekuongorora dzekuzotevera kudhawunirodha kodhi kubva kune ekunze masaiti. Kupfuura zvirambidzo pakuisa ma-add-ons chete kubva kuChrome Web Store, vapanduki vakagovera magungano akaparadzana eChromium ane pre-akaiswa ma-add-ons, uye akaaisawo kuburikidza nekushambadzira maapplication (Adware) atovepo muhurongwa. Vatsvakurudzi vakaongorora makambani e100 emari, midhiya, mishonga, mishonga, mafuta negasi uye makambani ekutengesa, pamwe chete nemasangano edzidzo nehurumende, uye vakawana maratidziro ehuvepo hwekuwedzera kwakashata mune inenge yose.
Munguva yemushandirapamwe wekuparadzira zvakashata-add-ons, kupfuura , kupindirana nemasaiti akakurumbira (semuenzaniso, gmaille.com, youtubeunblocked.net, nezvimwewo) kana kunyoreswa mushure mekupera kwenguva yekuvandudzwa kwenzvimbo dzaivepo kare. Aya madomasi akashandiswawo mune yakashata manejimendi manejimendi uye kudhawunirodha yakaipa JavaScript inoiswa iyo yakaitwa mumamiriro emapeji akavhurwa mushandisi.
Vatsvaguri vakafungidzira kurangana neGalcomm domain registrar, umo zviuru gumi neshanu zvezviitwa zvehutsinye zvakanyoreswa (15% yemadomasi ese akapihwa nemunyori uyu), asi vamiriri veGalcomm. Aya fungidziro airatidza kuti makumi maviri neshanu muzana emadomasi akanyorwa akatodzimwa kana kuti haana kupihwa neGalcomm, uye mamwe ese, anenge ese asingashande akapaka madomasi. Vamiriri veGalcomm vakashumawo kuti hapana munhu akavabata vasati vaburitswa pachena mushumo, uye vakagamuchira runyoro rwemadomasi anoshandiswa kune zvakaipa kubva kune wechitatu uye vari kuita ongororo yavo pavari.
Vatsvakurudzi vakaona dambudziko racho vanofananidza iyo yakaipa-add-ons nemudziyo mutsva - basa guru revashandisi vakawanda rinoitwa kuburikidza nebrowser, iyo yavanopinda nayo yakagovaniswa magwaro ekuchengetedza, masisitimu eruzivo rwemakambani uye masevhisi emari. Mumamiriro ezvinhu akadaro, hazvina musoro kuti vanorwisa vatarise nzira dzekukanganisa zvachose sisitimu yekushandisa kuitira kuti vaise yakazara-yakazara rootkit - zviri nyore kuisa yakashata browser yekuwedzera uye kutonga kuyerera kwechakavanzika data kuburikidza. it. Pamusoro pekutarisa data yekufambisa, iyo yekuwedzera inogona kukumbira mvumo yekuwana data yenzvimbo, webhu kamera, kana nzvimbo. Sezvinoratidzwa nemaitiro, vashandisi vazhinji havatarise kune zvibvumirano zvakakumbirwa, uye 80% ye1000 yakakurumbira ma-add-ons anokumbira kuwana iyo data yemapeji ese akagadziriswa.
Source: opennet.ru