Nyanzvi dzezvekuchengetedzwa kweMicrosoft dzakayambira vashandisi nezve kurwiswa kubva kune cryptocurrency miner inonzi Dexphot, iyo yanga ichinangana neWindows makomputa kubva Gumiguru gore rapfuura. Iyo malware's peak chiitiko chakanyorwa muna Chikumi wegore rino, apo anopfuura 80 makomputa pasi rese akatapukirwa.
Chirevo chinotaura kuti kupinda mumakomputa evanobatwa, iyo malware inoshandisa nzira dzakasiyana siyana kunzvenga dziviriro, kusanganisira encryption, obfuscation, uye kushandiswa kwemazita emafaira asina kujairika kuvanza maitiro ekuisa. Iyo inozivikanwa zvakare kuti mucheri haashandisi chero mafaera panguva yekutanga maitiro, achiita yakaipa kodhi yakananga mundangariro. Nekuda kweizvi, inosiya mashoma mashoma ekunyora kuvepo kwayo. Kuti udzivise kuonekwa, Dexphot inobata zviri pamutemo Windows maitiro, kusanganisira unzip.exe, rundll32.exe, msiexec.exe, nezvimwe.
Kana mushandisi akaedza kubvisa malware kubva pakombuta, masevhisi ekutarisa anotangwa uye kutapukirwa zvakare kunotanga. Chirevo chinoti Dexphot yakaiswa pamakomputa akatotapukirwa. Sechikamu chemushandirapamwe wazvino, iyo malware inosvika masisitimu ane hutachiona hweICLoader. Mamodule akashata anotorwa kubva kune akati wandei maURL, ayo anoshandiswawo kugadzirisa iyo malware uye kuita hutachiona zvakare.
"Dexphot haisi iyo mhando yekurwisa iyo inowana kutariswa kwenhau. Iyi ndeimwe yemadanidziro akawanda anga aripo kwenguva yakareba. Chinangwa chayo chakapararira mumakirini e-cybercriminal uye chinodzika kusvika pakuisa mugodhi we cryptocurrency uyo anoshandisa pachivande zviwanikwa zvekombuta kubatsira vanorwisa, "akadaro Hazel Kim, muongorori wemalware kuMicrosoft Defender ATP Research Group.
Source: 3dnews.ru