Inguqulelo entsha ye-AnarchyGrabber malware eneneni iguqule iDiscord (isithunywa sasimahla sangoko esixhasa iVoIP kunye nenkomfa yevidiyo) yaba lisela leakhawunti. I-malware iguqula iifayile zomxhasi weDiscord ngendlela yokuba i-akhawunti yomsebenzisi xa ungena kwinkonzo yeDiscord kwaye kwangaxeshanye ihlale ingabonakali kwii-antivirus.
Ulwazi malunga ne-AnarchyGrabber isasazwa kwiiforum ze-hacker kunye neevidiyo ze-YouTube. Isiseko se-app kukuba xa iqaliswa, i-malware iba iithokheni zomsebenzisi obhalisiweyo weDiscord. La mathokheni alayishwa emva kwitshaneli yeDiscord phantsi kolawulo lomhlaseli, kwaye ingasetyenziselwa ukungena ngeenkcukacha zomsebenzisi zomnye umntu.
Inguqulelo yokuqala ye-malware yasasazwa njengefayile ephunyezwayo efunyenwe lula kwiinkqubo ze-antivirus. Ukwenza i-AnarchyGrabber ibe nzima ukubhaqa ii-antivirus kunye nokwandisa ukusinda, abaphuhlisi baye bahlaziya ingqondo yabo ukuze ngoku iguqule iifayile zeJavaScript ezisetyenziswa ngumxhasi weDiscord ukufaka ikhowudi yayo rhoqo xa iqaliswa. Le nguqulelo ifumene elona gama loqobo AnarchyGrabber2 kwaye xa yaziswa, ifaka ikhowudi ekhohlakeleyo kwifayile β%AppData%Discord[version]modulesdiscord_desktop_coreindex.jsβ.
Emva kokuqhuba i-AnarchyGrabber2, ikhowudi yeJavaScript elungisiweyo esuka kwi-subfolder ye-4n4rchy iya kubonakala kwifayile ye-index.js, njengoko kuboniswe ngezantsi.
Ngolu tshintsho, iifayile zeJavaScript ezinobungozi ezongezelelweyo ziya kukhutshelwa xa uzisa iDiscord. Ngoku, xa umsebenzisi engena kumthunywa, izikripthi ziya kusebenzisa i-webhook ukuthumela ithokheni yomsebenzisi kwitshaneli yomhlaseli.
Yintoni eyenza olu hlengahlengiso lomthengi weDiscord lube yingxaki enjalo kukuba nokuba i-malware yoqobo ifunyenwe yi-antivirus, iifayile zomxhasi ziya kuba sele zilungisiwe. Ke ngoko, ikhowudi ekhohlakeleyo inokuhlala kumatshini ixesha elide njengoko ifunwa, kwaye umsebenzisi akayi kukrokrela ukuba idatha yeakhawunti yakhe ibiwe.
Esi ayisosihlandlo sokuqala ukuba i-malware iguqule iifayile zomxhasi weDiscord. Ngo-Okthobha ka-2019, kwaxelwa ukuba esinye isiqwenga se-malware sasitshintsha iifayile zabathengi, siguqula umxhasi weDiscord ukuba abe ulwazi lweTrojan. Ngeli xesha, umphuhlisi weDiscord wathi izakukhangela iindlela zokulungisa obu buthathaka, kodwa ingxaki ngokucacileyo ayikasonjululwa.
De iDiscord yongeze ukuthembeka kwefayile yomxhasi ujongo ekuqaleni, iiakhawunti zeDiscord ziya kuqhubeka nokuba semngciphekweni kwi-malware eyenza utshintsho kwiifayile zomthunywa.
umthombo: 3dnews.ru