Ibali lokususwa kweepakethe ezikhohlakeleyo ezintathu ezikopishe ikhowudi yelayibrari ye-UAParser.js evela kwindawo yokugcina i-NPM ifumene ukuqhubeka okungalindelekanga - abahlaseli abangaziwayo babambe ulawulo kwi-akhawunti yombhali weprojekthi ye-UAParser.js kwaye bakhupha ukuhlaziywa okuqulethe ikhowudi ukweba amagama ayimfihlo kunye nee-cryptocurrencies zemigodi.
Ingxaki kukuba ithala leencwadi le-UAParser.js, elibonelela ngemisebenzi yokwahlulahlula i-HTTP User-Agent header, inokhuphelo olumalunga nezigidi ezisi-8 ngeveki kwaye isetyenziswa njengokuxhomekeka kwiiprojekthi ezingaphezu kwe-1200. UAParser.js kuthiwa isetyenziswa ziinkampani ezifana Microsoft, Amazon, Facebook, Slack, Discord, Mozilla, Apple, ProtonMail, Autodesk, Reddit, Vimeo, Uber, Dell, IBM, Siemens, Oracle, HP, kunye Verison.
Uhlaselo lwenziwe ngokugqekeza kwiakhawunti yomphuhlisi weprojekthi, owaqonda ukuba kukho into engalunganga emva kokuba i-spam engaqhelekanga yawela kwibhokisi yakhe yeposi. Ukuba i-akhawunti yomphuhlisi igqekeziwe kangakanani ayixelwa. Abahlaseli badale ukukhutshwa kwe-0.7.29, 0.8.0 kunye ne-1.0.0 ngokufaka ikhowudi enobungozi kubo. Kwiiyure ezimbalwa, abaphuhlisi baphinde balawula iprojekthi kwaye bavelisa ukuhlaziywa kwe-0.7.30, 0.8.1 kunye ne-1.0.1 ukulungisa ingxaki. Iinguqulelo ezinobungozi zapapashwa kuphela njengepakethe kwindawo yokugcina ye-NPM. Indawo yokugcina iprojekthi yeGit kwiGitHub ayizange ichaphazeleke. Bonke abasebenzisi abafakele iinguqulelo ezinengxaki, ukuba bafumana ifayile ye-jsextension kwi-Linux / macOS, kunye neefayile ze-jsextension.exe kunye ne-create.dll kwi-Windows, bayacetyiswa ukuba bathathele ingqalelo inkqubo yokuxhatshazwa.
Iinguqu ezinobungozi ezongeziweyo zifana nezo zicetywayo ngaphambili kwii-clones ze-UAParser.js, ezibonakala zikhutshiwe ukuvavanya ukusebenza ngaphambi kokuqalisa uhlaselo olukhulu kwiprojekthi enkulu. Ifayile ye-jsextension ephunyeziweyo yalayishwa kwaye yaqaliswa kwisistim somsebenzisi ukusuka kumamkeli wangaphandle, owakhethwa ngokuxhomekeke kwiqonga lomsebenzisi kunye nomsebenzi oxhaswayo kwiLinux, macOS kunye neWindows. Kwiqonga leWindows, ukongeza kwiprogram ye-Monero cryptocurrency mining (i-XMRig miner isetyenzisiwe), abahlaseli baphinde baququzelele ukuqaliswa kwelayibrari ye-creative.dll ukubamba amagama ayimfihlo kwaye bayithumele kumamkeli wangaphandle.
Ikhowudi yokukhuphela yongezwa kwifayile efakwe ngaphambili.sh, equka ufakelo IP=$(curl -k https://freegeoip.app/xml/ | grep 'RU|UA|BY|KZ') ukuba [ -z " $ IP" ] ... Khuphela kwaye usebenzise i-fi ephunyeziweyo
Njengoko kunokubonwa kwikhowudi, iskripthi sihlolisise kuqala idilesi ye-IP kwinkonzo ye-freegeoip.app kwaye ayizange iqalise isicelo esibi kubasebenzisi abavela eRashiya, eUkraine, eBelarus naseKazakhstan.
umthombo: opennet.ru