I-Ake Security Company mayelana nokukhomba ku-Google Chrome, ithumela idatha yomsebenzisi eyimfihlo kumaseva angaphandle. Izengezo ziphinde zaba nokufinyelela ekuthatheni izithombe-skrini, ukufunda okuqukethwe ebhodini lokunamathisela, ukuhlaziya ukuba khona kwamathokheni okufinyelela kuma-Cookies, kanye nokubamba okokufaka kumafomu ewebhu. Sekukonke, izengezo ezinonya ezikhonjiwe zenze ingqikithi yokulandwa kwezigidi ezingu-32.9 eSitolo Sewebhu Se-Chrome, futhi edume kakhulu (Isiphathi Sosesho) ilandwe izikhathi eziyizigidi ezingu-10 futhi ihlanganisa izibuyekezo eziyizinkulungwane ezingu-22.
Kucatshangwa ukuthi zonke izengezo ezicatshangelwe zalungiswa yiqembu elilodwa labahlaseli, ngoba kuzo zonke uhlelo olujwayelekile lokusabalalisa nokuhlela ukuthunjwa kwedatha eyimfihlo, kanye nezici zedizayini ezijwayelekile kanye nekhodi ephindaphindiwe. anekhodi engalungile abekwe kukhathalogi yeSitolo se-Chrome futhi asevele asuswa ngemva kokuthumela isaziso mayelana nomsebenzi ongalungile. Izengezo eziningi ezinonya zikopishe ukusebenza kwezengezo ezahlukahlukene ezidumile, okuhlanganisa nalezo ezihloselwe ukuhlinzeka ngokuvikeleka okwengeziwe kwesiphequluli, ukwandisa ubumfihlo bosesho, ukuguqulwa kwe-PDF, nokuguqulwa kwefomethi.
Onjiniyela bezengezo baqale bathumele inguqulo ehlanzekile ngaphandle kwekhodi enonya Esitolo se-Chrome, babuyekezwa ngontanga, base bengeza izinguquko kwesinye sezibuyekezo ezilayishe ikhodi enonya ngemva kokufakwa. Ukuze kufihlwe imikhondo yemisebenzi enonya, indlela yokusabela ekhethiwe nayo yasetshenziswa - isicelo sokuqala sibuyise ukulanda okunonya, futhi izicelo ezalandela zabuyisela idatha esolisayo.
Izindlela eziyinhloko okusabalala ngazo izengezo ezinonya ziwukuphromotha amasayithi abukeka ephrofeshinali (njengasesithombeni esingezansi) nokubekwa eSitolo Sewebhu Se-Chrome, ukweqa izindlela zokuqinisekisa zokulandwa okulandelayo kwekhodi kumasayithi angaphandle. Ukuze weqe imikhawulo ekufakeni izengezo kuphela eSitolo Sewebhu Se-Chrome, abahlaseli basabalalisa ama-assemblies ahlukene e-Chromium anezengezo ezifakwe ngaphambili, futhi bazifaka ngezinhlelo zokusebenza zokukhangisa (i-Adware) esezivele zikhona ohlelweni. Abacwaningi bahlaziye amanethiwekhi angu-100 ezinkampani zezimali, abezindaba, ezokwelapha, ezemithi, zikawoyela negesi kanye nezohwebo, kanye nezikhungo zemfundo nezikahulumeni, futhi bathola iminonjana yokuba khona kwezengezo ezinonya cishe kuzo zonke.
Phakathi nomkhankaso wokusabalalisa izengezo ezinonya, ngaphezu kwalokho , ephambana namasayithi adumile (isibonelo, i-gmail.com, youtubeunblocked.net, njll.) noma ebhaliswe ngemva kokuphela kwesikhathi sokuvuselela ezizindeni ezikhona ngaphambilini. Lezi zizinda ziphinde zasetshenziswa kungqalasizinda yokuphatha umsebenzi onobungozi kanye nokulanda okufakiwe kwe-JavaScript okunonya okusetshenziswe kumongo wamakhasi avulwe umsebenzisi.
Abacwaningi basole itulo nombhalisi wesizinda se-Galcomm, lapho kwabhaliswa khona izizinda eziyizinkulungwane eziyi-15 zemisebenzi enonya (60% yazo zonke izizinda ezikhishwe yilo bhalisi), kodwa abamele i-Galcomm Lokhu kucabangela kubonise ukuthi u-25% wezizinda ezisohlwini sezivele zisusiwe noma azizange zikhishwe i-Galcomm, kanti okunye, cishe zonke izizinda ezipakiwe ezingasebenzi. Abamele i-Galcomm baphinde babika ukuthi akekho oxhumane nabo ngaphambi kokudalulwa komphakathi kombiko, futhi bathole uhlu lwezizinda ezisetshenziselwa izinjongo ezinonya oluvela enkampanini yangaphandle futhi manje benza ukuhlaziya kwabo kuzo.
Abacwaningi abahlonze inkinga baqhathanisa izengezo ezinonya ne-rootkit entsha - umsebenzi oyinhloko wabasebenzisi abaningi wenziwa ngesiphequluli, lapho befinyelela khona ukugcinwa kwamadokhumenti okwabelwana ngawo, izinhlelo zolwazi lwezinkampani kanye nezinsizakalo zezezimali. Ezimweni ezinjalo, akwenzi mqondo ukuthi abahlaseli babheke izindlela zokufaka engozini ngokuphelele isistimu yokusebenza ukuze bafake i-rootkit egcwele - kulula kakhulu ukufaka isengezo sesiphequluli esinonya futhi ulawule ukugeleza kwedatha eyimfihlo ngokusebenzisa. yona. Ngokungeziwe ekwengameleni idatha yezokuthutha, isengezo singacela izimvume zokufinyelela idatha yendawo, ikhamera yewebhu, noma indawo. Njengoba umkhuba ubonisa, abasebenzisi abaningi abazinaki izimvume eziceliwe, futhi u-80% wezengezo ezidumile ezingu-1000 ucela ukufinyelela kudatha yawo wonke amakhasi asetshenziwe.
Source: opennet.ru