Una na manyan karairayi da tatsuniyoyi da muka saba ji kuma karanta sosai sau da yawa shi ne cewa a "Linux babu ƙwayoyin cuta", "Linux ba hari bane ga masu kutse" da sauran abubuwan da suka shafi "Linux is immunity", wanda gaba daya karya ne ...
Abin da idan za mu iya sanya rabin gaskiya da rabin karya, shi ne Linux ba shi da adadin malware da hare-haren hackers. Wannan shi ne saboda dalili mai sauƙi da sauƙi, tun da yake a cikin kasuwar Linux ba ya wakiltar ko da 10% na duk kwamfutocin tebur, don haka ba shi da riba (don yin magana) don ciyar da lokaci mai yawa da ƙoƙari.
Amma nisa daga gare ta, wannan bai saita sautin ba yawan kamuwa da cutar malware da ke hari da na'urorin Linux na ci gaba da karuwa kuma shine abin da ya kasance 2021 adadin ya karu da 35% kuma wannan saboda ana ba da rahoton na'urorin IoT akai-akai don hare-haren DDoS (rarraba musun sabis).
IoTs galibi na'urori ne na ''masu wayo'' masu ƙarancin ƙarfi waɗanda ke gudanar da rarraba Linux daban-daban kuma suna iyakance ga takamaiman ayyuka. Amma duk da haka, lokacin da aka haɗa albarkatun su zuwa manyan ƙungiyoyi, za su iya ƙaddamar da manyan hare-haren DDoS har ma a cikin ingantattun ababen more rayuwa.
Baya ga DDoS, ana ɗaukar na'urorin Linux IoT zuwa ma'adanin cryptocurrency, sauƙaƙe kamfen ɗin banza, aiki azaman relays, aiki azaman umarni da sabar sarrafawa, ko ma aiki azaman wuraren shigarwa zuwa cibiyoyin sadarwar bayanai.
Rahoton daga Crowdstrike nazarin bayanan harin daga 2021 yana taƙaita abubuwan da ke gaba:
- A cikin 2021, an sami karuwar kashi 35% na malware da ke niyya da tsarin Linux idan aka kwatanta da 2020.
- XorDDoS, Mirai, da Mozi sune iyalai da suka fi yawa, suna lissafin kashi 22% na duk hare-haren malware da aka yi niyya akan Linux da aka gani a cikin 2021.
- Mozi, musamman, ya sami bunƙasa bunƙasa a cikin kasuwanci, tare da sau goma fiye da samfuran da ake yawo a bara idan aka kwatanta da na shekarar da ta gabata.
- XorDDoS kuma ya ga karuwar 123% na shekara-shekara.
Bugu da ƙari, yana ba da taƙaitaccen bayanin gabaɗayan malware:
- XordDoS: Trojan Linux ne mai cikakken aiki wanda ke aiki akan gine-ginen tsarin Linux da yawa, daga ARM (IoT) zuwa x64 (sabar). Yana amfani da ɓoyayyen XOR don sadarwar C2, saboda haka sunansa. Lokacin kai hari na na'urorin IoT, ƙarfin ƙarfi XorDDoS na'urori masu rauni ta hanyar SSH. A kan injunan Linux, yi amfani da tashar jiragen ruwa 2375 don samun damar tushen tushen kalmar sirri zuwa mai masaukin baki. An nuna wani sanannen shari'a na rarraba malware a cikin 2021 bayan an ga wani ɗan wasan barazanar China da aka fi sani da "Winnti" yana tura shi tare da sauran botnets masu juyayi.
- Mozi: botnet ne na P2P (tsara-zuwa-tsara) wanda ya dogara da tsarin Rarraba Hash Table Lookup (DHT) don ɓoye hanyoyin sadarwar C2 masu shakka daga hanyoyin sa ido kan zirga-zirgar hanyar sadarwa. Wannan botnet na musamman ya kasance na ɗan lokaci kaɗan, yana ci gaba da ƙara sabbin lahani da faɗaɗa isarsa.
- Duba: sanannen botnet ne wanda ya haifar da cokali mai yatsu da yawa saboda lambar tushe da ake samu a bainar jama'a kuma yana ci gaba da addabar duniyar IoT. Abubuwan da aka samo daban-daban suna aiwatar da ka'idojin sadarwa na C2 daban-daban, amma duk sau da yawa suna cin zarafin ƙaƙƙarfan ƙira don tilasta kansu cikin na'urori.
An rufe bambance-bambancen Mirai da yawa a cikin 2021, kamar "Dark Mirai," wanda ke mai da hankali kan masu amfani da hanyar gida, da kuma "Moobot," wanda ke kai hari ga kyamarori.
"Wasu daga cikin bambance-bambancen da aka fi sani da masu binciken CrowdStrike sun haɗa da Sora, IZIH9, da Rekai," mai binciken CrowdStrike Mihai Maganu ya bayyana a cikin rahoton. "Idan aka kwatanta da 2020, adadin samfuran da aka gano don waɗannan bambance-bambancen guda uku ya karu da 33%, 39%, da 83%, bi da bi, a cikin 2021."
Binciken Crowstrike ba abin mamaki bane, tun tabbatar da ci gaba da yanayin da ya kunno kai a shekarun baya. Misali, rahoton Intezer yana duba kididdigar 2020 ya gano cewa iyalan malware na Linux sun karu da kashi 40 cikin 2020 a cikin XNUMX idan aka kwatanta da shekarar da ta gabata.
A cikin watanni shida na farkon shekarar 2020, an sami karuwar kashi 500 cikin XNUMX a cikin Golang malware, wanda ke nuna cewa marubutan malware suna neman hanyoyin sanya lambar su ta yi aiki a kan dandamali da yawa.
Wannan shirye-shiryen, kuma ta hanyar haɓaka yanayin niyya, an riga an tabbatar da shi a lokuta a farkon 2022 kuma ana sa ran zai ci gaba ba tare da tsayawa ba.
Source: https://www.crowdstrike.com/
Bambancin shi ne cewa ranar sifili akan Linux yawanci ana fakewa cikin ƙasa da mako guda (aƙalla) kuma akan Windows wasu ba a taɓa warware su ba.
Bambancin shine tsarin gine-ginen Linux da tsarin izini sun sa ya fi wahala samun izini daga asusun mai amfani...
Kuma babban abin da ya bambanta shi ne cewa mafi yawan wannan aikin ana yin su ne ta hanyar masu sa kai na buɗaɗɗen tushe ba manyan kamfanoni waɗanda ke ƙirƙira lambar mallakar mallaka don ɓoye mana abin da ke faruwa a ƙasa ba. Opensource yana da sauƙin dubawa.
Amma hey, kun yi daidai game da abu ɗaya, idan masu amfani da ku sun haɓaka, albarkatun da za su kai musu hari da gano lahani za su ƙaru idan za ku iya samun dawo da tattalin arziki tare da shi.
Don haka labari ne mai kyau cewa Linux malware yana karuwa. :)
Kuma a cikin IoT zai zama laifin 100% na masana'anta, facin na yawancin masu amfani da hanyar sadarwa na Xiaomi da ke amfani da OpenWRT an sake shi kwanaki 2 bayan kamuwa da Mirai, Xiaomi yana sabuntawa kowane mako. Wasu da yawa kamar TP-Link waɗanda kuma suke amfani da OpenWRT ba a taɓa sabunta su ba
Har wala yau akwai injinan wanki da Mirai suka kamu kuma ba a sabunta su ba, kasancewar faci ne kawai wanda dole ne su ƙaddamar.
Kamar yadda ya faru da sabar HP, ba su taɓa yin amfani da Java ba kuma rauni ne da aka rufe shekaru 2 da suka gabata