Nzira iyo kodhi yakaipa inounzwa inoramba ichishanduka nekutora nzira dzekare uye nekuvandudza nzira iyo vanobatwa vanonyengerwa.
Zvinoita sekudaro iyo Trojan horse idea ichiri kubatsira nhasi uye nenzira dzakajeka dzakadai zvekuti vazhinji vedu tinogona kuenda tisingaonekwe uye munguva pfupi yapfuura vaongorori kubva kuYunivhesiti yeLeiden (The Netherlands) akadzidza dambudziko rekuburitsa manyepo ekushandisa prototypes paGitHub.
Pfungwa ye shandisa izvi kuti ugone kurwisa vashandisi vanoda kuziva vanoda kuyedza nekudzidza mashandisirwo angaite mamwe maturusi nematurusi anopihwa, anoita kuti mhando iyi yemamiriro ezvinhu ive yakanakira kuunza kodhi yakaipa kurwisa vashandisi.
Zvinonzi muchidzidzo Huwandu hwe47.313 exploit repositories yakaongororwa, kuvharidzira kutadza kunozivikanwa kwakaonekwa kubva 2017 kusvika 2021. Ongororo yekushandisa yakaratidza kuti 4893 (10,3%) yavo ine kodhi inoita zviito zvakaipa.
Ndokusaka vashandisi vanosarudza kushandisa zvakaburitswa zvakaburitswa vanorairwa kuti vazviongorore kutanga uchitsvaga zvekufungira zvinoisa uye mhanyisa zviwanikwa chete pamakina chaiwo akaparadzaniswa kubva kune huru system.
Humbowo hwepfungwa (PoC) miitiro yekusagadzikana inozivikanwa inogovaniswa zvakanyanya munharaunda yekuchengetedza. Ivo vanobatsira vanoongorora kuchengetedza kudzidza kubva kune mumwe nemumwe uye kufambisa kuongororwa kwekuchengetedza uye netiweki timu.
Kwemakore mashoma apfuura, zvave zvakakurumbira kugovera PoCs semuenzaniso kuburikidza nemawebhusaiti uye mapuratifomu, uye zvakare kuburikidza neruzhinji kodhi repositori seGitHub. Nekudaro, veruzhinji kodhi marekodhi haape chero vimbiso yekuti chero yakapihwa PoC inobva kune inovimbwa sosi kana kuti inongoita chaizvo izvo zvinofanirwa kuita.
Mubepa rino, tinoongorora maPoCs akagovaniswa paGitHub nezvekusagadzikana kunozivikanwa kwakawanikwa muna 2017-2021. Takaona kuti haasi ese maPoC akavimbika.
Nezve dambudziko mapoka maviri makuru ekuita zvakaipa akaonekwa: Zvishandiso zvine kodhi ine hutsinye, semuenzaniso kudzosera kumashure sisitimu, kudhawunirodha Trojan, kana kubatanidza muchina kune botnet, uye zviitiko zvinounganidza uye kutumira ruzivo rwakadzama nezvemushandisi.
Uyewo, kirasi yakaparadzana yezvisingakuvadzi zvekunyepedzera zvakaonekwa zvakare vasingaite zvakaipa, asi hadzinawo zvinotarisirwa kuita, semuenzaniso, yakagadzirirwa kunyengedza kana kunyevera vashandisi vanomhanyisa kodhi isina kusimbiswa kubva kunetiweki.
Humwe humbowo hwepfungwa ndeyekunyepedzera (kureva kuti ivo havanyatso kupa PoC mashandiro), kana
kunyange zvakashata: semuenzaniso, vanoedza kuburitsa data kubva kuhurongwa hwavari kuita, kana kuedza kuisa malware pane iyo system.Kuti tigadzirise nyaya iyi, takurudzira nzira yekuona kana PoC ine hutsinye. Maitiro edu anobva pakuona zviratidzo zvatakaona mune yakaunganidzwa data set, ye
semuenzaniso, kufona kune yakaipa IP kero, encrypted kodhi, kana inosanganisira trojanized mabhinari.Tichishandisa nzira iyi, tawana 4893 malicious repositories kunze kwe47313
marepositori akatorwa nekusimbiswa (kureva kuti, 10,3% yezvinyorwa zvakadzidzwa zviripo zvinokuvadza kodhi). Huwandu uhu hunoratidza kuwanda kunotyisa kwePoCs ine ngozi ine hutsinye pakati pekushandisa kodhi yakagoverwa paGitHub.
Macheki akasiyana-siyana akashandiswa kuona zvinhu zvakashata:
- Kodhi yekubiridzira yakaongororwa kuvepo kwekero dzepachena IP kero, mushure mezvo kero dzakaonekwa dzakazoongororwazve kubva kune blacklisted dhatabhesi yemauto anoshandiswa kudzora botnet uye kugovera mafaera akashata.
- Izvo zvinoshandiswa zvakapihwa mufomu rakabatanidzwa zvakaongororwa neanti-virus software.
- Kuvepo kweatypical hexadecimal dumps kana kuisirwa mu base64 fomati yakaonekwa mukodhi, mushure mezvo izvo zvakaiswa zvakadhindwa uye kudzidza.
Inokurudzirwa zvakare kune avo vashandisi vanoda kuita bvunzo vari voga, tora masosi akadai seExploit-DB pamberi, sezvo aya achiedza kusimbisa kushanda uye kuve pamutemo kwePoCs. Sezvo, zvakapesana, iyo kodhi yeruzhinji pamapuratifomu akadai seGitHub isina maitiro ekuongorora ekushandisa.
Finalmente kana iwe uchifarira kuziva zvakawanda nezvazvo, unokwanisa kubvunza ruzivo rwechidzidzo mufaira rinotevera, raunobva Ini ndinogovera link yako.