Omnye yobuxoki obukhulu neentsomi esiqhele ukubuva kwaye ukufunda rhoqo kukuba ku "I-Linux akukho zintsholongwane", "I-Linux ayijoliswanga kubaduni" kunye nezinye izinto ezinxulumene ne "Linux ayikhuselekanga", bubuxoki ngokupheleleyo ...
Kuthekani ukuba sinokubeka isiqingatha senyaniso kunye nesiqingatha sobuxoki, kukuba iLinux ayinayo umlinganiselo ofanayo we-malware kunye nokuhlaselwa ngabahlaseli. Oku kungenxa yesizathu esilula nesilula, ekubeni kwi-market ye-linux ayimeli i-10% yazo zonke iikhomputha ze-desktop, ngoko ke akukho nzuzo (ngoko kuthetha) ukuchitha ixesha elininzi kunye nomzamo.
Kodwa kude kuyo, loo nto ayizange ibeke ithoni yayo inani losulelo lwe-malware olujolise kwizixhobo zeLinux luyaqhubeka nokukhula kwaye kukuba yintoni eyayiyi-2021 isixa sonyuka nge-35% kwaye oku kungenxa yokuba izixhobo ze-IoT zixelwa ngokuphindaphindiweyo kuhlaselo lwe-DDoS (ukukhanyela ukusasazwa kwenkonzo).
Ii-IoT zihlala zizixhobo "ezihlakaniphile" ezinamandla aphantsi ezisebenzisa unikezelo lweLinux olwahlukeneyo kwaye zilinganiselwe kwimisebenzi ethile. Kodwa nangona kunjalo, xa izixhobo zabo zidityanisiwe zibe ngamaqela amakhulu, banokuqalisa ukuhlasela okukhulu kweDDoS nakwiziseko ezingundoqo ezikhuselwe kakuhle.
Ukongeza kwi-DDoS, izixhobo ze-Linux IoT zigaywe kwi-cryptocurrency yam, iququzelele imikhankaso ye-spam, isebenze njenge-relays, isebenze njengomyalelo kunye nolawulo lweeseva, okanye zisebenze njengeendawo zokungena kwiinethiwekhi zedatha.
Ingxelo evela kwiCrowdstrike ukuhlalutya idatha yohlaselo ukusuka ngo-2021 ishwankathela oku kulandelayo:
- Ngo-2021, kukho ukonyuka kwe-35% kwiinkqubo ze-malware ezijolise kwi-Linux xa kuthelekiswa no-2020.
- I-XorDDoS, i-Mirai, kunye ne-Mozi yayizezona ntsapho zixhaphakileyo, zibalelwa kwi-22% yazo zonke izihlaselo ze-malware ezijolise kwi-Linux ezibonwe ngo-2021.
- I-Mozi, ngokukodwa, ibone ukukhula okukhulayo kwishishini, kunye neesampuli eziphindwe kashumi ezijikelezayo kulo nyaka uphelileyo xa kuthelekiswa nonyaka ongaphambili.
- I-XorDDoS ikwabone ukonyuka okumangalisayo kwe-123% unyaka nonyaka.
Ukongeza, ibonelela ngenkcazo emfutshane jikelele ye-malware:
- XordDoS: yiLinux Trojan esebenza ngeendlela ezininzi esebenza kwiindlela ezininzi zeLinux zokwakha, ukusuka kwiARM (IoT) ukuya kwi x64 (abancedisi). Isebenzisa ufihlo lwe-XOR kunxibelelwano lwe-C2, kungoko igama layo. Xa uhlasela izixhobo ze-IoT, nyanzela i-XorDDoS izixhobo ezisengozini nge-SSH. Kumatshini we-Linux, sebenzisa i-port 2375 ukufumana ukufikelela kweengcambu ezingenagama lokugqitha kumamkeli. Imeko ephawulekayo yokusasazwa kwe-malware yaboniswa ngo-2021 emva kokuba umdlali waseTshayina owaziwa ngokuba yi "Winnti" wabonwa ehambisa kunye nezinye iibhotnet eziphumayo.
- Mozi: yi-P2P (peer-to-peer) botnet exhomekeke kwi-Distributed Hash Table Lookup (DHT) inkqubo yokufihla unxibelelwano lwe-C2 olukrokrelayo kwizisombululo zokubeka iliso kwinethiwekhi. Le botnet ikhona ixesha elide, isongeza ubuthathaka obutsha kwaye yandisa ukufikelela kwayo.
- Jonga: yibhotnet edume kakubi eye yavelisa iifolokhwe ezininzi ngenxa yekhowudi yomthombo efumanekayo esidlangalaleni kwaye iyaqhubeka nokukhathaza ilizwe le-IoT. Izinto ezahlukeneyo eziphuma kuzo ziphumeza iiprothokholi zonxibelelwano ezahlukeneyo zeC2, kodwa zonke zihlala zixhaphaza iziqinisekiso ezibuthathaka ukuze zizinyanzele kwizixhobo.
Iintlobo ezininzi ze-Mirai eziphawulekayo zagutyungelwa ngo-2021, ezifana ne-"Dark Mirai," egxile kwiirutha zasekhaya, kunye ne "Moobot," ejolise kwiikhamera.
"Ezinye zeendlela ezixhaphakileyo ezilandelwa ngabaphandi beCrowdStrike zibandakanya iSora, IZIH9, kunye neRekai," umphandi weCrowdStrike uMihai Maganu uchaza kwingxelo. "Xa kuthelekiswa no-2020, inani leisampulu ezichongiweyo kwezi ntlobo zintathu zonyuka ngama-33%, 39%, kunye ne-83%, ngokulandelanayo, ngo-2021."
Iziphumo zeCrowstrike azimangalisi, ukususela ngoku qinisekisa umzila oqhubekayo othe wavela kwiminyaka edlulileyo. Umzekelo, ingxelo ye-Intezer ejonge izibalo zika-2020 yafumanisa ukuba iintsapho ze-Linux malware zikhule nge-40% ngo-2020 xa kuthelekiswa nonyaka ophelileyo.
Kwiinyanga ezintandathu zokuqala zika-2020, kukho ukonyuka okukhulu kwe-500% kwi-malware ye-Golang, ebonisa ukuba ababhali be-malware bafuna iindlela zokwenza ikhowudi yabo isebenze kumaqonga amaninzi.
Le nkqubo, kunye nokwandisa indlela ekujoliswe kuyo, sele iqinisekisiwe kwiimeko ekuqaleni kuka-2022 kwaye kulindeleke ukuba iqhubeke ngaphandle kokuphazanyiswa.
Umthombo: https://www.crowdstrike.com/
Umahluko kukuba usuku lwe-zero kwi-linux luhlala lufakwe kwisithuba esingaphantsi kweveki (uninzi) kwaye kwiiWindows ezinye azisonjululwa.
Umahluko kukuba ulwakhiwo lweLinux kunye nenkqubo yeemvumelwano zenza kube nzima kakhulu ukufumana iimvume eziphakamileyo kwiakhawunti yomsebenzisi...
Kwaye umahluko kukuba uninzi lwalo msebenzi lwenziwa ngamavolontiya omthombo ovulekileyo kwaye hayi ngamaqumrhu amakhulu adala ikhowudi yobunini ukuze asifihlele okwenzekayo ngaphantsi. I-Opensource ifundeka ngokulula.
Kodwa heyi, unyanisile ngento enye, ukuba abasebenzisi bakho bayenyuka, izixhobo zokubahlasela kwaye bajonge ubuthathaka ziya kwanda ukuba ungafumana imbuyekezo yezoqoqosho ngayo.
Ke ziindaba ezimnandi ukuba iLinux malware iyanda. :)
Kwaye kwi-IoT iya kuba yi-100% impazamo yomenzi, isiqwenga sabaninzi be-Xiaomi routers abasebenzisa i-OpenWRT yakhululwa iintsuku ezi-2 emva kokuba bosulelwe ngu-Mirai, u-Xiaomi wahlaziywa rhoqo ngeveki. Abanye abaninzi njenge-TP-Link ekwasebenzisa i-OpenWRT ayizange ihlaziywe
Ukuza kuthi ga namhlanje kukho oomatshini bokuhlamba abosulelwe nguMirai kwaye abakahlaziywa, basisiqwenga nje ekufuneka beyisungule.
Njengoko kwenzekile ngeeseva ze-HP, azizange zikhuphe iJava kwaye ibingumngcipheko ogqunyiweyo kwiminyaka emi-2 eyadlulayo