N'ime odida obodo na-adịghị akwụsị akwụsị nke iyi egwu cybersecurity, mpụta nke GoBear, malware dị n'azụ ụlọ ọkaibe, ewelitela nchegbu dị ukwuu n'etiti ndị ọkachamara nchekwa. Emebere ya n'asụsụ Go ma jiri akwụkwọ asambodo D2innovation Co., LTD kwadoro, GoBear na-arụ ọrụ dị ka ihe iyi egwu zoro ezo nke nwere ike ime iwu ọjọọ, izu ohi data, na ịkwado njikwa anya site n'aka ndị na-eme ihe ọjọọ. Edemede a na-abanye n'ime mgbagwoju anya nke GoBear, omume ya, nsonaazụ ya, ma na-enye ntuziaka zuru oke maka iwepụ na mgbochi ya.
Nchịkọta GoBear Malware
GoBear, mara dị ka a backdoor malware, na-ewepụta onwe ya iche site n'ịkwalite asụsụ Go na ịnweta ezigbo akwụkwọ D2innovation Co., LTD. Izi ezi akwụkwọ a na-agbakwunye oke mgbagwoju anya, na-egosi na enwere ike izu ohi ma ọ bụ ojiji na-akwadoghị.
malware na-arụ ọrụ site na imezu iwu ọjọọ enwetara site na ihe nkesa Command na Control (C&C), na-enye ndị na-awakpo ohere ịmepụta ohere na-adịgide adịgide na sistemụ nje ahụ. GoBear na-aga n'ihu n'ihu site na ijikọ ọrụ proxy SOCKS5, na-eme ka ike ya dịkwuo elu yana nwee ike ịkwado nkwurịta okwu nzuzo ma ọ bụ ịkọwapụta ihe omume onye mwakpo ahụ.
Omume na nsonaazụ
- Ohi data: GoBear na-eji iwu yiri nke BetaSeed malware, na-achọ izu ohi data sitere na sistemụ onye ahụ. Nke a nwere ike ịgụnye ozi nwere mmetụta, nzere nbanye, yana data azụmaahịa nweonwe.
- Remote Control: Ọdịdị azụ azụ nke GoBear na-enye ndị na-awakpo ohere njikwa anya na ijikwa ngwaọrụ nje ahụ. Nke a nwere ike ịgụnye ịwụnye malware agbakwunyere, ime ihe nyocha, ma ọ bụ ibido omume ọjọọ ndị ọzọ.
- Njikọ SOCKS5 Proxy: Ntinye nke ọrụ proxy SOCKS5 na-egosi ike ịpụnarị nchọpụta, na-ebugharị okporo ụzọ ọjọọ site na sava etiti, na ikpughe ihe omume onye mwakpo ahụ.
Aha nchọpụta na ihe iyi egwu ndị yiri ya
Achọpụtala GoBear site na ngwanrọ nchekwa dị iche iche n'okpuru aha ndị dị ka Win64:Evo-gen [Trj], Gen:Variant.Lazy.459270, A Variant Of Win32/GenCBL.EKB, Trojan.Win32.SelfDel.imwn, na Trojan:Win64 /SelfDel!MTB. N'ụzọ doro anya, ọ na-ekerịta akwụkwọ D2innovation Co., LTD na malware ọzọ a maara dị ka Troll.
Ntuziaka mwepụ
Ka ikpochapụ GoBear malware na sistemụ Windows gị, soro ntuziaka mwepụ a zuru oke:
- Mwepụ akwụkwọ ntuziaka:
- Chọpụta ma kwụsị usoro enyo site na iji Task Manager.
- Chọta ma hichapụ faịlụ ọjọọ metụtara GoBear.
- Wepu ndenye ndekọ ejikọrọ na malware site na iji Editor Registry.
- Nyocha netwọkụ: Mepụta nyocha netwọkụ iji chọpụta na igbochi nzikọrịta ozi na sava C&C.
- Nyocha akụrụngwa nchekwa: Jiri antivirus ziri ezi ma ọ bụ sọftụwia mgbochi malware mee nyocha nke ọma iji chọpụta ma kpochapụ ihe ọ bụla fọdụrụnụ nke GoBear.
Usoro Mgbochi
- Mmelite software: Na-emelite sistemụ arụmọrụ gị, ngwanro na ngwaọrụ nchekwa gị mgbe niile ka ịdochite adịghị ike.
- Nchekwa ozi-e: Kpachapụ anya site na mgbakwunye email, ọkachasị site na isi mmalite amaghị ama ma ọ bụ enyo.
- Àgwà nchọgharị adịghị mma: Zere ịga na webụsaịtị emejọrọ, ịpị mgbasa ozi ọjọọ, ma ọ bụ budata ngwanrọ sitere na isi mmalite enweghị ntụkwasị obi.
- Ùgwù onye ọrụ: Machie ohere ndị ọrụ iji belata mmetụta nke ọrịa malware nwere ike ịkpata.
mmechi
GoBear guzo dị ka ihe egwu dị egwu na mpaghara mwakpo cyber, na-eji usoro dị elu mebie sistemu na izu ohi ozi dị nro. Ịghọta omume ya, ihe ga-esi na ya pụta, na itinye ụkpụrụ nchekwa siri ike bụ usoro dị oke mkpa iji chebe megide nke a na yiri egwu. Mara amara, mụrụ anya, ma buru ụzọ cheba nchekwa cyber iji chebe gburugburu dijitalụ gị pụọ na iyi egwu malware dị ka GoBear.