Kwisityhilelo esimalunga nesityhilelo, abaphandi bokhuseleko baye bafumanisa i-macOS ephucukileyo ekujoliswe kuyo egama linguRustDoor, ekwachongwe njengeTrojan.MAC.RustDoor. Iyasebenza ukusukela ngoNovemba ka-2023, le software ikhohlakeleyo, efunyenwe yiBitdefender, izifihla njengohlaziyo lweMicrosoft Visual Studio, ibeka umngcipheko omkhulu kubasebenzisi kuzo zombini ii-Intel kunye neArm Arm. Eli nqaku ligocagoca kwizinto ezintsonkothileyo zeRustDoor, liphonononga izenzo zayo, iziphumo zayo, kunye noqhagamshelo lwayo oluyingozi kumaqela adumileyo e-ransomware.
Ukujonga kwiRustDoor macOS Backdoo aka Trojan.MAC.RustDoorr
Indlela yokusasaza ye-RustDoor ihlala inqabile, kunye neziphumo zokuqala ezicebisa ukuba isasazwe ngeebhiri ze-FAT ezineefayile ze-Mach-O. Eyona nto inyusa inkxalabo kukubhaqwa kweentlobo ezininzi ze-malware, kubhengezwa kwiinzame zophuhliso eziqhubekayo. Ukusukela nge-2 kaNovemba ka-2023, isampulu yokuqala eyaziwayo ibonisa imeko eqhubekayo neguqukayo yesoyikiso.
Ixhotyiswe ngoluhlu olwahlukeneyo lwemiyalelo, iRustDoor ixhobisa abadlali bezoyikiso ukuba bavune idatha ebuthathaka, balayishe iifayile, kwaye baqokelele ulwazi malunga neenkqubo ezisengozini. Uphindaphindo oluthile lwe-malware luphawu olulungele ulungelelwaniso, luchaza idatha emayiqokelelwe, ulwandiso lwefayile ekujoliswe kuyo, abalawuli abahloliwe, kunye noovimba beefayili abangabandakanywayo. Idatha ephangiweyo ithunyelwa emva koko kwi-server-and-control (C2) iseva, ecebisa usebenziso olulungelelanisiweyo lwe-cybercriminal.
Iinguqulelo ezininzi zeRustDoor ziyafumaneka
Lo mnyango ungasemva ubonisa ukuphindaphindwa okwahlukeneyo, ukwabelana ngokusebenza okungundoqo okufanayo kunye nokungangqinelani okuncinci. Ibhalwe ngaphakathi Ukugqithisa, ikhowudi yomthombo ityhila amagama efayile yoqobo kuhlalutyo lokubini. I-syntax ekhethekileyo ye-Rust ibeka imiceli mngeni kubaphandi bezokhuseleko, inika inzuzo yeqhinga kubabhali be-malware ukuba baphephe ukubhaqwa kunye nohlalutyo olunzulu.
I-Bitdefender iphakamisa uxhulumaniso olunokubakho phakathi kweRustDoor kunye neentsapho ezidumileyo ze-ransomware ezifana ne-Black Basta kunye ne-BlackCat, echaza ukufana kwiziseko ze-C2. Le yokugqibela, ebhalwe kwiRust, yafumana indumasi yobuvulindlela imodeli yeshishini evuzayo yoluntu ngaphambi kokuba ichithwe ngurhulumente wase-US ngoDisemba 2023. Umphandi wezoKhuseleko uAndrei Lapusneau ugxininisa imbonakalo yomhlaba eguqukayo yezoyikiso ze-ransomware, egxininisa imfuno yokuphaphela okuphakamileyo kunye namanyathelo okhuseleko lwe-cybersecurity phakathi. abasebenzisi be-macOS.
Iimpembelelo kunye neMeko yoMngcipheko wekamva
Ukufunyanwa kwe-RustDoor kugxininisa amaqhinga aguqukayo asetyenziswa ngabaphuli-mthetho be-cybercriminal, ngakumbi abo baqhagamshelwe kwimisebenzi ye-ransomware. Ukubanakho ukubiwa kwedatha kunye nokuthotywa kwenkqubo kufuna ukuba kusetyenziswe indlela esebenzayo evela kubasebenzisi kunye nemibutho ngokufanayo. Ukuqonda iimpembelelo kunye nokwamkela izenzo zokhuseleko ezingqongqo kubalulekile ekunciphiseni imingcipheko eyayanyaniswa nezo zoyikiso zinzima ngolo hlobo.
IiNdlela eziPhambili zokuThintela usulelo oluzayo
- Uhlaziyo lweSoftwe rhoqo: Gcina inkqubo yakho yokusebenza kunye nesoftware isexesheni ukuze udibanise ubuthathaka ngokukhawuleza.
- Imfundo yabasebenzisi: Fundisa abasebenzisi malunga nezoyikiso zobuqhetseba kunye nokubaluleka kokuphepha ukukhuphela okukrokrisayo.
- Ukubeka iliso kwinethiwekhi: Sebenzisa iliso lothungelwano elomeleleyo lokubona kunye nokuthintela imisebenzi engalunganga.
- Uhlalutyo lwendlela yokuziphatha: Sebenzisa izisombululo zokhuseleko ezisebenzisa uhlalutyo lokuziphatha ukufumanisa imisebenzi engaqhelekanga.
- UCwangciso lweMpendulo yezehlo: Phuhlisa kwaye uziqhelanise nesicwangciso sokuphendula kwisehlo ukunciphisa ifuthe lokwaphulwa kwemithetho enokwenzeka.
isiphelo
Ukufunyaniswa kukaRustDoor kusebenza njengesikhumbuzo esicacileyo sendalo ehlala iguquka yezoyikiso zokhuseleko lwe-cyber. Ukuqonda okuphakamileyo, ukuqapha okuqhubekayo, kunye nokwamkelwa kwamanyathelo okhuseleko asebenzayo kuyafuneka ukuze ujikeleze umhlaba onzima we-backdoors engaphezulu kunye noqhagamshelo olunokubakho ransomware imisebenzi.