Esimeni esingapheli sezinsongo ze-cybersecurity, ukuvela kwe-GoBear, uhlelo olungayilungele ikhompuyutha lwangemuva, kuphakamise ukukhathazeka okukhulu phakathi kochwepheshe bezokuphepha. Iklanywe ngolimi lwe-Go futhi yaqinisekiswa ngesitifiketi esisemthethweni se-D2innovation Co.,LTD, i-GoBear isebenza njengosongo oluyimfihlo olukwazi ukusebenzisa imiyalo enonya, ukweba idatha, nokwenza lula isilawuli kude ngabadlali abanonya. Lesi sihloko sidingida ubunkimbinkimbi be-GoBear, izenzo zayo, imiphumela, futhi inikeza umhlahlandlela ophelele wokususwa nokuvimbela kwayo.
I-GoBear Malware Uhlolojikelele
I-GoBear, ebonakala njenge-a i-backdoor malware, izihlukanisa ngokusebenzisa ulimi lwe-Go kanye nokuthola isitifiketi sangempela se-D2innovation Co.,LTD. Lesi sitifiketi sobuqiniso sengeza isendlalelo senkimbinkimbi, sikhomba ekuntshontsheni okungaba khona noma ukusetshenziswa okungagunyaziwe.
Uhlelo olungayilungele ikhompuyutha lusebenza ngokwenza imiyalo enonya etholwe kuseva ye-Command and Control (C&C), evumela abahlaseli ukuthi bathole ukufinyelela okuqhubekayo ohlelweni oluthelelekile. I-GoBear iqhubekela phambili ngokuhlanganisa ukusebenza kommeleli we-SOCKS5, ithuthukise amakhono ayo futhi ibe namandla okugqugquzela ukuxhumana okuyimfihlo noma ukwenza kube yimfihlo imisebenzi yomhlaseli.
Izenzo Nemiphumela
- Ukwebiwa Kwedatha: I-GoBear isebenzisa imiyalo efana nohlelo olungayilungele ikhompuyutha ye-BetaSeed, ehloselwe ukuntshontsha idatha kusistimu yesisulu. Lokhu kungase kuhlanganise ulwazi olubucayi, imininingwane yokungena, kanye nedatha yebhizinisi lobunikazi.
- Ukulawula kude: Imvelo ye-backdoor ye-GoBear ivumela abahlaseli ukulawula okude nokukhohlisa idivayisi ethelelekile. Lokhu kungase kuhlanganise ukufaka uhlelo olungayilungele ikhompuyutha eyengeziwe, ukwenza imisebenzi yokuhlola, noma ukuqalisa ezinye izenzo ezinonya.
- Ukuhlanganiswa kommeleli we-SOCKS5: Ukufakwa komsebenzi wommeleli we-SOCKS5 kuphakamisa amandla okubalekela ukutholwa, ukuhambisa ithrafikhi enonya ngamaseva amaphakathi, nokwenza imisebenzi yomhlaseli ingaziwa.
Amagama Okuthola Nezinsongo Ezifanayo
I-GoBear itholwe isofthiwe ehlukahlukene yokuvikela ngaphansi kwamagama afana ne-Win64:Evo-gen [Trj], Gen:Variant.Lazy.459270, A Variant Of Win32/GenCBL.EKB, Trojan.Win32.SelfDel.imwn, neTrojan:Win64 /SelfDel!MTB. Ngokuphawulekayo, yabelana ngesitifiketi se-D2innovation Co.,LTD nolunye uhlelo olungayilungele ikhompuyutha olwaziwa nge-Troll.
Umhlahlandlela Wokususa
Ukuze uqede i-malware ye-GoBear ohlelweni lwakho lwe-Windows, landela lo mhlahlandlela ophelele wokususa:
- Ukususwa Mathupha:
- Khomba futhi unqande izinqubo ezisolisayo usebenzisa Isiphathi Somsebenzi.
- Thola futhi ususe amafayela anonya ahlotshaniswa ne-GoBear.
- Susa okufakiwe kokubhalisa okuxhunywe kuhlelo olungayilungele ikhompuyutha usebenzisa i-Registry Editor.
- Ukuhlaziywa Kwenethiwekhi: Yenza ukuhlaziya inethiwekhi ukuze uhlonze futhi uvimbele ukuxhumana neseva ye-C&C.
- Iskena Sesoftware Yokuphepha: Qalisa ukuskena okuphelele nge-antivirus esemthethweni noma isofthiwe elwa nohlelo olungayilungele ikhompuyutha ukuze uthole futhi ususe noma yimiphi iminonjana esele ye-GoBear.
Izinyathelo zokuvimbela
- Ukuvuselelwa Kwesoftware: Vuselela njalo isistimu yakho yokusebenza, isofthiwe, namathuluzi okuvikela ukuze uvale ubungozi.
- Ukuqapha Nge-imeyili: Qaphela ngokunamathiselwe kwi-imeyili, ikakhulukazi emithonjeni engaziwa noma esolisayo.
- Imikhuba Yokuphequlula Ngokuphephile: Gwema ukuvakashela amawebhusayithi onakalisiwe, ukuchofoza ezikhangisweni ezinonya, noma ukulanda isofthiwe emithonjeni engathembekile.
- Amalungelo Omsebenzisi: Khawulela amalungelo omsebenzisi ukuze unciphise umthelela wezifo ezingase zibe khona ngohlelo olungayilungele ikhompuyutha.
Isiphetho
I-GoBear ime njengosongo olukhulu endaweni yokuhlasela kwe-cyberattacks, isebenzisa amasu athuthukile ukuze ibeke engcupheni amasistimu futhi yebe imininingwane ebucayi. Ukuqonda izenzo zayo, imiphumela, nokusebenzisa izinqubo zokuphepha eziqinile kuyizinyathelo ezibalulekile ekuvikeleni lokhu kanye izinsongo ezifanayo. Hlala unolwazi, hlala uqaphile, futhi ubeke phambili ukuphepha kwe-cybersecurity ukuze uvikele indawo yakho yedijithali ekuveleni izinsongo ze-malware njenge-GoBear.