Esambulweni esiphathelene nesambulo, abacwaningi bezokuphepha bathole i-backdoor egxile kakhulu kuma-macOS ebizwa ngokuthi i-RustDoor, ephinde ikhonjwe njenge-Trojan.MAC.RustDoor. Isebenza kusukela ngoNovemba 2023, le software enonya, etholwe yi-Bitdefender, izifihla njengesibuyekezo se-Microsoft Visual Studio, ibeka ubungozi obukhulu kubasebenzisi kuzo zombili izakhiwo ze-Intel ne-Arm. Le ndatshana idingida ubunkimbinkimbi be-RustDoor, ihlola izenzo zayo, imithelela, kanye nokuxhumana kwayo okuthusayo namaqembu adume kabi e-ransomware.
Ukubheka ku-RustDoor macOS Backdoo aka Trojan.MAC.RustDoorr
Indlela yokusakaza ye-RustDoor isalokhu ingaqondakali, nokutholwe kokuqala kuphakamisa ukusabalala kwayo ngamabhinari e-FAT aqukethe amafayela e-Mach-O. Okwandisa ukukhathazeka ukutholwa kwezinhlobonhlobo eziningi zohlelo olungayilungele ikhompuyutha, okusikisela emizamweni yokuthuthukisa eqhubekayo. Ukusukela ngoNovemba 2, 2023, isampula yakudala eyaziwayo ikhombisa isimo sosongo esiqhubekayo nesiguqukayo.
Ifakwe imiyalo ehlukahlukene, i-RustDoor inika abalingisi abasabisayo amandla ukuze bavune idatha ebucayi, balayishe amafayela, futhi baqoqe ulwazi olumayelana namasistimu onakalisiwe. Ukuphindaphinda okuthile kohlelo olungayilungele ikhompuyutha kufaka ukulungiselelwa okungenziwa ngendlela oyifisayo, okucacisa idatha ezoqoqwa, izandiso zefayela eliqondiwe, izinhlu zemibhalo ezigadiwe, nezinhla zemibhalo ezingafakiwe. Idatha entshontshiwe ithunyelwa ngokulandelayo kuseva ye-Command-and-control (C2), ephakamisa ukusebenza kobugebengu bamakhompuyutha obuhlanganisiwe.
Izinguqulo Eziningi Ze-RustDoor Ziyatholakala
Lesi sakhiwo esingemuva sibonisa ukuphindaphinda okuhlukahlukene, sabelana ngokusebenza okuyisisekelo okufanayo nokungafani okuncane. Ibhalwe phakathi Rust, ikhodi yomthombo yembula amagama wangempela wamafayela lapho kuhlaziywa kanambambili. I-syntax eyingqayizivele ye-Rust ibeka izinselele kubacwaningi bezokuphepha, ihlinzeka ngenzuzo yamasu kubabhali bohlelo olungayilungele ikhompuyutha ukuze bagweme ukutholwa nokuhlaziywa okujulile.
I-Bitdefender iphakamisa ukuxhumana okungaba khona phakathi kwe-RustDoor nemindeni edume kabi ye-ransomware efana ne-Black Basta ne-BlackCat, icaphuna ukufana nengqalasizinda ye-C2. Eyakamuva, ebhalwe ku-Rust, yazuza udumo ngokuvula imodeli yebhizinisi evuzayo yomphakathi ngaphambi kokuhlakazwa kwayo nguhulumeni wase-US ngoDisemba 2023. Umcwaningi wezokuphepha u-Andrei Lapusneau ugcizelela isimo esiguqukayo sokusatshiswa kwe-ransomware, egcizelela isidingo sokuqapha okuphakeme kanye nezinyathelo eziqinile zokuphepha ku-inthanethi phakathi abasebenzisi be-macOS.
Imithelela kanye Nosongo Lwesikhathi Esizayo
Ukutholwa kwe-RustDoor kugcizelela amaqhinga aguqukayo asetshenziswa izigebengu zamakhompiyutha, ikakhulukazi lawo axhumene nemisebenzi ye-ransomware. Amandla okuntshontshwa kwedatha kanye nokufakwa engozini kwesistimu kudinga indlela esheshayo evela kubasebenzisi nezinhlangano ngokufanayo. Ukuqonda imithelela kanye nokwamukela izinqubo zokuphepha eziqinile kubalulekile ekudambiseni ubungozi obuhambisana nezinsongo eziyinkimbinkimbi kangaka.
Izindlela Ezinhle Kakhulu Zokuvimbela Ukutheleleka Okuzayo
- Izibuyekezo Zesofthiwe Ezivamile: Gcina isistimu yakho yokusebenza nesofthiwe kusesikhathini samanje ukuze ulungise ubungozi ngokushesha.
- Imfundo Yomsebenzisi: Fundisa abasebenzisi mayelana nezinsongo zobugebengu bokweba imininingwane ebucayi kanye nokubaluleka kokugwema ukulanda okusolisayo.
- Ukuqapha Inethiwekhi: Sebenzisa ukuqapha kwenethiwekhi okuqinile ukuze uthole futhi uvimbele imisebenzi enonya.
- Ukuhlaziywa kokuziphatha: Sebenzisa izixazululo zokuphepha ezisebenzisa ukuhlaziywa kokuziphatha ukuze kutholwe imisebenzi engajwayelekile.
- Ukuhlelwa Kwempendulo Yesigameko: Yakha futhi uzijwayeze uhlelo lokuphendula isigameko ukuze unciphise umthelela wokuphulwa kwemithetho okungaba khona.
Isiphetho
Okutholwe yi-RustDoor kusebenza njengesikhumbuzo esiqinile semvelo ehlala ishintsha yezinsongo ze-cybersecurity. Ukuqwashisa okuthuthukisiwe, ukuqapha okuqhubekayo, kanye nokwamukelwa kwezinyathelo zokuphepha ezisebenzayo kubalulekile ukuze uzulazule endaweni eyinkimbinkimbi ye-backdoors ethuthukisiwe kanye nokuxhumeka kwabo okungenzeka I-ransomware imisebenzi.