Munguva ichangopfuura, nhau dzakatanga kuti Webhusaiti yepamutemo yeXubuntu yakakanganiswa nekuda kwekutyorwa kwakanyanya kwekuchengetedza, uko kwakanganisa kugovera mushure Varwisi vasingazivikanwe vakakwanisa kukanganisa peji rekudhawunirodha uye kutsiva zvinongedzo zviri pamutemo nefaira rakashata rinonzi "Xubuntu-Safe-Download.zip." Iri faira, iro rairatidza kunge riri pamutemo installer, raitova neWindows Trojan yakagadzirirwa kuba cryptocurrency.
Yambiro yekutanga yakabva kuna a Reddit mushandisi, uyo akaona maitiro ekufungira paaiyedza kurodha Xubuntu kubva panzvimbo yepamutemo. Panzvimbo peiyo torrent kana ISO mufananidzo, iyo faira "Xubuntu-Safe-Download.zip" yakatorwa, yaivemo. a Windows inoshandiswa.
El kuongororwa muVirusTotal akasimbisa izvozvo Iyo faira yaive Trojan yaitevedzera munhu anoisa zvechokwadi uye kunyange yaisanganisira gwaro remanyepo rematemu ebasa kusimbisa kutendeseka kwayo. Zvayo Basa rayo rechokwadi raive rekuita seCrypto Clipper, kubvuta kero dzechikwama checryptocurrency dzakakopwa kuclipboard uye kuitsiva nemakero evanorwisa.
Ndokumbira utarise kuti Xubuntu.org yakabiwa, uye bhatani rayo rekudhawunirodha rinoedza kudhawunirodha "Xubuntu-Safe-Download.zip," inoita kunge inosanganisira TOS neEXE yemanyepo, uye Virustotal inosimbisa kuti ine malware (Trojan). Zvinoita sekuti mumwe munhu ari kuyedza kukwezva maWindows newbies angave achifarira Linux (kutonyanya izvozvi, neWin10's kupera-kwehupenyu kuswedera).
Ndinovimba timu yepurojekiti yeXubuntu uye Ubuntu/Canonical inogona kuita nekukurumidza, asi zvinoenderana nevaya vakatanga kuzviona, zvinoita kunge yanga ichishanda kwemaawa matanhatu. Nyaya yekuti kusagadzikana uku kwave kushanda kwemaawa matanhatu haifanire kuve dambudziko.
Maererano nemishumo, Iyo yakaipa redirect yakaramba ichishanda kweanenge maawa matanhatu timu yeXubuntu isati yabvisa chinongedzo chakakanganiswa. Parizvino, peji rekudhawunirodha rakavharwa uye rinotungamira kune peji resaiti, zvichisimbisa kuti timu iri kuyedza kudzikisira kukuvadzwa.
Iyo malware yakabata vashandisi veWindows chete
Kunyangwe chiitiko ichi chaunza kunetsekana kukuru munharaunda yeLinux, zvese zvinonongedza kune icho Kurwiswa kwacho kwakanangana nevashandisi veWindowsIyo yakaipa inogadziriswa yakaiswa muAppData/Roaming folda (nzira yakasarudzika kune iyo inoshanda sisitimu). Iro faira, rakanziwo “TestCompany.SafeDownloader.exe,” rakanzi rine hutsinye nevatengesi makumi maviri nevatanhatu vemakumi manomwe nevaviri paVirusTotal.
Maererano nekuongorora, Iyi malware haisi mugodhi, asi clipper iyo inogadzirisa zviri mukati me clipboard, inotungamira cryptocurrency transaction kumakero anodzorwa nevanorwisa. Magadzirirwo ayo anoratidza izvozvo yakatsvaga kunyengera vashandisi vasina ruzivo vakanga vachitama kubva kuWindows kuenda kuLinux uye vangasaona mutsauko uripakati penzira dzepamutemo dzekurodha.
Kusagadzikana kweWordPress uye zvinogona kuitika kusati kwapinda
Zvese zvinoratidza izvozvo Kurwiswa kwacho kwakabva mukusagadzikana mukati WordPress kubva kune xubuntu.org saiti, pamwe kuburikidza neplugin yechinyakare. Archive.org matanda anoratidza kuti peji rakagadziridzwa pakati paGumiguru 11 ne18, nguva iyo yakawedzera link yakaipa.
Ndatenda munhu wese. Isu tinovimba nenzvimbo yedu yekutambira kuti tigadzirise, uye zvinoita sekunge pakanga paine diki glitch. Tiri kuzvigadzirisa, asi peji reKudhaunirodha rakavharwa parizvino.
Tiri kuenda kunzvimbo yakamira, iyo inofanirwa kubvisa idzi mhando dzenyaya, asi timu yedu idiki uye yakabatikana zvakanyanya…
Uyewo, MunaSeptember, maitiro asina kunaka akange atotaurwa.kana kuti pasaiti, apo mushandisi akaona bhurogi positi achishambadza kasino. Kunyangwe yakakurumidza kubviswa, haina kunyatsoferefetwa, iyo yave kuita senge yaive chiratidzo chekutanga chekukanganisa.
Zvakakodzera kutaura kuti chiitiko cheXubuntu haisi nyaya yega. Mumwedzi ichangopfuura, nharaunda yakavhurika sosi yakatarisana nekurwiswa kwakawanda: Arch Linux's AUR repository yakatambura kuiswa kweRAT Trojan, Fedora uye Arch zvivakwa zvakanangwa nekurwiswa kweDDoS, uye chiitiko cheRed Hat GitLab chakakanganiswawo.