Cibiyar Palo Alto ta gano Ransomware Macs Target
Ranar 4 ga watan Maris, 2016, Palo Alto Networks, kamfanin sanannen shahararren kamfanin, ya ba da labarin ganowar KeRanger ransomware da ke kewaye da Transmission, mai mashahuriyar Mac BitTorrent. An samo ainihin malware a cikin mai sakawa don Transmission version 2.90.
Gidan yanar gizon yanar gizon ya sauke kayan aikin da ya kamu da kwayar cutar kuma yana gayyaci kowa ta amfani da Transmission 2.90 don sabuntawa zuwa sashi na 2.92, wanda aka tabbatar ta hanyar Transmission don ya zama kyauta daga KeRanger.
Ba a tattauna yadda aka ba da wanda ya kamu da kwayar cutar a shafin yanar gizon su ba, kuma Palo Alto Networks ba su da ikon tantance irin yadda shafin yanar gizon ya karɓa.
KeRanger Ransomware
Aikin fansa na KeRanger yana aiki kamar yadda mafi yawan ransomware ya yi, ta hanyar ɓoye fayiloli a kan Mac, sannan kuma ana buƙatar biya; a wannan yanayin, a matsayin bitcoin (a halin yanzu ana darajar kimanin $ 400) don samar muku da maɓallin ɓoyayyen don dawo da fayilolinku.
Ana shigar da KeRanger ransomware ta hanyar mai ba da izini mai sakawa. Mai sakawa ya sa yin amfani da takardar shaidar mai kwaskwarima ta Mac, yana barin shigarwa na fansa don ƙulla fasahar OS X na Gatekeeper ta baya , wanda ya hana shigarwa malware akan Mac.
Da zarar an shigar, KeRanger ya kafa sadarwa tare da uwar garken nesa a cibiyar sadarwa ta Tor. Sannan sai ya bar barci har kwana uku. Da zarar ya farka, KeRanger yana samun maɓallin ɓoye daga uwar garken nesa kuma ya fito zuwa fayiloli encrypt akan Mac ɗin kamuwa.
Fayilolin da aka ɓoye sun haɗa da waɗanda ke cikin babban fayil ɗin / masu amfani, wanda ke haifar da mafi yawan fayilolin mai amfani a kan Mac wanda aka cutar da shi kuma ba mai amfani ba. Bugu da ƙari, Palo Alto Networks ta ruwaito cewa Kundin babban fayil, wanda ya ƙunshi ma'auni na dutsen don duk na'urori masu adana da aka haɗe, da na gida da kuma a kan hanyar sadarwarka, ma wani manufa ne.
A wannan lokacin, akwai bayanai mai maƙalawa game da Kewayawa na Time Machine da KeRanger ya ɓoye, amma idan an ƙaddamar da Kundin Jumma'a, ban ga dalilin da ya sa ba a rufe kullun Time Machine ba. Abinda nake tsammani shi ne KeRanger irin wannan sabon fansa na ransomware cewa rahotanni masu raɗaɗɗa game da Time Machine sune bug a cikin lambar ransomware; Wani lokacin yana aiki, kuma wani lokacin ba haka ba.
Apple Reacts
Palo Alto Cibiyoyin sun ruwaito KeRanger fanware ga Apple da Sakon. Dukansu sunyi sauri; Apple ya ragar da takardar shaidar app na Mac ɗin da aka yi amfani da shi, don haka ya bar Gatekeeper ya dakatar da shigar da KeRanger na yanzu. Apple kuma ya sabunta sa hannu na XProject, ya bada tsarin rigakafi na OS X don gane KeRanger kuma hana shigarwa, koda kuwa GateKeeper ya ƙare, ko kuma an saita shi don yanayin tsaro mara kyau.
Sigar ta cire Siffar 2.90 daga shafin yanar gizon su kuma ta sake dawo da wani tsabtatacce na Transmission, tare da lambar adadi na 2.92. Har ila yau zamu iya tunanin cewa suna kallon yadda ake amfani da shafin yanar gizon su, da kuma daukar matakai don hana shi daga sake faruwa.
Yadda za a Cire KeRanger
Ka tuna, saukewa da kuma shigar da kamuwa da kamuwa da na'ura ta Transmission app yanzu shine kadai hanyar samun KeRanger. Idan ba za ka yi amfani da Transmission ba, to yanzu ba za ka damu da KeRanger ba.
Duk lokacin da KeRanger bai boye fayiloli na Mac din ba tukuna, kuna da lokaci don cire app kuma hana boye-boye daga faruwa. Idan fayilolin Mac ɗinku sun riga sun ɓoye, ba za ku iya yin ba sai dai begenku ba a ɓoye ba. Wannan yana nuna kyakkyawan dalili na samun kundin ajiya wanda bai dace da Mac ba. Alal misali, na yi amfani da Cloner Carbon Copin don yin sallar mako-mako na bayanan Mac din . Ƙungiyar kwakwalwa wadda ba a saka a kan Mac ɗin ba sai an buƙata don aiwatar da rufewa.
Idan na shiga cikin halin fansa, zan iya dawowa ta hanyar dawowa daga clone mako. Sakamakon yin amfani da clone na mako guda yana da fayilolin da zai iya zama har zuwa mako guda daga kwanan wata, amma hakan ya fi kyau fiye da biyan wani kullun da ya zama fansa.
Idan ka ga kanka a cikin mummunan halin da KeRanger yake ciki tun da ya riga ya samo tarko, to na san babu wata hanya ta hanyar biyan bashin fansa ko sake sauke OS X kuma farawa da tsabta mai tsabta .
Cire Ɗaukaka
A cikin Sakamakon , kewaya zuwa / Aikace-aikace.
Bincika aikace-aikacen Transmission, sa'an nan kuma danna dama ta icon.
Daga menu na pop-up, zaɓi Nuna Abun Hoto.
A cikin Bincike mai binciken da ya buɗe, kewaya zuwa / Abubuwan / Abubuwan / / /.
Bincika fayil din labeled General.rtf.
Idan Fayil ɗin General.rtf ba a nan ba, kuna da wani kamfani na kamuwa da Shigar da aka shigar. Idan aikace-aikacen Transmission yana gudana, bar aikace-aikace, ja shi zuwa shagon, sa'an nan kuma zubar da sharar.
Cire KeRanger
Kaddamar da Ayyukan Ayyuka , located a / Aikace-aikace / Abubuwan.
A cikin Ayyukan Ayyuka, zaɓi shafin CPU.
A cikin Nemo Ayyukan Ayyuka, shigar da wadannan:
kernel_servicesa'an nan kuma danna komawa.
Idan sabis ɗin ya kasance, za a jera shi a cikin Ayyukan Ayyukan Ayyuka.
Idan ba haka ba, danna sau biyu a cikin tsari a cikin Ayyukan Ayyuka.
A cikin taga wanda ya buɗe, danna maɓallin Open Files da Ports.
Yi bayanin kula da kernel_service pathname; zai yiwu wani abu kamar:
/ masu amfani / homefoldername / Library / kernel_serviceZaɓi fayil, sa'an nan kuma danna maɓallin Quit.
Maimaita abin da ke sama don kernel_time da sunayen sunayen sabis na kernel_complete .
Ko da yake kun bar ayyukan a cikin Ayyukan Ayyuka, kuna buƙatar share fayiloli daga Mac. Don yin haka, yi amfani da sunayen fayil ɗin da ka lura da don kewaya zuwa kernel_service, kernel_time, da kernel_complete fayiloli. (Lura: Mai yiwuwa ba za ka sami duk waɗannan fayilolin ba a kan Mac.)
Tun da fayilolin da kake buƙatar sharewa suna samuwa a cikin babban fayil na babban ɗakunan Kundin ajiya, za a buƙatar yin wannan babban fayil na bayyane. Zaka iya samun umarni game da yadda za a yi haka a cikin OS X Ana Kula da Rubutun Gidan Lantarki .
Da zarar ka sami damar shiga babban fayil na Library, share fayilolin da aka ambata a sama ta hanyar jawo su zuwa shagon, sannan ka danna maɓallin shagon, da kuma zaɓin Kayan Kayan Kayan.