Palo Alto Networks Inotsvaga Ransomware Targeting Macs
Musi waMarch 4, 2016, Palo Alto Networks, inonyanya kuzivikanwa nekambani yekuchengetedza, yakatumira kuwanikwa kwayo kweKeRanger ransomware inokonzera Transmission, iyo yakakurumbira Mac BitTorrent mutengi. Iko chaiyo malware yakawanikwa mukati mekuisa kweTransmission version 2.90.
The Transmission website yakakurumidza kuisa mukana wekugadzirisa uye iri kukurudzira chero munhu anoshandisa Transmission 2.90 kuti avandudze kuchinangwa 2.92, icho chave chichigadziriswa neKutumirwa kusunungurwa kweKeRanger.
Kudengenyeka hakuna kukwanisa kutaurirana kuti uyo akaisa chirwere anokwanisa sei kugadziriswa pawebsite yavo, uyewo Palo Alto Networks haana kukwanisa kuziva kuti nzvimbo yeTransmission yakakanganisa sei.
KeRanger Ransomware
CheKeRanger ransomware inoshandisa shanduro yakawanda inoshandiswa, nekunyora mafaira pa Mac yako, uye ichida kubhadhara; muchiitiko ichi, nenzira ye bitcoin (ikozvino inofanirwa kudarika madhora mazana mana) kuti ikupei chinyorwa chekunyora kuti uwane mafaira ako.
KeRanger ransomware inosungirirwa neTrust Transfer installer. Iyo installer inoshandisa shanduro yevashandi vemu Mac yakavimbika, ichibvumira kuiswa kwekomborerwe kubhururuka mberi kwekambani ye OSS's Gatekeeper , iyo inodzivisa kuiswa kwe malware pa Mac.
Kana imwe yaiswa, KeRanger inogadzirisa kukurukurirana ne server iri kure pane Tor network. Iyo inobva yaenda kurara kwemazuva matatu. Kana ikangomuka, KeRanger inowana kiyi yekuvharidzira kubva kune yakasara server uye inowedzera kunyora mafaira pane Mac inotapukirwa.
Mafaira akavharidzirwa anosanganisira avo vari mu / Folder Users, izvo zvinoita kuti mafaira akawanda emashandisi emakirini ane HIV agone kunyorwa uye asingashandisi. Mukuwedzera, Palo Alto Networks inoshuma kuti iyo / Volumes folder, iyo ine chinyorwa chepamusoro chezvinhu zvose zvakachengetedzwa zvekuchengetedza, zvose zviri mukati uye pamaketani ako, zvinoshandiswawo.
Panguva ino, kune mashoko akasiyana-siyana maererano neHitch Machine mabhakku akave akafuridzirwa neKeRanger, asi kana iyo / Volumes folder inotarisirwa, handioni chikonzero nei Time Machine inotya isingave yakanyorwa. Kufungidzira kwangu ndeyekuti KeRanger ndiyo yakagadzirirwa chikamu chekudzikinura kuti mitsva yakavhiringidzika pamusoro peHat Time Machine inongova chigumbu mu code ransomware; dzimwe nguva inoshanda, uye dzimwe nguva haiti.
Apple Inopindura
Palo Alto Networks yakashuma KeRanger ransomware kuna Apple neTransmission. Vose vakaita zvakakurumidza; Apple yakashandura chikwata chekunyora chikwata cheM Mac chinoshandiswa ne-app, nokudaro achibvumira Gedhi reGedhi kurega kuwedzera kuiswa kweiyo yeKeRanger yazvino. Apple zvakare yakashandura XProject zvinyorwa, zvichibvumira OS X malware kudzivirira system kuti ione KeRanger uye kudzivirira kushandiswa, kunyange kana GateKeeper yakaremara, kana yakagadzirirwa kuchengetedzwa kwepasi.
Kutumirwa kwakabviswa Kutengesa 2.90 kubva pawebsite yavo uye nokukurumidza kwakadzokorora shanduro yakachena yeTransmission, ine nhamba yehurukuro ye 2.92. Tinogonawo kufunga kuti ivo vari kutarisa kuti sei webhusaiti yavo yakanyengedzwa, uye kutora matanho ekudzivirira kuti irege kuitika zvakare.
Nzira Yokubvisa KeRanger
Yeuka, kukanda uye kuisa shanduko ine hutachiwana yeProgramu yeTransmission ndiyoyo nzira chete yekuwana KeRanger. Kana iwe usingashandisi Transmission, ikozvino haufaniri kunetseka nezveKeRanger.
Chero bedzi KeRanger isina kuvhara mafaira ema Mac yako, iwe une nguva yekubvisa purogiramu yega uye kudzivirira kuvharidzira kusati kuitika. Kana mafaira ako Mac akatove akavharidzirwa, hapana zvakawanda zvaunogona kuita kunze kwekuti tariro yako mabheji haana kuvharwa zvakare. Izvi zvinoratidza chikonzero chakanakisisa chekuva nemotokari yekuchengetedza iyo isiri nguva dzose yakabatana neMac yako. Somuenzaniso, ndinoshandisa Carbon Copy Cloner kuti ndiite mavheekisi evhiki nevhiki ye data yangu Mac . Izvo zvinotenderera imba iyo clone haisati yakwira paMac yangu kusvikira ichidiwa pakugadzirisa michina.
Dai ndakanga ndapinda mumamiriro ezvinhu ekudzikinura, ndingadai ndakawanazve kuburikidza nekudzorera kubva pamagetsi evhiki nevhiki. Chero chirango chekushandisa kambani yevhiki nevhiki kune mafaira angave ari kusvika kwevhiki imwe chete kubva musi, asi zviri nani kupfuura kubhadhara vamwe nefarious cretin rudzikinuro.
Kana iwe ukazviwana uri mumamiriro ezvinhu akaipa eKeRanger zvave atoita musungo waro, handizivi zvekubuda kunze kunze kwekubhadhara rudzikinuro kana kuti kukonesazve OS X uye kutanga nekunatswa kuchena .
Bvisa Kudhinda
MuChitsvaga , famba ku / Applications.
Tsvaga App Transmission, uye ipapo-chengeta kurudyi kwayo.
Kubva pane pop-up menu, sarudza Show Package Zviri mukati.
Muwindo re Finder rinotanga, enda ku / Zviri mukati / Resources /.
Tarisa faira inonzi General.rtf.
Kana iyo General.rtf file iripo, une chirwere chetachiwana cheTransmission chakaiswa. Kana iyo App Transmission iri kushanda, siya basa racho, rudonhedze kumarara, uye ugosiya zvidha.
Bvisa KeRanger
Kutanga Basa Rokuongorora , riri pa / Applications / Utilities.
Mune Basa Monitor, sarudza CPU tab.
MuChiitiko Chekutsvaga tsvaga, shandisa zvinotevera:
kernel_serviceuye ipapo nyora kudzokera.
Kana basa iripo, richave rakarongwa muWatch Monitor yewindo.
Kana zviripo, kaviri-chengetedza zita rekuita muIndaneti Monitor.
Muhwindo rinotanga, tora bhora re Open Open uye Ports.
Nyora tsamba ye kernel_service pathname; zvinogona kunge zvakadai sezvi:
/ vashandisi / homefoldername / Library / kernel_serviceSarudza faira, uye bhura bhodhi Bhizimisi.
Dzorerai pamusoro apa kwe kernel_time uye mazita e- kernel_mamwe mazita.
Kunyange zvazvo iwe ukarega mabasa mukati memabasa ekuongorora, iwe unodawo kubvisa mafaira kubva Mac yako. Kuti uite kudaro, shandisa iyo mafaira mapearame awakanyora kuti uende kune kernel_service, kernel_time, uye kernel_kunyora mafaira. (Cherechedza: Iwe unogona kunge usina mahwendefa aya aripo pane Mac yako.)
Sezvo mafaira aunoda kuabvisa ari muimba yako yefaira yepaIndaneti, iwe uchada kuita iyi faira yakaratidzika. Iwe unogona kuwana mirayiridzo yekuti ungaita izvi sei mune OS X Uri Kuchengeta Nyaya yako yeDaily Folder .
Kana uchinge uine pepa reTraibhurari, bvisa mafaira akarehwa pamusoro apa nokuvakwevera kune tsvina, uye pakananga kuvhara kwechirasi, uye pakusarudza Siri Tora.