I-SnakeStealer, i-infostealer ekhokela intshukumo yobusela obuyimfihlo

  • I-Snakestealer ikhokelela ekubhaqweni kwe-infostealer kwihlabathi jikelele, ibalwa malunga ne-1/5 yazo zonke iimeko, ngokutsho kwe-ESET telemetry.
  • Isebenza ukusukela ngo-2019 (eyayisakuba yi-404 Keylogger), ukunyuka kwayo kusekwe kwimodeli ye-malware-njengenkonzo kunye nokufuduswa kwe-Agent Tesla.
  • Iba isikhangeli, i-imeyile, kunye neziqinisekiso zengxoxo, yenza i-keylogging, ibambe izikrini, kwaye ikhuphele ngeFTP, iTelegram, okanye i-imeyile.
  • Ukukhuselwa kubandakanya ukuhlaziywa, i-MFA, izisombululo zokhuseleko kunye nokulumkisa kunye ubuqhetseba kunye nezihlomelo.
Alberto Navarro

Imizuzu ye4

Ukweba i-infostealer

I-SnakeStealer ibihamba phambili kwi-cybersecurity headlines kulo nyaka: I-metrics yangaphakathi ye-ESET ibonisa ukuba oku I-20% yokufunyanwa Ehlabathini lonke, ngaphambi kwezinye iintsapho ezisebenzayo. Ugxininiso lwabo lucacile: ukubiwa kweziqinisekiso kunye nedatha ebuthathaka ngokufihlakeleyo, kwinqanaba elikhulu, kunye nekhonkco lokuhambisa eliguquguqukayo.

Kumhlaba olawulwa lishishini lolwaphulo-mthetho kunye nokwenziwa kwemizi-mveliso yolwaphulo-mthetho, ukwandiswa kwawo kuhambisane nefomathi. I-malware-njengenkonzo (MaaS)Lo mzekelo uvumela abadlali abaninzi ukuba baqalise amaphulo ngaphandle kwamava amaninzi, ngelixa i-SnakeStealer isenza umsebenzi ongcolileyo: ukuvunwa kwephasiwedi, ukuzingisa, kunye neendlela ezahlukeneyo zokukhupha.

Imvelaphi kunye nokunyuka kweSnakeStealer

Le ntsapho ibuyele ngo-2019, xa yaphakanyiswa njenge-404 Keylogger kwaye, kwiimveliso ze-ESET, yafunyanwa phantsi kwesiginitsha. MSIL/Spy.Agent.AESIgama layo lisikhumbuza umdlalo wakudala weNyokaIintlobo zokuqala ezisetyenzisiweyo Ingxoxo njengendawo yokuhlala uba, ikhutshelwe emva kokuba ixhoba linxibelelane ne-phishing email attachment.

Ngexesha lika-2020 kunye no-2021, iincopho zomsebenzi zabonwa kwimimandla eyahlukeneyo ngaphandle kwepateni ecacileyo yejografi, kunye nokufunyanwa okusasazeka kwihlabathi liphela kwaye akukho maphulo apheleleyo okubalelwa kwiLatin America. Ukutsiba okuqinisekileyo kufike emva kokuwa kwe Ummeli uTesla: Abaqhubi bayo bakhombe kwi-SnakeStealer njengokutshintsha kweziteshi zeTelegram apho yanikezelwa njenge-MaS, into ehambelanayo yeka uhlaziyo lolunye usaphoNgokunxuseneyo, ezinye izoyikiso ezinje nge-AsyncRAT, HoudRAT, LummaStealer kunye neFormBook zahlala zikhona, kodwa ngaphandle kokugqithisa ukuphakama kweSnakeStealer.

Imivundla yerobhothi eFlorida
Inqaku elidibeneyo:
Imivundla yeRobhothi eFlorida: iqhinga lokubamba iipython kwi-Everglades

I-malware eyeba igama eliyimfihlo ngo-2025

Izakhono, ii-vectors kunye nokukhutshwa

I-SnakeStealer ayiveli kubuchule obukhethekileyo, kodwa ngokuba yi-malware Modular imisebenzi yayo yenziwe isebenze okanye ingasebenzi xa ifayile enobungozi yenziwe. Usasazo luye lwavela ngokuhamba kwexesha: nangona uqhagamshelwano lokuqala luhlala luhlala luhlala phishing attachment, iphinde yabonwa kwipakethe ecinezelweyo ekhuselweyo ngegama eligqithisiweyo, iifomati ezicinezelekileyo ezifana ne-RTF okanye i-ISO esetyenziswa njenge abakhupheli, kwaye nkqu, ngamaxesha athile, ifihliwe njenge imifuno okanye ii-apps zomgunyathi.

  • Ukuphepha kunye nokuchasana nohlalutyo: Iphelisa iinkqubo zesixhobo sokhuseleko, i-debuggers, kunye nezixhobo zokuhlalutya; ijonga ihardware ukunqanda ukuphunyezwa koomatshini benyani.
  • Uzingiso: uhlengahlengiso kwiirekhodi ze-Windows ukuze zihlale zisebenza emva kokuqalisa kwakhona.
  • Ubusela beenkcukacha: Ukutsalwa kwiibrowser, ii-database, i-imeyile kunye nabathengi bengxoxo (kubandakanya i-Discord), kunye neephasiwedi zenethiwekhi ye-Wi-Fi.
  • Ukujongwa kweqela: ukubamba ibhodi eqhotyoshwayo, ukungena kwezitshixo (keylogging) kunye nokuthatha iifoto zesikrini.

Nje ukuba ulwazi luqokelelwe, umqhubi angakhetha amajelo amaninzi ukuba ayisuse kwinkqubo: layisha kumncedisi ngo FTP, upapasho kumjelo we yocingo nge-HTTP okanye ngokuthumela nge imeyile njengefayile ecinezelweyo. Olu lwahluko lunzima ukuvala enye kwaye lufuna ukhuselo olunolwaleko.

Usongelo lobusela beenkcukacha

Amanyathelo okukhusela kunye nokuphendula

Ukunciphisa indawo yokuhlaselwa yinto ebalulekileyo: umxube wemikhwa, iteknoloji kunye nokuqinisekisa kunokwenza umehluko ngokuchasene ne-a olubanzi infostealer njenge Snakestealer. Kucetyiswa ukuphumeza ulawulo olusisiseko kwaye ulungiselele impendulo yesiganeko.

  • Hlaziya inkqubo yokusebenza kunye nezicelo ngokukhawuleza ukuba iipetshi zikhona.
  • Qesha izisombululo zokhuseleko zombini kwiikhompyuter kunye nezixhobo eziphathwayo.
  • Ukungathembi izihlomelo kunye namakhonkco kwii-imeyile okanye kwimiyalezo engacelwanga; qinisekisa ngokusebenzisa amajelo asemthethweni ukuba umthumeli ubanga ukuba yi-brand eyaziwayo.
  • Sebenzisa i uqinisekiso lwezinto ezininzi (MFA) nanini na kunokwenzeka ukunciphisa ifuthe lobusela begama eliyimfihlo.
  • Ukuba ukrokrela usulelo, tshintsha onke amagama agqithisiweyo kwesinye isixhobo, rhoxisa iiseshini ezivulekileyo kwaye ubeke iliso kwiintshukumo ezingaqhelekanga kwiiakhawunti zakho.

Ezi zenzo aziqinisekisi ukungakhuseleki, kodwa ziphakamisa umgangatho kubahlaseli kwaye zenza kube nzima ukuba idatha ebiweyo isetyenziswe. ukufikelela okungagunyaziswanga kwityathanga.

Ukhuseleko nxamnye infostealers

Ngeshumi leminyaka emva kwayo ukusukela kwiimpawu zayo zokuqala, iSnakeStealer idibanisa ukuhanjiswa okuguquguqukayo, imodeli yeMaS kunye namandla aqinisekisiweyo okuzibeka njenge oyena infostealer ubukelwe kakhulu okwangokuNangona kunjalo, indibaniselwano yeepetshi, i-MFA, izisombululo zokhuseleko, kunye nesilumkiso sobuqhetseba kuhlala kusesona sithintelo sisebenzayo sokuthintela ishishini lakho kunye nokunciphisa ixabiso lolwazi olubiweyo.


Silandele kwiiNdaba zikaGoogle