Palo Alto Networks Discovers Ransomware Macs Targeting
I te Maehe 4, 2016, Palo Alto Networks, he kamupene rongonui rongonui, i tuhia tana kitenga o KeRanger ransomware i te whakawhiti i te Whakawhiti, te kaihokohoko Mac BitTorrent rongonui. I kitea te malware i roto i te kaiwhakahaere mo te putanga 2.90.
I hohoro tonu te tango i te paetukutuku Transmission i te kaiwhakahaere pangia me te akiaki i te tangata e whakamahi ana i te Transmission 2.90 hei whakahou ki te putanga 2.92, kua whakamanahia e te Whakawhiti kia kore ai e KeRanger.
Kaore i te korerohia te kawe korero mo te ahuatanga o te kaiwhakahaere o te taiao pangia i runga i ta raatau paetukutuku, kaore hoki i taea e Palo Alto Networks te whakatau i te ahuatanga o te pae whakawhiti.
KeRanger Ransomware
Ko te ransomware KeRanger e mahi ana i te nuinga o te ransomware, na te whakamuna i nga kōnae i runga i to Mac, me te tono kia utua; i roto i tenei take, i te ahua o te bitcoin (e whai hua ana i te $ 400) i tenei wa hei whakarato ia koe ki te kihi whakamuna hei whakaora i au kōnae.
Kua whakauruhia te ransomware KeRanger e te kaiwhakarato whakawhiti. Ka whakamahi te kaiwhakahaere i tetahi tiwhikete kaiwhakarato taupānga a Mac, me te whakauru i te ransomware ki te rere i te hangarau o te OS Gatekeeper o OS X o mua , e kore ai e whakauru i te malware i runga i te Mac.
Ina oti te whakauru, ka whakatakotohia e KeRanger he whakawhitiwhitinga me tetahi kaiwhakarato mamao i runga i te whatunga Tor. Ka haere ki te moe mo nga ra e toru. Ka oho ake, ka whiwhi a KeRanger i te matua whakamunatanga mai i te tūmau mamao, ka puta mai ki te whakamuna i nga kōnae i runga i te Mac pangia.
Ko nga kōnae e whakamunatia ana kei roto i te kōpaki Kaiwhakamahi / Kaiwhakamahi, e hua ana i te nuinga o nga kōnae kaiwhakamahi i runga i te Mac ka tukuna hei whakamuna me te kore e whakamahi. I tua atu, ko Palo Alto Networks e whakaatu ana ko te Pukapuka Puka / Pukapuka, kei roto te tohu maunga mo nga taputapu rokiroki katoa, mo te takiwa o te takiwa, me to whatunga hoki, he kaupapa hoki.
I tenei wa, kei te hunahia e KeRanger nga korero whakauru e pā ana ki nga tahua Time Machine , engari ki te whaainga te Pukapuka Puka / Pukapuka, kaore ahau e kite i tetahi take kaore i te whakamunahia te puku a te Time Machine. Ko taku whakaaro ko KeRanger he momo hou o te ransomware ko nga korero whakauru mo Time Machine he putea noa i te waehere ransomware; i etahi wa ka mahi, kaore i te wa kaore.
Apple Reacts
I korerotia e Palo Alto Networks te ransomware KeRanger ki a Apple me te Whakawhiti. Ka hohoro te whakahoki wawe; I whakakorea e Apple te tiwhikete kaiwhakawhanake taupānga Mac e whakamahia ana e te taupānga, na reira ka taea e Gatekeeper te whakakore atu i nga whakamahinga o te putanga o KeRanger o naianei. Kua whakahoutia ano hoki e Apple nga waitohu XProject, me te tuku i te pūnaha ārai malware X OS hei whakanui i te KeRanger me te ārai i te tāutanga, ahakoa kua monokia a GateKeeper, kua whirihorahia ranei mo te tautuhinga iti-haumaru.
I tangohia e te mahinga te Whakawhiti 2.90 mai i to raatau paetukutuku, a ka hohoro ano te tuku ano i te putanga maemae o te Whakawhiti, me te putanga o te 2.92. Ka ahei ano hoki te whakaaro kei te titiro ratou ki to raanei paetukutuku, me te tango i nga tikanga kia kore ai e puta.
Me pehea te Tangohia te KeRanger
Kia mahara, ko te tikiake me te whakauru i te putanga pangia o te taupānga Transmission he waahi noa tenei ki te whiwhi KeRanger. Mena kaore koe e whakamahi i te Whakawhiti, kaore koe e hiahia ki te manukanuka ki a KeRanger inaianei.
I te mea kua kore a KeRanger i whakamuna i nga kōnae a Mac, kei a koe te wa ki te tango i te taupānga, me te karo i te whakamunatanga mai i te puta. Mena kua taatatia nga kōnae a Mac, kaore he nui e taea e koe, engari kaore ano i whakamohoatia o tautuhinga. E tohu ana tenei i te take pai mo te whai i tetahi puku kaore i te hono tonu ki to Mac. Hei tauira, ka whakamahi ahau i te Karauna Copy Cloner ki te hanga he wiki a wiki mo nga raraunga o taku Mac . Ko te whare taraiwa e kore e kohikohia i runga i taku Mac engari kia hiahiatia mo te tukanga whakamau.
Mena kua rere ahau ki te take ransomware, kua taea e ahau te whakaora mai i te whakahoki mai i te koina wiki. Ko te whiu anake mo te whakamahi i te kohikohi wiki i te mea ko nga kōnae e taea ana ki te kotahi wiki mai i te ra, engari he pai ake i te utu i etahi cretin kino hei utu.
Mena ka kitea koe i roto i te raruraru o KeRanger i te mea kua puta mai tana mahanga, kaore ahau e mohio ana he huarahi ke atu i te utu i te utu, i te tango ano hoki i te OS X me te timata i runga i te mahinga pokekore .
Tangohia te Tukunga
I roto i te Kaituhi , whakatere ki / Nga tono.
Rapua te taupānga Whakawhiti, a ka pāwhiri-matau i tana ataata.
Mai i te tahua pahū-ake, tīpako Whakaatu Whakaaturanga Whakaatu.
I roto i te matapihi Finder e whakatuwheratia ana, whakatere ki / Paarangi / Rauemi /.
Rapua he kōnae e tapaina ana ko General.rtf.
Mena kei te tuhia te kōnae General.rtf, he putanga pangia o te Whakawhiti kua whakaurua. Mena kei te whakahaere te taupānga whakawhiti, tohaina te taupānga, toia ki te otaota, ka whakakorea te otaota.
Tangohia te KeRanger
Whakawhanake i te Aroturuki Mahi , kei roto i / Nga tono / Whakamahi.
I Hei Mahi Mahi, tīpakohia te ripa PTT.
I roto i te mahinga Rapu Mahi Aroturuki, tomohia e whai ake nei:
kernel_servicea ka huri i te hokinga mai.
Mena kei te noho te ratonga, ka tuhia ki te matapihi Mahi Monitor.
Mena kei konei, panui te ingoa tukanga i te Mahi Monitor.
I te matapihi e whakatuwheratia ana, pawhiria te Paerewa Whakatuwhera me nga Ports.
Te tuhi i te ingoa o te kernel_service pathname; he mea penei:
/ kaiwhakamahi / homefoldername / Library / kernel_serviceTīpakohia te kōnae, ka pāwhiri i te pātene Quit.
Whakahiti ano i nga korero mo runga mo te kernel_time me nga ingoa ratonga o te kernel_complete .
Ahakoa kua waiho e koe nga ratonga i roto i te Mahi Aroturuki, me tuhi hoki koe i nga kōnae mai i to Mac. Ki te pera, whakamahia nga ingoa ingoa kōnae i tuhi koe ki te whakatere ki te kernel_service, te kernel_time, me te kōnae kernel_complete. (Tuhipoka: Kaore koe i te katoa o enei kōnae i runga i to Mac.)
Mai i nga kōnae e hiahia ana koe ki te muku kei roto i to pouaka o te Whare Pukapuka o te Whare Pukapuka, me whakaatu e koe tenei kōpaki motuhake. Ka taea e koe te rapu tohutohu mo te mahi i tenei i roto i te OS X Kei te Hoki i to tuhinga Pupuri Punapuka .
Ka taea e koe te whakauru atu ki te kōpaki Puna, whakakorehia nga kōnae kua whakahuatia ake nei ma te tohaina ki te otaota, ka tiwhiritia-matau i te paanga tawhito, me te whiriwhiri i te Motu Taonga.