An gano walat ɗin da ke nuna azaman aikace-aikacen hukuma a cikin Shagon Snap

Darkcrizt

3 minti

Shagon Tafiya

Apps na yaudara akan Snap Store

An fitar da labarin kwanan nan a cikin kundin aikace-aikacen Shagon Tafiya (an yi amfani da shi a cikin Ubuntu kuma Canonical ya kiyaye shi), An gano aikace-aikacen 10 waɗanda aka tsara azaman abokan ciniki na hukuma don walat ɗin cryptocurrency shahara, amma a zahiri ba su da alaƙa da masu haɓaka waɗannan ayyukan kuma sun aiwatar da munanan ayyuka.

An ambaci, abin damuwa shi ne wadannan An yiwa ƙa'idodi "Lafiya" a cikin kasidar, haifar da ra'ayi cewa an tabbatar da su kuma suna da aminci don amfani.

Waɗannan ƙa'idodin mai amfani digisafe00000 ne ya buga kuma an gabatar da sunaye masu kama da ainihin aikace-aikacen cryptocurrency. Ko da yake Da farko an cire su daga kas ɗin Store ɗin Snap, da sauri suka sake bayyana ƙarƙashin sabon mai amfani da ake kira codeguard0x0000, tare da ƴan canje-canjen sunayen fakiti kamar "exodus-build-71776" da "metamask-stable28798".

Wannan matsalar ba sabuwa bace tun An yi irin wannan aiki a watan Fabrairu. mece ya yi sanadiyar sace kusan bitcoins 9 (kusan $500k) daga mai amfani da ya shigar da abokin ciniki na Fitowa na karya. Saboda mawallafin waɗannan aikace-aikacen ɓarna sun sami nasarar gujewa tsarin tabbatar da fakitin atomatik na Snap Store, wasu masana sun ba da shawarar dakatar da buga aikace-aikacen da ba a tabbatar da su ba akan wannan dandali, bin misalin takunkumin za a aiwatar da shi a cikin 2022 don aikace-aikacen wannan. nau'in. Yana da kyau a faɗi cewa waɗannan aikace-aikacen da aka dakatar an danganta su da ayyukan akan dandalin haɓaka haɗin gwiwa SourceHut.

Game da lamarin, skuma sun buɗe wasu zaren akan dandalin Snapcraft:

Mun ga yawan loda manhajojin da ke yaudarar masu amfani wajen bayyana mahimman bayanai. Waɗannan ba sa kai hari kan injiniyan tsarin, amma suna kai hari ga mai amfani ta hanyar injiniyan zamantakewa, don haka dokokin kullewa ba za su iya magance matsalar ba.

Ƙungiyar tana aiki akan matakai daban-daban don ragewa da rage haɗarin aikace-aikace kamar wannan. Koyaya, abin da ke damun ni shine ana iya sabunta manhajojin, don haka ko da an yi bitar app sosai a lokacin da aka fara fitar da shi, wannan app ɗin na iya zama yaudara a kwanan baya.

Abu ɗaya da za mu iya yi shi ne buƙatar ƙarin cikakkiyar shaidar shaidar mawallafi ga kowane mawallafi. Za mu iya buƙatar katin kiredit kuma za mu iya haɗa nau'in fasahar "san abokin cinikin ku" wanda bankunan app ke amfani da su don tabbatar da wani nau'in ganewa, kamar fasfo. Waɗannan yawanci suna buƙatar wani abu kamar hoton fasfo tare da bidiyon mutumin da ke magana. Ina tsammanin yawancin bankuna suna amfani da sabis na SAAS don wannan damar KYC kuma za mu iya amfani da sabis iri ɗaya don tabbatar da asalin mawallafin Snapcraft.

Aikace-aikace sune dummies waɗanda ke nuna shafukan yanar gizo daga rukunin yanar gizo na waje ta yin amfani da abin rufe fuska na WebKit GTK wanda ke kwatanta aikin aikace-aikacen tebur na yau da kullun (wanda ya faru a watan Fabrairu ya ƙunshi aikace-aikacen ƙage da aka rubuta a cikin Flutter). Daga cikin ayyukan, kawai aiki na shigo da maɓalli da sake dawo da walat ɗin yana aiki, da ƙoƙarin ƙirƙirar sabon ƙarshen walat tare da kuskure.

Fitowa

jakadan fita na karya

Kamar yadda irin wannan, an ambaci hakan javascript abu ne mai sauƙi, tunda yana da ƙamus na kalmomin da aka yarda a cikin maɓallin dawo da tunda mai amfani yana rubuta kalmomi, aikace-aikacen yana bincika jerin kuma idan duk kalmomin da aka shigar suna cikin ƙamus, zai ba da damar amfani da maɓallin "Ci gaba" don aika buƙatar "POST" zuwa wurin ƙarshe / tattarawa. akan uwar garken. Har ila yau, lokaci-lokaci yana "pings" uwar garken tare da sauƙi mai sauƙi don duba haɗin yanar gizo, telemetry, ko ganin wanne daga cikin aikace-aikacen walat ɗin yaudara ake amfani da su.

Idan mai amfani ya yi aikin shigo da kaya daga wallet ɗin da ke akwai, za a aika kalmar wucewar dawo da ita zuwa uwar garken maharan kuma ana nuna wa mai amfani saƙo game da gazawar dawo da walat. Da zarar an sami damar shiga maɓallan, maharan suna cire duk kuɗi daga jakar wanda abin ya shafa.

Idan kun kasance sha'awar ƙarin sani game da shi, zaka iya duba bayanan A cikin mahaɗin mai zuwa.


Bar tsokaci

Your email address ba za a buga. Bukata filayen suna alama da *

*

*

  1. Wanda ke da alhakin bayanan: Miguel Ángel Gatón
  2. Manufar bayanan: Sarrafa SPAM, sarrafa sharhi.
  3. Halacci: Yarda da yarda
  4. Sadarwar bayanan: Ba za a sanar da wasu bayanan ga wasu kamfanoni ba sai ta hanyar wajibcin doka.
  5. Ajiye bayanai: Bayanin yanar gizo wanda Occentus Networks (EU) suka dauki nauyi
  6. Hakkoki: A kowane lokaci zaka iyakance, dawo da share bayanan ka.