Inkampani yokuphepha kwe-cyber I-Awake Security isanda kwethulwa ngubani owayexwayise iGoogle ku ubukhona bezandiso eziyi-111 ezinonya ze-Chrome, ezilandwe izikhathi ezingama-32,9 million nalapho iGoogle isanda kukubika lokho I-106 yalezi zandiso ayisatholakali ku-Chrome Web Store nokuthi lezo ebezisetshenziswa zikhutshaziwe.
Lokhu kutholakala kuza ezinyangeni ezimbalwa ngemuva kokuthi iDuo Security ibike ukuthi izandiso ezingama-500 zilande idatha yokuphequlula ngasese ezigidini zabasebenzisi kusukela ngoJanuwari 2019.
Ngokusho kwe-Phaphama Kwezokuphepha, lezi zandiso kungenzeka zakhiwe ngumthuthukisi oyedwa. Okufana ngabo bonke ukuthi yonke imisebenzi yabo zixhunywe neGalComm, umbhalisi wesizinda se-Intanethi.
Nokho, I-Awake Security ithi iGalComm ayikho ngemuva yalo mkhankaso omkhulu, kodwa bekufanele ngabe uyazi ukuthi kwenzakalani.
“Ezingxenyeni ezingama-26.079 ezitholakalayo ezibhaliswe yiGalComm, izizinda eziyi-15.160, noma cishe ama-60%, zinobungozi noma ziyasolisa. Sithole futhi sethula ubufakazi bokuthi lezi zizinda zisetshenziselwa ukusingatha amathuluzi endabuko we-malware nezokuqapha iziphequluli, ”kusho inkampani yonogada.
Ngokwakhe, umnikazi wombhalisi wakwa-Israyeli, uMose Fogel, uthe:
"IGalComm ayibandakanyeki futhi ayiyona into esetshenziswayo kunoma yimuphi umsebenzi onobungozi." Kodwa-ke, ithe iningi lala magama wesizinda abengasebenzi futhi lizoqhubeka nokuphenya amanye.
Futhi, iningi lalezi zandiso zabelana ngemidwebo efanayo nesisekelo sekhodi esifanayo. Banikela, ngokwesibonelo, izinsizakalo ezifana nokuvimbela amawebhusayithi ayingozi noma ukuguqulwa kwamafayela.
Ngakolunye uhlangothi, Izandiso Zokuvimbela I-Malware Azisebenzi, Abacwaningi Bezokuvikela Bayazi. Ngemuva kokuhlola eyodwa yazo, i-ByteFence, bathole ukuthi ihlukanisa amasayithi amaningi anobungozi ngokuthi "aphephile."
I-ByteFence inguqulo evuselelwe yesinye isandiso esibizwa ngokuthi yi-Reason Core Security.
"Sithole ukuthi yayihambisana ne-malware endle ngesikhathi kwenziwa lolu phenyo," kusho abacwaningi.
Okubi kakhulu, "kuyenzeka kaningi ukuthi kufakwe inguqulo yangokwezifiso yephakheji ye-Chromium ezimele enezandiso ezinonya esezivele zifakiwe"
Le ndlela ivumela umhlaseli ukuthi adlule ngokuphelele esitolo se-Chrome futhi uvikele noma iziphi izilawuli zokuphepha. Njengoba abasebenzisi abaningi bengawuboni umehluko phakathi kwe-Chrome ne-Chromium, lapho becelwa ukuthi benze isiphequluli esisha isiphequluli sabo esizenzakalelayo, bavame ukwenza njalo, baphendulele isiphequluli sabo esikhulu sibe isiphequluli esizoqhubeka ngokujabula ukulayisha izandiso ezinonya ezivela kweminye imithombo ehlobene neGalComm.
Ngaphezu kwalokho, amaqembu ezokuphepha ezinkampani angenza kahle ukuvuma ukuthi izandiso zesiphequluli ezinonya zibeka engcupheni enkulu, ikakhulukazi ngoba izimpilo zethu zedijithali manje zenziwa kakhulu esipheqululini.
Futhi, lokhu kusongelwa kudlula izindlela eziningi zokuphepha zendabuko, kufaka phakathi izixazululo zokuphepha zamaphoyinti okufinyelela, izinjini ezaziwa ngegama lesizinda, amaseva we-web proxy, nama-sandbox asuselwa kumafu.
Ngakho-ke, amaqembu ezokuphepha kumele aqhubeke afune amaqhinga, amasu nezinqubo ukunxephezela izikhala zobuchwepheshe ”, kweluleka inkampani.
Kuze kube manje, iGoogle isuse izandiso eziyi-106 kwezingu-111 ezinonya.
"Uma sixwayiswa ngezandiso ze-Web Store ezephula izinqubomgomo zethu, sithatha izinyathelo futhi sisebenzise lezi zigameko njengezinto zokuqeqesha ukwenza ngcono ukuhlaziywa kwethu okuzenzakalelayo nokwenziwa ngezandla," kusho uScott Westover, okhulumela i-Google.
"Senza iskena esijwayelekile ukuthola izandiso sisebenzisa amasu afanayo, ikhodi nokuziphatha," uyanezela.
Kepha abasebenzisi abaningi bakuthola kunzima ukubona izandiso ezinonya ngoba bathambekele ekubeni nenani elikhulu kakhulu labasebenzisi, ngenkathi benziwa yimikhiqizo engaziwa.
Nabo bagxekwa kancane. Ngokuphambene nalokho, bathola amamaki amahle futhi babala imibono eminingi engamanga evela kubasebenzisi be-Intanethi. Futhi, inani lokulandwayo kungenzeka ukuthi lifakwe umoya ukuheha abasebenzisi ukuthi bakufake, ngokusho kwe-Awake Security.
Ekugcineni, uma ufuna ukwazi kabanzi ngayo Mayelana nezandiso ezitholakele, ungabheka imininingwane ngokuya kusixhumanisi esilandelayo.
Umthombo: https://awakesecurity.com