Kwanan nan, an yi amfani da gidajen yanar gizon da ke kwaikwayon aikace-aikacen saƙon gaggawa kamar Telegram da WhatsApp don rarraba malware da ke cutar da tsarin Android da Windows. An san wannan malware da cryptocurrency clipper malware, wanda ke da nufin satar kudaden cryptocurrency waɗanda abin ya shafa, tare da wasu keɓaɓɓun walat ɗin cryptocurrency.
Masu bincike Lukáš Štefanko da Peter Strýček daga kamfanin Slovakia na yanar gizo na ESET sun bayyana a cikin sabon rahoton bincike na su,
Duk waɗannan aikace-aikacen ɓarna sun yi niyya ga kudaden cryptocurrency waɗanda abin ya shafa, tare da wasu wallet ɗin cryptocurrency niyya.
Kodayake misalin farko na malware clipper malware akan Google Play Store ana iya gano shi zuwa 2019, wannan ci gaban shine karo na farko da aka gina malware na tushen Android a cikin aikace-aikacen saƙon take.
Bugu da ƙari, wasu daga cikin waɗannan aikace-aikacen kuma suna amfani da fasahar tantance halayen gani (OCR) don gano rubutu daga hotunan kariyar kwamfuta da aka adana akan na'urorin da suka kamu da cutar, wanda kuma shine na farko a cikin Android malware.
Sarkar harin ta fara ne da danna tallace-tallace na yaudara a sakamakon bincike na Google ba da gangan ba, wanda ya haifar da daruruwan tashoshin YouTube da ake zargi, a ƙarshe suna tura masu amfani da su zuwa gidajen yanar gizo irin su Telegram da WhatsApp.
Abin da ya sa wannan sabon batch na cryptocurrency clipper malware labari shi ne ikonsa na sa baki rajista rajistan ayyukan da kuma maye gurbin duk wani aika ko samu cryptocurrency adiresoshin walat tare da waɗanda masu yin barazana ke sarrafawa.
Wani gungu na cryptocurrency clipper malware yana amfani da ML Kit, ingantaccen kayan aikin koyo na inji akan Android, don nemo da satar jimlolin iri, mai yuwuwar haifar da zubar da wallet.
Tari na uku na malware yana da nufin sa ido kan tattaunawar Telegram masu alaƙa da wasu kalmomin Sinanci masu alaƙa da cryptocurrency. Idan an sami kowane saƙon da suka dace, yana fitar da dukkan saƙon, sunan mai amfani, sunan rukuni ko tashoshi, da sauran bayanai zuwa sabobin nesa.
A ƙarshe, saitin clipper na Android yana da ƙarin ayyuka, gami da sauya adiresoshin walat, tattara bayanan na'ura, da bayanan Telegram kamar saƙonni da lambobin sadarwa.
Waɗannan su ne sunayen waɗannan fakitin software na ɓarna na apk:
org.telegram.manzo
org.telegram.messenger.web2
org.tgplus.manzo
io.busniess.va.whatsapp
com.whatsapp
ESET ta kuma gano gungu na tushen Windows guda biyu, wanda aka tsara don musanya adireshi na walat, ɗayan kuma yana rarraba hanyar shiga nesa.
