7zip.com Resom Malware

7zip.com de nsiyɛ resom malware ama dwumadiefoɔ a wɔnsusu ho a wɔdi mfomsoɔ kyerɛw 7-Zip download URL a ɛfata no. Sɛ wo anaa obiara a ɔwɔ w’ahyehyɛdeɛ mu akɔ 7zip.com nnansa yi ara akɔhwehwɛ fael compression utility a agye din no a, ebia wo systems no bɛsɛe na ɛho hia sɛ wɔyɛ ho biribi ntɛm ara.

Dɛn Pɛpɛɛpɛ na Ɛrekɔ so wɔ 7zip.com?

7-Zip softwea a ɛfata — fael akoraeɛ nnwinnadeɛ a wɔde di dwuma kɛseɛ wɔ wiase no mu baako — nam 7-zip.org so na ɛkyekyɛ wɔ aban kwan so, ɛnyɛ 7zip.com. Cybersecurity nhwehwɛmufoɔ asi so dua sɛ 7zip.com yɛ typosquatting domain, site bɔne a wɔayɛ sɛ ɛbɛkyere wɔn a wɔde hyphen no gu bere a wɔrekyerɛw URL ankasa no.

Sɛ nsrahwɛfo si fam wɔ 7zip.com a, wɔde 7-Zip wɛbsaet a ɛfata no nsɛso a ɛyɛ nokware kyerɛ wɔn. Kratafa no suasua mfitiase no nhyehyɛe, ahyɛnsode, ne download buttons no pɛpɛɛpɛ a ɛyɛ hu. Nanso, fael a wɔrekyekyɛ afiri saa domain yi mu no nyɛ 7-Zip instɔler ankasa — ɛyɛ trojanized executables a wɔde malware payloads a info-stealers, remote access trojans (RATs), ne credential harvesting software ka ho.

Ntuo no yɛ asiane titiriw efisɛ ɛde ahotoso a nea ɔde di dwuma wɔ softwea ahyɛnsode a agye din na agye din mu no di dwuma. Wɔn a wɔde di dwuma dodow no ara rennya biribiara a wobegyina so ahwehwɛ URL no mu yiye bere a wɔretwe softwea a wɔde adi dwuma dwoodwoo mfe pii no.

Ɔkwan Bɛn so na Malware Ntua Yi Yɛ Adwuma?

Mfiridwuma kwan a ɛwɔ 7zip.com ntua no akyi no di typosquatting agodie nhoma a wɔakyerɛw ho asɛm yiye akyi, nanso ɛwɔ layers pii a ɛyɛ nwonwa a ɛma ɛyɛ adwuma titiriw:

1. Domain registration: Attackers kyerɛw 7zip.com — nkyerɛwde a ɛnteɛ a wɔtaa kyerɛw wɔ 7-zip.org a ɛfata no mu — na wɔyɛ pixel-perfect clone a ɛfa mfitiase sait no ho.
2. SEO awuduru: Wɔayɛ domain bɔne no yie sɛ ɛbɛdi kan wɔ nhwehwɛmu aba mu ama nsɛmmisa te sɛ "download 7zip" anaa "7zip free download," a ɛma organic traffic a ɛfiri search engines mu kɔ soro.
3. Trojanized installer delivery: Sɛ wobɔ download button biara a ɛwɔ site no so a, ɛde executable a 7-Zip installer ankasa (sɛnea ɛbɛyɛ a wobɛkwati adwenem naayɛ) ne malware afã horow a ahintaw nyinaa wom.
4. Silent payload execution: Sɛ wɔde di dwuma wie a, malware no de persistence si system no so, ɛtaa yɛ akyi dwumadie a ɛyi password a wɔakora so, browser cookies, cryptocurrency wallet data, ne company credentials.
5. Ahyɛdeɛ-ne-ahyɛdeɛ nkitahodiɛ: Malware fon ahodoɔ no fie wɔ servers a attacker-controlled servers so, na ɛma wotumi kɔ akyirikyiri kɔ mfiri a ɛwɔ ɔyareɛ no so bere tenten wɔ mfitiaseɛ a wɔagyae mu no akyi.

Saa kwan a ɛwɔ akwan pii yi kyerɛ sɛ ebia wɔn a wɔde di dwuma a wohu biribi a ɛyɛ soronko wɔ instɔlehyɛn akyi mpo no nnim sɛ wɔde akyi pon bi asi hɔ dedaw wɔ wɔn nhyehyɛe no so.

Hena na Ɔwɔ Asiane Kɛse Fi 7zip.com Malware Ɔsatu no Mu?

Bere a ankorankoro biara a ɔde di dwuma no wɔ asiane mu no, ahunahuna no mu yɛ den titiriw ma nnwuma ne ahyehyɛde ahorow. System sohwɛfoɔ, developers, ne IT adwumayɛfoɔ taa twe utilities te sɛ 7-Zip kɔ adwumayɛ mfiri, servers, ne shared environments so. Awieeɛ baako a ɔyareɛ no wɔ mu wɔ adwumakuo ntam nkitahodiɛ mu no bɛtumi ayɛ mpoano ti ama afã a ɛkɔ, ransomware deployment, anaa data exfiltration a ɛka ahyehyɛdeɛ no nyinaa.

a wɔde ahyɛ mu

"Typosquatting ntua wɔ software domains a wogye di so gyina hɔ ma ahunahuna vectors a wobu no adewa sen biara wɔ adwumayɛbea ahobanbɔ mu no mu biako. URL biako a wɔankyerɛw no yiye betumi asɛe ahyehyɛde mũ no nyinaa ntwamutam wɔ nnɔnhwerew mu."

Nnwuma nketewa ne nnwuma a wɔrefi aseɛ no yɛ mmerɛw titire ɛfiri sɛ wɔtaa nni ahobanbɔ akuo a wɔatu wɔn ho ama a wɔbɛhwɛ so ahwɛ nneɛma a ɛkyerɛ sɛ wɔagyae wɔn ho mu. Freelancers, akyirikyiri adwumayɛfoɔ, ne obiara a ɔhwɛ nnwinnadeɛ pii so wɔ mfiri ahodoɔ so — pɛpɛɛpɛ a wɔde wɔn adwene si adwumayɛ so a wɔde wɔn ho to utilities te sɛ 7-Zip so da biara da — hyia exposure a ɛkɔ soro.

Wobɛyɛ Dɛn Abɔ W’adwuma Ho Ban Afiri Typosquatting Malware Ho?

Ahobanbɔ a wɔde bɛbɔ ntua te sɛ 7zip.com ɔsatu no hwehwɛ sɛ wɔde mfiridwuma mu tumidi ne nnipa nimdeɛ a wɔaka abom. Nneɛma a edidi so yi tew w’ahyehyɛde no animtiaabu so kɛse:

• Bere nyinaa hwɛ URL ahorow no mu nokware ansa na woatwe softwea. Bookmark official sources. 7-Zip ankasa no wɔ 7-zip.org nkutoo.
• Fa DNS filtering solutions a esiw domains bɔne a wonim no kwan wɔ network level ansa na wɔn a wɔde di dwuma no mpo atumi de krataafa no ahyɛ mu.
• Ma endpoint detection and response (EDR) nnwinnade a ebetumi ahyɛ nhyehyɛe suban a ɛyɛ soronko a trojanized installers kanyan no frankaa.
• Yɛ ahobammɔ ho nimdeɛ ntetee daa sɛnea ɛbɛyɛ a kuw no muni biara bɛte asiane a ɛwɔ typosquatting mu ase na wahu sɛnea wɔbɛhwɛ sɛ download fibea ahorow no yɛ nokware.
• Akontaabu softwea a wɔde ahyɛ mu nnansa yi wɔ awiei nyinaa. Sɛ ebia obi a ɔwɔ wo kuw no mu akɔ 7zip.com a, fa saa mfiri no sɛ nea ebetumi asɛe na fi ase yɛ asɛm a esii ho mmuae ho nhyehyɛe ntɛm ara.

Wɔ akwan a wɔfa so yɛ ade akyi no, amammerɛ a ɛfa ahobammɔ-di kan adwene a wobɛkyekyere wɔ w’ahyehyɛde no nyinaa mu no yɛ ahobammɔ a ɛtra hɔ kyɛ sen biara fi asetra mu mfiridwuma ne domain spoofing ntua ho.

Sɛ Wokɔ 7zip.com a, Dɛn na Ɛsɛ sɛ Woyɛ?

Sɛ wosusu sɛ woatwe software afiri 7zip.com a, yɛ ho biribi ntɛm ara. Twa afiri a ɛka wo no fi wo network no ho na amma antrɛw wɔ afã horow no. Fa antivirus ne anti-malware adwinnade a agye din di dwuma de yɛ scan a edi mũ. Change all passwords that were stored in browsers on the affected machine — prioritize banking, email, and business accounts. Hwɛ wo browser no credentials a wɔakora so no mu na ma multi-factor authentication nyɛ adwuma wɔ akontaabu a ɛho hia nyinaa so. Bɔ asɛm a esii no ho amanneɛ kyerɛ wo IT anaa ahobanbɔ kuw no na susuw ho sɛ wode adwumayɛfo a wɔyɛ adwumaden bedi dwuma wɔ asɛm a esii ho mmuaema mu sɛ ebia wɔanya adwumayɛ ho nsɛm a ɛho hia a.

Mfa no sɛ sɛ woyi fael a woatwe no afi so a, esiesie ɔhaw no. Malware payloads pii de persistence mechanisms si hɔ a ɛtra ase wɔ software yiyi ne mpo system reboots.

Nsɛmmisa a Wɔtaa Bisa

So 7-Zip ankasa yɛ nhyehyɛe a asiane wom?

Dabi. 7-Zip softwea a ɛfata, a wobetumi anya afi 7-zip.org no yɛ fael akorae a wotumi de ho to so, a wɔabue ano a ɛwɔ abakɔsɛm a ɛware sɛ wɔde di dwuma dwoodwoo. Asiane no nyinaa wɔ atoro wɛbsaet a ɛwɔ 7zip.com a ɛkyekyɛ instɔler no atoro nkyerɛase ahorow a wɔde malware abɔ mu no so. Bere nyinaa twe 7-Zip nkutoo fi aban hyphened domain: 7-zip.org.

Mɛyɛ dɛn ahu sɛ malware a efi 7zip.com no da so ara yɛ adwuma wɔ me system no so?

Nsɛnkyerɛnneɛ a ɛtaa ba no bi ne CPU anaa ntwamutam dwumadie a ɛyɛ soronko, dwumadie foforɔ a wonnim a ɛrekɔ so wɔ Task Manager mu, brawsa a ɛyɛ brɛoo, akonta a wɔatoto mu a wɔnhwɛ kwan, anaa kɔkɔbɔ a ɛfiri wo antivirus softwea mu. Nanso, nnɛyi info-wiafo pii yɛ adwuma komm. Sɛ woatwe afiri 7zip.com a, fa afiri no sɛ ɛyɛ nea asɛe a sɛnkyerɛnne a ɛda adi mfa ho na yɛ forensic scan a edi mũ.

So adwuma sohwɛ kwan a wode bedi dwuma no betumi aboa ma ahobammɔ ho asiane a ɛte sɛɛ so atew?

Yiw. Adwumayɛbea ahorow a ɛwɔ mfinimfini a ɛhwɛ softwea a wɔtɔ so, adwumayɛfo kwan a wɔfa so kɔ hɔ, ne adwumayɛ nhyehyɛe gyinapɛn so tew sɛnea ɛbɛyɛ yiye sɛ adwumayɛfo benya nnwinnade afi mmeae foforo a wɔanhwehwɛ mu. Sɛ softwea a wɔtwe ne nea wɔpene so no, nhyehyɛe bi a ɛwɔ mfinimfini a ahobammɔ ho nhyehyɛe a wɔde ahyɛ mu na ɛkyerɛ so a, ntua a ɛwɔ hɔ ma ɔsatu ahorow a wɔde kyerɛw nsɛm no so tew kɛse.

Sɛ wobɛbɔ w’adwuma ho ban afi ahunahuna te sɛ 7zip.com malware ɔsatu no ho a, ɛhwehwɛ sɛ wunya nnwinnade a ɛfata, ntetee a ɛfata, ne adwumayɛ fapem a ɛfata. Mewayz ma wo kuw no adwumayɛ nhyehyɛe a ɛyɛ biako, ahobammɔ wom — module ahorow 207 a wɔaka abom a ɛkata biribiara so fi kuw sohwɛ so kosi adwumayɛ nhyehyɛe a wɔde yɛ adwuma so — enti wosɛe bere kakraa bi de siesie mmerɛwyɛ ahorow na wode bere pii sisi. Nnipa bɛboro 138,000 na wɔwɔ Mewayz mu ahotoso sɛ ɛbɛma wɔn adwumayɛ ayɛ yiye na ahobammɔ wom.

Fi ase wo Mewayz akwantu no nnɛ wɔ app.mewayz.com — nhyehyɛe ahorow fi ase fi $19/ɔsram pɛ.