Ammyy’yi müşterilerinize indirtmeyin
ve indirmeyin. Bildiğiniz gibi Ammyy Rus programı. Uçak krizinden bu yana Türk
IP’lerine Cryptologger gömülü dosya veriyorlar.
Virüs programları ile indirilen dosya
tarandığında aşağıdaki sonuç çıkıyor;
Kasım ayından itibaren virüs
barındırdığı söyleniyor.
bir ara yukardakini yayınlamışlardı.
Ammyy’nin idaasına göre kasımda siteleri hacklenmiş ve sitelerinde crypto
locker versiyonlu program eklemeleri yapılmış. Niye temizlemedikleri de ayrı
konu crypto locker da rus kaynaklı olunca insan şüphelenmeden edemiyor.
Konu ile ilgili linkler:
The official website of the remote
desktop software Ammyy Admin has recently been hacked and has offered several
days a contaminated version allowing users by a group of cyber criminals were
spied upon. Ammyy Admin makes it possible to record on remote computers.The
official website of the remote desktop software Ammyy Admin has recently been
hacked and has offered several days a contaminated version allowing users by a
group of cyber criminals were spied upon. Ammyy Admin makes it possible to
record on remote computers.
According to the developers make more
than 50 million people, both business and private use of the software. It is
used by companies in the Fortune 500, as well as banks. Also telephone scammers
use the software. Some detect anti-virus programs Ammyy Admin whatsoever as
unwanted software. According to the Slovak anti-virus company ESET is the
remote desktop software especially popular in Russia.
On October 26 ESET discovered that on
the website malware was offered. The free version of Ammyy Admin was replaced
with an infected version. Until November 2 the infected version was offered.
The installer installed the real Ammyy Admin software, as well as a file called
AmmyyService.exe or AmmyySvc.exe that contained the malware. Then analyzed the
malware existing software and websites visited.
Hiç yorum yok:
Yorum Gönder