{"id":46185,"date":"2025-06-10T16:59:14","date_gmt":"2025-06-10T09:59:14","guid":{"rendered":"https:\/\/antoanthongtinhaiphong.gov.vn\/?p=46185"},"modified":"2025-06-10T16:59:14","modified_gmt":"2025-06-10T09:59:14","slug":"cac-goi-pypi-npm-va-ruby-doc-hai-bi-phat-hien-trong-cac-cuoc-tan-cong-chuoi-cung-ung-nguon-mo-dang-dien-ra","status":"publish","type":"post","link":"https:\/\/antoanthongtinhaiphong.gov.vn\/cac-goi-pypi-npm-va-ruby-doc-hai-bi-phat-hien-trong-cac-cuoc-tan-cong-chuoi-cung-ung-nguon-mo-dang-dien-ra\/","title":{"rendered":"C\u00e1c g\u00f3i PyPI, npm v\u00e0 Ruby \u0111\u1ed9c h\u1ea1i b\u1ecb ph\u00e1t hi\u1ec7n trong c\u00e1c cu\u1ed9c t\u1ea5n c\u00f4ng chu\u1ed7i cung \u1ee9ng ngu\u1ed3n m\u1edf \u0111ang di\u1ec5n ra"},"content":{"rendered":"<p class=\"mt-3 excerpt\">M\u1ed9t s\u1ed1 g\u00f3i \u0111\u1ed9c h\u1ea1i \u0111\u00e3 \u0111\u01b0\u1ee3c ph\u00e1t hi\u1ec7n tr\u00ean c\u00e1c kho l\u01b0u tr\u1eef g\u00f3i npm, Python v\u00e0 Ruby c\u00f3 ch\u1ee9c n\u0103ng r\u00fat ti\u1ec1n t\u1eeb v\u00ed ti\u1ec1n \u0111i\u1ec7n t\u1eed, x\u00f3a to\u00e0n b\u1ed9 codebases sau khi c\u00e0i \u0111\u1eb7t v\u00e0 \u0111\u00e1nh c\u1eafp m\u00e3 th\u00f4ng b\u00e1o API c\u1ee7a Telegram, \u0111i\u1ec1u n\u00e0y m\u1ed9t l\u1ea7n n\u1eefa ch\u1ee9ng minh s\u1ef1 \u0111a d\u1ea1ng c\u1ee7a c\u00e1c m\u1ed1i \u0111e d\u1ecda chu\u1ed7i cung \u1ee9ng ng\u1ee5y trang trong c\u00e1c h\u1ec7 sinh th\u00e1i m\u00e3 ngu\u1ed3n m\u1edf.<\/p>\n<div id=\"relatedPost\" class=\"mt-3 mb-3\">\n<div class=\"\">\n<ul class=\"ms-2\">\n<li class=\"d-flex\">\n<ul class=\"d-flex flex-column gap-2\">\n<li class=\"title bullet\" title=\"C\u1ed9ng h\u00f2a S\u00e9c c\u00e1o bu\u1ed9c tin t\u1eb7c Trung Qu\u1ed1c th\u1ef1c hi\u1ec7n t\u1ea5n c\u00f4ng m\u1ea1ng v\u00e0o c\u01a1 s\u1edf h\u1ea1 t\u1ea7ng quan tr\u1ecdng\">C\u1ed9ng h\u00f2a S\u00e9c c\u00e1o bu\u1ed9c tin t\u1eb7c Trung Qu\u1ed1c th\u1ef1c hi\u1ec7n t\u1ea5n c\u00f4ng m\u1ea1ng v\u00e0o c\u01a1 s\u1edf h\u1ea1 t\u1ea7ng quan tr\u1ecdng<\/li>\n<\/ul>\n<\/li>\n<li class=\"d-flex\">\n<ul class=\"d-flex flex-column gap-2\">\n<li class=\"title bullet\" title=\"C\u00e1c m\u1ed1i \u0111e d\u1ecda n\u00e2ng cao \u0111\u00e1ng ch\u00fa \u00fd n\u0103m 2025\">C\u00e1c m\u1ed1i \u0111e d\u1ecda n\u00e2ng cao \u0111\u00e1ng ch\u00fa \u00fd n\u0103m 2025<\/li>\n<\/ul>\n<\/li>\n<li class=\"d-flex\">\n<ul class=\"d-flex flex-column gap-2\">\n<li class=\"title bullet\" title=\"Gi\u1ea3i m\u00e3 k\u1ef9 thu\u1eadt ph\u00e2n ph\u1ed1i Captcha gi\u1ea3 m\u1ea1o c\u1ee7a m\u00e3 \u0111\u1ed9c Lumma Stealer\">Gi\u1ea3i m\u00e3 k\u1ef9 thu\u1eadt ph\u00e2n ph\u1ed1i Captcha gi\u1ea3 m\u1ea1o c\u1ee7a m\u00e3 \u0111\u1ed9c Lumma Stealer<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<\/div>\n<\/div>\n<article id=\"content\" class=\"content gradient\">Nh\u1eefng ph\u00e1t hi\u1ec7n n\u00e0y \u0111\u1ebfn t\u1eeb nhi\u1ec1u b\u00e1o c\u00e1o \u0111\u01b0\u1ee3c c\u00e1c h\u00e3ng b\u1ea3o m\u1eadt Checkmarx, ReversingLabs, Safety v\u00e0 Socket c\u00f4ng b\u1ed1 trong nh\u1eefng ng\u00e0y g\u1ea7n \u0111\u00e2y. H\u00e3ng b\u1ea3o m\u1eadt Socket (M\u1ef9) l\u01b0u \u00fd r\u1eb1ng hai g\u00f3i \u0111\u1ed9c h\u1ea1i c\u1ee7a Ruby \u0111\u00e3 \u0111\u01b0\u1ee3c m\u1ed9t t\u00e1c nh\u00e2n \u0111e d\u1ecda ph\u00e1t t\u00e1n d\u01b0\u1edbi c\u00e1c b\u00ed danh B\u00f9i Nam, buidanhnam v\u00e0 si_mobile, ch\u1ec9 v\u00e0i ng\u00e0y sau khi \u1ee9ng d\u1ee5ng nh\u1eafn tin\u00a0<a href=\"https:\/\/antoanthongtin.vn\/tin\/ngan-chan-cac-hoat-dong-cua-telegram-tai-viet-nam\">Telegram b\u1ecb ch\u1eb7n \u1edf Vi\u1ec7t Nam<\/a>\u00a0v\u00e0o cu\u1ed1i th\u00e1ng tr\u01b0\u1edbc, do vi ph\u1ea1m tr\u00ean kh\u00f4ng gian m\u1ea1ng v\u00e0 \u1ee9ng d\u1ee5ng n\u00e0y ng\u00e0y c\u00e0ng b\u1ecb l\u1ea1m d\u1ee5ng cho c\u00e1c ho\u1ea1t \u0111\u1ed9ng vi ph\u1ea1m ph\u00e1p lu\u1eadt<\/p>\n<p>\u201cT\u00e1c nh\u00e2n \u0111e d\u1ecda n\u00e0y \u0111\u00e3 b\u00ed m\u1eadt r\u00f2 r\u1ec9 t\u1ea5t c\u1ea3 d\u1eef li\u1ec7u \u0111\u01b0\u1ee3c g\u1eedi \u0111\u1ebfn API\u00a0<a href=\"https:\/\/antoanthongtin.vn\/tin\/nga-phat-ung-dung-tin-nhan-telegram-vi-pham-quy-dinh-truy-cap-thong-tin\">Telegram<\/a>, b\u1eb1ng c\u00e1ch chuy\u1ec3n h\u01b0\u1edbng l\u01b0u l\u01b0\u1ee3ng truy c\u1eadp qua m\u00e1y ch\u1ee7 \u0111i\u1ec1u khi\u1ec3n v\u00e0 ra l\u1ec7nh (C2) do ch\u00fang ki\u1ec3m so\u00e1t. D\u1eef li\u1ec7u n\u00e0y bao g\u1ed3m m\u00e3 th\u00f4ng b\u00e1o bot, ID tr\u00f2 chuy\u1ec7n, n\u1ed9i dung tin nh\u1eafn v\u00e0 t\u1ec7p \u0111\u00ednh k\u00e8m\u201d, nh\u00e0 nghi\u00ean c\u1ee9u Kirill Boychenko c\u1ee7a Socket cho bi\u1ebft.<\/p>\n<p>Socket nh\u1ea5n m\u1ea1nh c\u00e1c g\u00f3i \u0111\u1ed9c h\u1ea1i n\u00e0y l\u00e0 \u201cb\u1ea3n sao g\u1ea7n nh\u01b0 gi\u1ed1ng h\u1ec7t nhau\u201d c\u1ee7a plugin Fastlane h\u1ee3p ph\u00e1p \u201cfastlane-plugin-telegram\u201d, m\u1ed9t th\u01b0 vi\u1ec7n \u0111\u01b0\u1ee3c s\u1eed d\u1ee5ng r\u1ed9ng r\u00e3i \u0111\u1ec3 g\u1eedi th\u00f4ng b\u00e1o tri\u1ec3n khai \u0111\u1ebfn c\u00e1c k\u00eanh Telegram t\u1eeb CI\/CD pipeline.<\/p>\n<p><img decoding=\"async\" src=\"https:\/\/dulieu.antoanthongtin.gov.vn\/tapchiantoanthongtin\/8f055952-59af-4dfd-9f63-5cdf46b4cc47\/pack.png\" \/><\/p>\n<p><em>C\u00e1c g\u00f3i PyPI, npm v\u00e0 Ruby \u0111\u1ed9c h\u1ea1i<\/em><\/p>\n<p>Do c\u00e1c g\u00f3i \u0111\u1ed9c h\u1ea1i kh\u00f4ng gi\u1edbi h\u1ea1n theo khu v\u1ef1c v\u00e0 kh\u00f4ng c\u00f3 logic ph\u00e2n \u0111\u1ecbnh \u0111\u1ecba l\u00fd, n\u00ean c\u00e1c nh\u00e0 nghi\u00ean c\u1ee9u nh\u1eadn \u0111\u1ecbnh r\u1eb1ng nh\u1eefng k\u1ebb t\u1ea5n c\u00f4ng ch\u1ec9 l\u1ee3i d\u1ee5ng l\u1ec7nh c\u1ea5m Telegram t\u1ea1i Vi\u1ec7t Nam \u0111\u1ec3 ph\u00e2n ph\u1ed1i c\u00e1c th\u01b0 vi\u1ec7n gi\u1ea3 m\u1ea1o d\u01b0\u1edbi d\u1ea1ng proxy.<\/p>\n<p>\u201cChi\u1ebfn d\u1ecbch n\u00e0y minh h\u1ecda cho vi\u1ec7c c\u00e1c t\u00e1c nh\u00e2n \u0111e d\u1ecda c\u00f3 th\u1ec3 khai th\u00e1c c\u00e1c s\u1ef1 ki\u1ec7n \u0111\u1ecba ch\u00ednh tr\u1ecb nhanh nh\u01b0 th\u1ebf n\u00e0o \u0111\u1ec3 ph\u00e1t \u0111\u1ed9ng c\u00e1c cu\u1ed9c t\u1ea5n c\u00f4ng chu\u1ed7i cung \u1ee9ng c\u00f3 m\u1ee5c ti\u00eau. B\u1eb1ng c\u00e1ch l\u1ea1m d\u1ee5ng m\u1ed9t c\u00f4ng c\u1ee5 ph\u00e1t tri\u1ec3n \u0111\u01b0\u1ee3c s\u1eed d\u1ee5ng r\u1ed9ng r\u00e3i nh\u01b0 Fastlane, \u0111\u1ed3ng th\u1eddi ng\u1ee5y trang ch\u1ee9c n\u0103ng \u0111\u00e1nh c\u1eafp th\u00f4ng tin x\u00e1c th\u1ef1c \u0111\u1eb1ng sau m\u1ed9t d\u1ecbch v\u1ee5 proxy, tin t\u1eb7c \u0111\u00e3 t\u1eadn d\u1ee5ng s\u1ef1 tin t\u01b0\u1edfng c\u1ee7a c\u00e1c nh\u00e0 ph\u00e1t tri\u1ec3n trong h\u1ec7 sinh th\u00e1i m\u00e3 ngu\u1ed3n m\u1edf \u0111\u1ec3 x\u00e2m nh\u1eadp v\u00e0o m\u00f4i tr\u01b0\u1eddng CI\/CD\u201d, Boychenko chia s\u1ebb.<\/p>\n<p>B\u00ean c\u1ea1nh \u0111\u00f3, Socket cho bi\u1ebft h\u1ecd c\u0169ng ph\u00e1t hi\u1ec7n ra m\u1ed9t g\u00f3i npm c\u00f3 t\u00ean \u201cxlsx-to-json-lh\u201d v\u00e0 k\u00edch ho\u1ea1t m\u1ed9t payload \u0111\u1ed9c h\u1ea1i. G\u00f3i n\u00e0y ch\u1ee9a m\u1ed9t payload \u1ea9n thi\u1ebft l\u1eadp k\u1ebft n\u1ed1i li\u00ean t\u1ee5c \u0111\u1ebfn m\u00e1y ch\u1ee7 C2. Nh\u00e0 nghi\u00ean c\u1ee9u b\u1ea3o m\u1eadt Kush Pandya cho bi\u1ebft: \u201cKhi \u0111\u01b0\u1ee3c k\u00edch ho\u1ea1t, n\u00f3 c\u00f3 th\u1ec3 x\u00f3a to\u00e0n b\u1ed9 th\u01b0 m\u1ee5c project m\u00e0 kh\u00f4ng c\u00f3 c\u1ea3nh b\u00e1o ho\u1eb7c t\u00f9y ch\u1ecdn kh\u00f4i ph\u1ee5c\u201d.<\/p>\n<p>C\u1ee5 th\u1ec3, c\u00e1c h\u00e0nh \u0111\u1ed9ng ph\u00e1 h\u1ee7y \u0111\u01b0\u1ee3c k\u00edch ho\u1ea1t khi l\u1ec7nh ti\u1ebfng Ph\u00e1p \u201cremise \u00e0 z\u00e9ro\u201d (c\u00f3 ngh\u0129a l\u00e0 \u201c\u0111\u1eb7t l\u1ea1i\u201d) \u0111\u01b0\u1ee3c \u0111\u01b0a ra b\u1edfi m\u00e1y ch\u1ee7 C2, \u0111i\u1ec1u n\u00e0y s\u1ebd y\u00eau c\u1ea7u g\u00f3i \u0111\u1ed9c h\u1ea1i x\u00f3a c\u00e1c t\u1ec7p m\u00e3 ngu\u1ed3n, d\u1eef li\u1ec7u ki\u1ec3m so\u00e1t phi\u00ean b\u1ea3n, t\u1ec7p c\u1ea5u h\u00ecnh, node_modules v\u00e0 t\u1ea5t c\u1ea3 c\u00e1c t\u00e0i s\u1ea3n c\u1ee7a project.<\/p>\n<p>M\u1ed9t t\u1eadp h\u1ee3p c\u00e1c g\u00f3i\u00a0<a href=\"https:\/\/antoanthongtin.vn\/tin\/cuoc-tan-cong-chuoi-cung-ung-moi-xam-pham-den-goi-npm-pho-bien-voi-45000-luot-tai-xuong-hang-tuan\">npm \u0111\u1ed9c h\u1ea1i<\/a>\u00a0kh\u00e1c, bao g\u1ed3m pancake_uniswap_validators_utils_snipe, pancakeswap-oracle-prediction, ethereum-smart-contract v\u00e0 env-process c\u0169ng \u0111\u00e3 \u0111\u01b0\u1ee3c ph\u00e1t hi\u1ec7n c\u00f3 th\u1ec3 \u0111\u00e1nh c\u1eafp t\u1eeb 80 \u0111\u1ebfn 85% s\u1ed1 ti\u1ec1n c\u00f3 trong v\u00ed\u00a0<a href=\"https:\/\/antoanthongtin.vn\/tin\/phat-hien-lo-hong-bao-mat-hop-dong-thong-minh-tren-nen-tang-ethereum-dua-tren-ky-thuat-thuc-thi-tuon\">Ethereum<\/a>\u00a0ho\u1eb7c BSC c\u1ee7a n\u1ea1n nh\u00e2n, b\u1eb1ng c\u00e1ch s\u1eed d\u1ee5ng m\u00e3 JavaScript \u0111\u01b0\u1ee3c che gi\u1ea5u v\u00e0 chuy\u1ec3n ch\u00fang v\u00e0o v\u00ed do k\u1ebb t\u1ea5n c\u00f4ng ki\u1ec3m so\u00e1t. C\u00e1c g\u00f3i n\u00e0y \u0111\u01b0\u1ee3c t\u1ea3i l\u00ean b\u1edfi ng\u01b0\u1eddi d\u00f9ng c\u00f3 t\u00ean @crypto-exploit, \u0111\u00e3 thu h\u00fat h\u01a1n 2.100 l\u01b0\u1ee3t ng\u01b0\u1eddi d\u00f9ng t\u1ea3i xu\u1ed1ng. Hi\u1ec7n t\u1ea1i, ch\u00fang \u0111\u00e3 kh\u00f4ng c\u00f2n kh\u1ea3 d\u1ee5ng.<\/p>\n<p>C\u00e1c g\u00f3i \u0111\u1ed9c h\u1ea1i t\u01b0\u01a1ng t\u1ef1 theo ch\u1ee7 \u0111\u1ec1 ti\u1ec1n \u0111i\u1ec7n t\u1eed \u0111\u01b0\u1ee3c ph\u00e1t hi\u1ec7n tr\u00ean\u00a0<a href=\"https:\/\/antoanthongtin.vn\/tin\/canh-bao-cac-goi-pypi-doc-hai-loi-dung-gmail-de-danh-cap-du-lieu-va-chiem-doat-he-thong\">PyPI<\/a>\u00a0\u0111\u00e3 k\u1ebft h\u1ee3p ch\u1ee9c n\u0103ng b\u00ed m\u1eadt \u0111\u1ec3 \u0111\u00e1nh c\u1eafp kh\u00f3a ri\u00eang t\u01b0 Solana, m\u00e3 ngu\u1ed3n v\u00e0 d\u1eef li\u1ec7u nh\u1ea1y c\u1ea3m kh\u00e1c t\u1eeb c\u00e1c h\u1ec7 th\u1ed1ng b\u1ecb x\u00e2m ph\u1ea1m. C\u1ea7n l\u01b0u \u00fd r\u1eb1ng trong khi g\u00f3i \u201csemantic-types\u201d l\u00e0 v\u00f4 h\u1ea1i khi l\u1ea7n \u0111\u1ea7u ti\u00ean \u0111\u01b0\u1ee3c t\u1ea3i l\u00ean v\u00e0o ng\u00e0y 22\/12\/2024, th\u00ec payload \u0111\u1ed9c h\u1ea1i \u0111\u00e3 \u0111\u01b0\u1ee3c ph\u00e1t hi\u1ec7n d\u01b0\u1edbi d\u1ea1ng b\u1ea3n c\u1eadp nh\u1eadt v\u00e0o ng\u00e0y 26\/01\/2025.<\/p>\n<p>K\u1ebb t\u1ea5n c\u00f4ng \u0111\u1ee9ng sau c\u00e1c g\u00f3i Python, v\u1edbi b\u00ed danh \u201ccappership\u201d \u0111\u1ec3 xu\u1ea5t b\u1ea3n ch\u00fang l\u00ean kho l\u01b0u tr\u1eef, \u0111\u01b0\u1ee3c cho l\u00e0 \u0111\u00e3 s\u1eed d\u1ee5ng c\u00e1c t\u1ec7p README \u0111\u00e3 \u0111\u01b0\u1ee3c ch\u1ec9nh s\u1eeda v\u00e0 li\u00ean k\u1ebft ch\u00fang v\u1edbi kho l\u01b0u tr\u1eef\u00a0<a href=\"https:\/\/antoanthongtin.vn\/tin\/poc-lua-dao-cua-lo-hong-ldapnightmware-tren-github-phat-tan-phan-mem-doc-hai-danh-cap-thong-tin\">GitHub<\/a>\u00a0nh\u1eb1m t\u1ea1o \u0111\u1ed9 tin c\u1eady v\u00e0 l\u1eeba ng\u01b0\u1eddi d\u00f9ng t\u1ea3i xu\u1ed1ng.<\/p>\n<p>\u201cM\u1ed7i l\u1ea7n t\u1ea1o c\u1eb7p kh\u00f3a, ph\u1ea7n m\u1ec1m \u0111\u1ed9c h\u1ea1i s\u1ebd \u0111\u00e1nh c\u1eafp \u0111\u01b0\u1ee3c kh\u00f3a b\u00ed m\u1eadt. Sau \u0111\u00f3, n\u00f3 ti\u1ebfp t\u1ee5c m\u00e3 h\u00f3a b\u1eb1ng kh\u00f3a c\u00f4ng khai RSA\u20112048 v\u00e0 m\u00e3 h\u00f3a k\u1ebft qu\u1ea3 trong Base64. Kh\u00f3a \u0111\u01b0\u1ee3c m\u00e3 h\u00f3a \u0111\u01b0\u1ee3c nh\u00fang trong giao d\u1ecbch spl[.]memo v\u00e0 \u0111\u01b0\u1ee3c g\u1eedi \u0111\u1ebfn Solana Devnet, n\u01a1i t\u00e1c nh\u00e2n \u0111e d\u1ecda c\u00f3 th\u1ec3 l\u1ea5y v\u00e0 gi\u1ea3i m\u00e3 kh\u00f3a \u0111\u1ec3 c\u00f3 to\u00e0n quy\u1ec1n truy c\u1eadp v\u00e0o v\u00ed b\u1ecb \u0111\u00e1nh c\u1eafp\u201d, Boychenko cho bi\u1ebft.<\/p>\n<p>M\u1eb7t kh\u00e1c, theo h\u00e3ng b\u1ea3o m\u1eadt Safety (Canada), 11 g\u00f3i Python \u0111\u1ed9c h\u1ea1i nh\u1eafm v\u00e0o h\u1ec7 sinh th\u00e1i Solana \u0111\u00e3 \u0111\u01b0\u1ee3c t\u1ea3i l\u00ean PyPI t\u1eeb ng\u00e0y 4 \u0111\u1ebfn ng\u00e0y 24\/5\/2025. C\u00e1c g\u00f3i n\u00e0y \u0111\u01b0\u1ee3c thi\u1ebft k\u1ebf \u0111\u1ec3 \u0111\u00e1nh c\u1eafp c\u00e1c t\u1ec7p t\u1eadp l\u1ec7nh Python t\u1eeb h\u1ec7 th\u1ed1ng c\u1ee7a nh\u00e0 ph\u00e1t tri\u1ec3n v\u00e0 truy\u1ec1n ch\u00fang \u0111\u1ebfn m\u1ed9t m\u00e1y ch\u1ee7 b\u00ean ngo\u00e0i. M\u1ed9t trong nh\u1eefng g\u00f3i \u0111\u01b0\u1ee3c x\u00e1c \u0111\u1ecbnh, \u0111\u00f3 l\u00e0 \u201csolana-live\u201d, c\u0169ng \u0111\u01b0\u1ee3c ph\u00e1t hi\u1ec7n nh\u1eafm v\u00e0o Jupyter Notebooks \u0111\u1ec3 \u0111\u00e1nh c\u1eafp th\u00f4ng tin.<\/p>\n<p>Trong m\u1ed9t d\u1ea5u hi\u1ec7u cho th\u1ea5y k\u1ef9 thu\u1eadt typosquatting v\u1eabn ti\u1ebfp t\u1ee5c l\u00e0 m\u1ed9t ph\u01b0\u01a1ng th\u1ee9c t\u1ea5n c\u00f4ng \u0111\u00e1ng k\u1ec3, c\u00f4ng ty an ninh m\u1ea1ng Checkmarx (M\u1ef9) \u0111\u00e3 \u0111\u00e1nh d\u1ea5u 6 g\u00f3i PyPI \u0111\u1ed9c h\u1ea1i m\u1ea1o danh colorama, b\u00ean c\u1ea1nh colorizr &#8211; m\u1ed9t th\u01b0 vi\u1ec7n JavaScript c\u00f3 s\u1eb5n tr\u00ean npm.<\/p>\n<p>&#8220;Chi\u1ebfn thu\u1eadt s\u1eed d\u1ee5ng t\u00ean t\u1eeb m\u1ed9t h\u1ec7 sinh th\u00e1i (npm) \u0111\u1ec3 t\u1ea5n c\u00f4ng ng\u01b0\u1eddi d\u00f9ng c\u1ee7a m\u1ed9t h\u1ec7 sinh th\u00e1i kh\u00e1c (PyPI) l\u00e0 b\u1ea5t th\u01b0\u1eddng. C\u00e1c payload cho ph\u00e9p truy c\u1eadp li\u00ean t\u1ee5c v\u00e0 \u0111i\u1ec1u khi\u1ec3n t\u1eeb xa m\u00e1y t\u00ednh \u0111\u1ec3 b\u00e0n v\u00e0 m\u00e1y ch\u1ee7, c\u0169ng nh\u01b0 thu th\u1eadp v\u00e0 \u0111\u00e1nh c\u1eafp d\u1eef li\u1ec7u nh\u1ea1y c\u1ea3m\u201d, Checkmarx cho bi\u1ebft. \u0110i\u1ec1u \u0111\u00e1ng ch\u00fa \u00fd v\u1ec1 chi\u1ebfn d\u1ecbch n\u00e0y l\u00e0 n\u00f3 nh\u1eafm v\u00e0o ng\u01b0\u1eddi d\u00f9ng c\u1ee7a c\u1ea3 h\u1ec7 th\u1ed1ng Windows v\u00e0 Linux, cho ph\u00e9p ph\u1ea7n m\u1ec1m \u0111\u1ed9c h\u1ea1i thi\u1ebft l\u1eadp k\u1ebft n\u1ed1i v\u1edbi m\u00e1y ch\u1ee7 C2, \u0111\u00e1nh c\u1eafp c\u00e1c bi\u1ebfn m\u00f4i tr\u01b0\u1eddng nh\u1ea1y c\u1ea3m v\u00e0 th\u00f4ng tin c\u1ea5u h\u00ecnh, c\u0169ng nh\u01b0 th\u1ef1c hi\u1ec7n c\u00e1c b\u01b0\u1edbc \u0111\u1ec3 tr\u1ed1n tr\u00e1nh c\u00e1c bi\u1ec7n ph\u00e1p ki\u1ec3m so\u00e1t b\u1ea3o m\u1eadt \u0111i\u1ec3m cu\u1ed1i.<\/p>\n<p>Tuy nhi\u00ean, hi\u1ec7n t\u1ea1i v\u1eabn ch\u01b0a bi\u1ebft li\u1ec7u c\u00e1c ph\u1ea7n m\u1ec1m Linux v\u00e0 Windows c\u00f3 ph\u1ea3i l\u00e0 s\u1ea3n ph\u1ea9m c\u1ee7a c\u00f9ng m\u1ed9t k\u1ebb t\u1ea5n c\u00f4ng hay kh\u00f4ng, l\u00e0m d\u1ea5y l\u00ean kh\u1ea3 n\u0103ng ch\u00fang c\u00f3 th\u1ec3 l\u00e0 c\u00e1c chi\u1ebfn d\u1ecbch ri\u00eang bi\u1ec7t s\u1eed d\u1ee5ng c\u00f9ng m\u1ed9t chi\u1ebfn thu\u1eadt \u0111\u00e1nh c\u1eafp t\u00ean mi\u1ec1n.<\/p>\n<p>Nh\u1eefng k\u1ebb t\u1ea5n c\u00f4ng \u0111\u1ed9c h\u1ea1i c\u0169ng kh\u00f4ng l\u00e3ng ph\u00ed th\u1eddi gian \u0111\u1ec3 l\u1ee3i d\u1ee5ng s\u1ef1 ph\u1ed5 bi\u1ebfn ng\u00e0y c\u00e0ng t\u0103ng c\u1ee7a c\u00e1c c\u00f4ng c\u1ee5 tr\u00ed tu\u1ec7 nh\u00e2n t\u1ea1o (AI) \u0111\u1ec3 l\u00e2y nhi\u1ec5m chu\u1ed7i cung \u1ee9ng ph\u1ea7n m\u1ec1m, th\u00f4ng qua c\u00e1c g\u00f3i PyPI nh\u01b0 aliyun-ai-labs-snippets-sdk, ai-labs-snippets-sdk v\u00e0 aliyun-ai-labs-sdk, nh\u1eefng g\u00f3i n\u00e0y \u0111\u01b0\u1ee3c cho l\u00e0 xu\u1ea5t ph\u00e1t t\u1eeb b\u1ed9 c\u00f4ng c\u1ee5 ph\u00e1t tri\u1ec3n ph\u1ea7n m\u1ec1m Python (SDK) \u0111\u1ec3 t\u01b0\u01a1ng t\u00e1c v\u1edbi c\u00e1c d\u1ecbch v\u1ee5 c\u1ee7a Aliyun AI Labs.<\/p>\n<p>C\u00e1c g\u00f3i \u0111\u1ed9c h\u1ea1i \u0111\u00e3 \u0111\u01b0\u1ee3c c\u00f4ng b\u1ed1 tr\u00ean PyPI v\u00e0o ng\u00e0y 19\/5\/2024 v\u00e0 c\u00f3 th\u1ec3 t\u1ea3i xu\u1ed1ng trong v\u00f2ng ch\u01b0a \u0111\u1ea7y 24 gi\u1edd. Tuy nhi\u00ean, c\u1ea3 ba g\u00f3i \u0111\u00e3 \u0111\u01b0\u1ee3c t\u1ea3i xu\u1ed1ng t\u1ed5ng c\u1ed9ng h\u01a1n 1.700 l\u1ea7n tr\u01b0\u1edbc khi ch\u00fang b\u1ecb x\u00f3a.<\/p>\n<p>\u201cSau khi c\u00e0i \u0111\u1eb7t, g\u00f3i \u0111\u1ed9c h\u1ea1i s\u1ebd cung c\u1ea5p m\u1ed9t payload th\u00f4ng tin \u1ea9n b\u00ean trong m\u00f4 h\u00ecnh PyTorch \u0111\u01b0\u1ee3c t\u1ea3i t\u1eeb t\u1eadp l\u1ec7nh kh\u1edfi t\u1ea1o. Payload \u0111\u1ed9c h\u1ea1i n\u00e0y s\u1ebd \u0111\u00e1nh c\u1eafp th\u00f4ng tin c\u01a1 b\u1ea3n v\u1ec1 m\u00e1y b\u1ecb nhi\u1ec5m v\u00e0 n\u1ed9i dung c\u1ee7a t\u1ec7p .gitconfig\u201d, nh\u00e0 nghi\u00ean c\u1ee9u Karlo Zanki c\u1ee7a h\u00e3ng b\u1ea3o m\u1eadt ReversingLabs (Croatia) cho bi\u1ebft.<\/p>\n<p>M\u00e3 \u0111\u1ed9c \u0111\u01b0\u1ee3c nh\u00fang c\u00f3 ch\u1ee9c n\u0103ng thu th\u1eadp th\u00f4ng tin chi ti\u1ebft v\u1ec1 ng\u01b0\u1eddi d\u00f9ng \u0111\u00e3 \u0111\u0103ng nh\u1eadp, \u0111\u1ecba ch\u1ec9 m\u1ea1ng c\u1ee7a m\u00e1y b\u1ecb nhi\u1ec5m, t\u00ean t\u1ed5 ch\u1ee9c s\u1edf h\u1eefu m\u00e1y v\u00e0 n\u1ed9i dung c\u1ee7a t\u1ec7p .gitconfig.<\/p>\n<p>\u0110i\u1ec1u th\u00fa v\u1ecb l\u00e0 t\u00ean t\u1ed5 ch\u1ee9c \u0111\u01b0\u1ee3c l\u1ea5y b\u1eb1ng c\u00e1ch \u0111\u1ecdc kh\u00f3a t\u00f9y ch\u1ecdn \u201c_utmc_lui_\u201d t\u1eeb c\u1ea5u h\u00ecnh c\u1ee7a \u1ee9ng d\u1ee5ng h\u1ecdp tr\u1ef1c tuy\u1ebfn AliMeeting, m\u1ed9t \u1ee9ng d\u1ee5ng h\u1ed9i ngh\u1ecb truy\u1ec1n h\u00ecnh ph\u1ed5 bi\u1ebfn \u1edf\u00a0<a href=\"https:\/\/antoanthongtin.vn\/tin\/cong-hoa-sec-cao-buoc-tin-tac-trung-quoc-thuc-hien-tan-cong-mang-vao-co-so-ha-tang-quan-trong\">Trung Qu\u1ed1c<\/a>. \u0110i\u1ec1u n\u00e0y cho th\u1ea5y m\u1ee5c ti\u00eau c\u00f3 kh\u1ea3 n\u0103ng c\u1ee7a chi\u1ebfn d\u1ecbch l\u00e0 c\u00e1c nh\u00e0 ph\u00e1t tri\u1ec3n \u1edf Trung Qu\u1ed1c.<\/p>\n<p>Ngu\u1ed3n: <a href=\"https:\/\/antoanthongtin.vn\/tin\/cac-goi-pypi-npm-va-ruby-doc-hai-bi-phat-hien-trong-cac-cuoc-tan-cong-chuoi-cung-ung-nguon-mo-dang-dien-ra\">C\u00e1c g\u00f3i PyPI, npm v\u00e0 Ruby \u0111\u1ed9c h\u1ea1i b\u1ecb ph\u00e1t hi\u1ec7n trong c\u00e1c cu\u1ed9c t\u1ea5n c\u00f4ng chu\u1ed7i cung \u1ee9ng ngu\u1ed3n m\u1edf \u0111ang di\u1ec5n ra | An to\u00e0n th\u00f4ng tin<\/a><\/p>\n<\/article>\n","protected":false},"excerpt":{"rendered":"<p>M\u1ed9t s\u1ed1 g\u00f3i \u0111\u1ed9c h\u1ea1i \u0111\u00e3 \u0111\u01b0\u1ee3c ph\u00e1t hi\u1ec7n tr\u00ean c\u00e1c kho l\u01b0u tr\u1eef g\u00f3i npm, Python v\u00e0 Ruby c\u00f3 ch\u1ee9c n\u0103ng r\u00fat ti\u1ec1n t\u1eeb v\u00ed ti\u1ec1n \u0111i\u1ec7n t\u1eed, x\u00f3a to\u00e0n b\u1ed9 codebases sau khi c\u00e0i \u0111\u1eb7t v\u00e0 \u0111\u00e1nh c\u1eafp m\u00e3 th\u00f4ng b\u00e1o API c\u1ee7a Telegram, \u0111i\u1ec1u n\u00e0y m\u1ed9t l\u1ea7n n\u1eefa ch\u1ee9ng minh s\u1ef1 \u0111a [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":46186,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"tdm_status":"","tdm_grid_status":"","footnotes":""},"categories":[35],"tags":[],"class_list":["post-46185","post","type-post","status-publish","format-standard","has-post-thumbnail","category-tin-tuc-su-kien"],"amp_enabled":true,"_links":{"self":[{"href":"https:\/\/antoanthongtinhaiphong.gov.vn\/wp-json\/wp\/v2\/posts\/46185","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/antoanthongtinhaiphong.gov.vn\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/antoanthongtinhaiphong.gov.vn\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/antoanthongtinhaiphong.gov.vn\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/antoanthongtinhaiphong.gov.vn\/wp-json\/wp\/v2\/comments?post=46185"}],"version-history":[{"count":1,"href":"https:\/\/antoanthongtinhaiphong.gov.vn\/wp-json\/wp\/v2\/posts\/46185\/revisions"}],"predecessor-version":[{"id":46187,"href":"https:\/\/antoanthongtinhaiphong.gov.vn\/wp-json\/wp\/v2\/posts\/46185\/revisions\/46187"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/antoanthongtinhaiphong.gov.vn\/wp-json\/wp\/v2\/media\/46186"}],"wp:attachment":[{"href":"https:\/\/antoanthongtinhaiphong.gov.vn\/wp-json\/wp\/v2\/media?parent=46185"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/antoanthongtinhaiphong.gov.vn\/wp-json\/wp\/v2\/categories?post=46185"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/antoanthongtinhaiphong.gov.vn\/wp-json\/wp\/v2\/tags?post=46185"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}