{"id":12893,"date":"2022-04-19T02:18:04","date_gmt":"2022-04-18T23:18:04","guid":{"rendered":"https:\/\/kutaybilen.com.tr\/?p=12893"},"modified":"2022-04-19T02:18:04","modified_gmt":"2022-04-18T23:18:04","slug":"fidye-yazilimi-iceren-bu-windows-guncellemesini-indirmeyin","status":"publish","type":"post","link":"https:\/\/kutaybilen.com.tr\/?p=12893","title":{"rendered":"Fidye Yaz\u0131l\u0131m\u0131 \u0130\u00e7eren Bu Windows G\u00fcncellemesini \u0130ndirmeyin"},"content":{"rendered":"<p>Fidye yaz\u0131l\u0131mlar\u0131, bireylerin ve \u015firketlerin k\u0131ymetli datalar\u0131n\u0131 ele ge\u00e7irerek tehdit olu\u015fturuyor. Siber sald\u0131rganlar art\u0131k de daha b\u00fcy\u00fck bir kitleyi a\u011f\u0131na d\u00fc\u015f\u00fcrmek i\u00e7in Windows 10 kullan\u0131c\u0131lar\u0131n\u0131 ama\u00e7 ald\u0131. Trustwave&#39;in SpiderLab tak\u0131m\u0131ndan g\u00fcvenlik ara\u015ft\u0131rmac\u0131lar\u0131, <strong>Cyborg fidye yaz\u0131l\u0131m\u0131yla<\/strong> Microsoft&#39;un\u00a0g\u00fcncelleme e-postalar\u0131n\u0131 taklit eden yeni bir makus maksatl\u0131 bir reklam ke\u015ffetti.\u00a0<\/p>\n<p>Hedeflenen Windows 10 kullan\u0131c\u0131lar\u0131,\u00a0ba\u015fl\u0131\u011f\u0131nda\u00a0&#39;En Son Microsoft Windows G\u00fcncellemesini Art\u0131k Y\u00fckle!&#39; yahut &#39;Kritik Microsoft Windows G\u00fcncellemesi!&#39; \u00fczere tuzak tabirler yazan e-postalarla avlan\u0131yor. Microsoft i\u015fletim sistemi \u00fczerinden sundu\u011fu g\u00fcncellemeleri asla e-posta yoluyla duyurmad\u0131\u011f\u0131ndan bu, asl\u0131nda kullan\u0131c\u0131lar i\u00e7in ziyadesiyle ku\u015fkulu bir durum.<\/p>\n<p><img decoding=\"async\" src=\"https:\/\/www.webtekno.com\/images\/editor\/default\/0002\/30\/997ad69b019b75dd5c67a2e29b5a39205fc8d399.jpeg\"\/><\/p>\n<p>E-postada,\u00a0<em>&#8220;L\u00fctfen bu e-postaya ekli\u00a0Microsoft&#39;un son kritik yenile\u015ftirmesini y\u00fckleyin&#8221;<\/em> iletisi yer al\u0131yor. Uydurma g\u00fcncelleme eki <strong>&#8220;.jpg&#8221;<\/strong> belge uzant\u0131s\u0131na sahip olsa da, asl\u0131nda bir g\u00f6rsel de\u011fil ve fidye yaz\u0131l\u0131m\u0131n\u0131 bilgisayar\u0131n\u0131za bula\u015ft\u0131racak\u00a0y\u00fcr\u00fct\u00fclebilir bir evrak. E-postaya eklenen bu evrak, bula\u015ft\u0131\u011f\u0131 sisteme berbat gayeli yaz\u0131l\u0131mlar\u0131 indirmek\u00a0i\u00e7in tasarlanan makus gayeli bir .NET indirmesi olarak fonksiyon g\u00f6r\u00fcyor.<\/p>\n<p>E-postaya eklenen belgeye t\u0131kland\u0131\u011f\u0131nda, i\u00e7inde z\u0131mn\u00ee olan y\u00fcr\u00fct\u00fclebilir evrak, misterbtc2020 isimli GitHub hesab\u0131ndan <strong>&#39;bitcoingenerator.exe&#39;<\/strong> isimli bir belge indiriyor. Bu evrak Cyborg Ransomware olarak bilinen ve .NET olarak derlenmi\u015f ziyanl\u0131 bir fidye yaz\u0131l\u0131m\u0131.<\/p>\n<p><img decoding=\"async\" src=\"https:\/\/www.webtekno.com\/images\/editor\/default\/0002\/30\/f4efb54790b6631d2f78e1dd15c5f14f804893cc.jpeg\"\/><\/p>\n<p>Yaz\u0131l\u0131m etkinle\u015ftirildi\u011finde\u00a0bula\u015ft\u0131\u011f\u0131\u00a0sistemdeki t\u00fcm belgeleri \u015fifreleyerek, belge isimlerini kendi belge uzant\u0131lar\u0131 777 ile de\u011fi\u015ftiriyor.\u00a0Ard\u0131ndan masa\u00fcst\u00fcnde beliren\u00a0<strong>&#39;Cyborg_DECRYPT.txt&#39;<\/strong> isimli belge, fidye notu i\u00e7eriyor.<\/p>\n<p>Ziyanl\u0131 yaz\u0131l\u0131m son olarak vir\u00fcsl\u00fc \u015fof\u00f6r\u00fcn k\u00f6k dizinine <strong>&#39;bot.exe&#39;<\/strong>\u00a0dosyas\u0131yla z\u0131mn\u00ee bir kopyas\u0131n\u0131 b\u0131rak\u0131yor. Trustwave, Cyborg fidye yaz\u0131l\u0131m\u0131n\u0131n ki\u015filer\u00a0ve i\u015fletmeler i\u00e7in \u00f6nemli bir tehdit olu\u015fturdu\u011fu belirterek kullan\u0131c\u0131lar\u0131 uyar\u0131yor.<\/p>\n<div> <\/div>\n","protected":false},"excerpt":{"rendered":"<p>Fidye yaz\u0131l\u0131mlar\u0131, bireylerin ve \u015firketlerin k\u0131ymetli datalar\u0131n\u0131 ele ge\u00e7irerek tehdit olu\u015fturuyor. Siber sald\u0131rganlar art\u0131k de daha b\u00fcy\u00fck bir &#8230;<\/p>\n","protected":false},"author":1,"featured_media":12894,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[854],"tags":[1265,1351,2442,1237],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/kutaybilen.com.tr\/index.php?rest_route=\/wp\/v2\/posts\/12893"}],"collection":[{"href":"https:\/\/kutaybilen.com.tr\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/kutaybilen.com.tr\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/kutaybilen.com.tr\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/kutaybilen.com.tr\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=12893"}],"version-history":[{"count":1,"href":"https:\/\/kutaybilen.com.tr\/index.php?rest_route=\/wp\/v2\/posts\/12893\/revisions"}],"predecessor-version":[{"id":12895,"href":"https:\/\/kutaybilen.com.tr\/index.php?rest_route=\/wp\/v2\/posts\/12893\/revisions\/12895"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/kutaybilen.com.tr\/index.php?rest_route=\/wp\/v2\/media\/12894"}],"wp:attachment":[{"href":"https:\/\/kutaybilen.com.tr\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=12893"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/kutaybilen.com.tr\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=12893"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/kutaybilen.com.tr\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=12893"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}