{"id":17038,"date":"2022-04-26T15:36:04","date_gmt":"2022-04-26T12:36:04","guid":{"rendered":"https:\/\/kutaybilen.com.tr\/?p=17038"},"modified":"2022-04-26T15:36:04","modified_gmt":"2022-04-26T12:36:04","slug":"antivirusunuzu-devre-disi-birakan-fidye-yazilimi-bulundu","status":"publish","type":"post","link":"https:\/\/kutaybilen.com.tr\/?p=17038","title":{"rendered":"Antivir\u00fcs\u00fcn\u00fcz\u00fc Devre D\u0131\u015f\u0131 B\u0131rakan Fidye Yaz\u0131l\u0131m\u0131 Bulundu"},"content":{"rendered":"<p>Be\u015ferler bilgisayarlar\u0131na <strong>antivir\u00fcs <\/strong>y\u00fcklediklerinde genel manada inan\u00e7ta olduklar\u0131n\u0131 d\u00fc\u015f\u00fcn\u00fcyorlar. Fakat yeni yap\u0131lan bir ara\u015ft\u0131rma, sisteminizde antivir\u00fcs olsa dahi hi\u00e7bir vakit <strong>sand\u0131\u011f\u0131n\u0131z kadar<\/strong> inan\u00e7ta olmayaca\u011f\u0131n\u0131z\u0131 ortaya koyuyor. Ara\u015ft\u0131rmaya nazaran hackerlar art\u0131k antivir\u00fcsleri <strong>devre d\u0131\u015f\u0131 b\u0131rakmak i\u00e7in<\/strong> tekrar antivir\u00fcsleri kullan\u0131yor.<\/p>\n<p>Sophos isimli bir g\u00fcvenlik \u015firketinin yapt\u0131\u011f\u0131 ara\u015ft\u0131rma, yeni bir \u201c<strong>ransomware (fidye yaz\u0131l\u0131m\u0131)<\/strong>\u201d yaz\u0131l\u0131m\u0131n\u0131n Windows sistemlerini i\u015fgal edebilece\u011fini ortaya \u00e7\u0131kard\u0131. Yaz\u0131l\u0131m, Gigabyte\u2019\u0131n \u015fof\u00f6rlerine sald\u0131rarak Windows sistemine s\u0131zmay\u0131 ba\u015far\u0131yor. Akabinde sisteme ikinci bir \u015fof\u00f6r y\u00fckleyerek \u00e7al\u0131\u015fmakta olan antivir\u00fcs\u00fc devre d\u0131\u015f\u0131 b\u0131rak\u0131yor.<\/p>\n<p><b>2018 y\u0131l\u0131nda ke\u015ffedilen bir a\u00e7\u0131ktan faydalan\u0131l\u0131yor:<\/b><\/p>\n<p><img decoding=\"async\" src=\"https:\/\/www.webtekno.com\/images\/editor\/default\/0002\/44\/8cf3ceccaae88d34094d84f11f1ba70d2e91a2b2.jpeg\"\/><\/p>\n<p>Ransomware, 2018 y\u0131l\u0131nda Gigabyte\u2019\u0131n ke\u015ffetti\u011fi bir a\u00e7\u0131ktan faydalan\u0131yor. Gigabyte, bu t\u00fcrl\u00fc bir a\u00e7\u0131\u011f\u0131n sistemlerde mevcut oldu\u011funu <strong>daha evvel<\/strong> kabul etmi\u015fti. Bu a\u00e7\u0131k sayesinde hackerlar, sisteme basit\u00e7e ula\u015fabiliyor ve bu bilgisayardaki antivir\u00fcs\u00fc devre d\u0131\u015f\u0131 b\u0131rakarak hareketlerini rahat\u00e7a ger\u00e7ekle\u015ftiriyor.<\/p>\n<p>Hackerlar\u0131n sisteme y\u00fckledikleri ikinci \u015fof\u00f6r, sistemde bulunan antivir\u00fcs\u00fcn s\u00fcre\u00e7lerini ve evraklar\u0131n\u0131 <strong>engelliyor<\/strong>. B\u00f6ylelikle hi\u00e7bir diren\u00e7le kar\u015f\u0131la\u015fmayan vir\u00fcs rahat bir formda kurban\u0131n\u0131n bilgisayar\u0131na yerle\u015fiyor. Sophos, b\u00f6ylesine bir vir\u00fcs\u00fcn birinci defa ke\u015ffedildi\u011finden de a\u00e7\u0131klamas\u0131nda bahsetti.<\/p>\n<p>Ransomware, \u00fczerinde Microsoft\u2019un da imzas\u0131n\u0131n oldu\u011fu <strong>\u00fc\u00e7\u00fcnc\u00fc parti bir s\u00fcr\u00fcc\u00fcy\u00fc<\/strong> kullan\u0131yor. Bu \u015fof\u00f6r, kendi mak\u00fbs gayeli \u015fof\u00f6r\u00fcn\u00fc y\u00fcklemek i\u00e7in kernel evraklar\u0131n\u0131 de\u011fi\u015ftirebiliyor. Kernel evraklar\u0131 de\u011fi\u015fen ola\u011fan \u015fof\u00f6r b\u00f6ylece b\u00fcsb\u00fct\u00fcn devre d\u0131\u015f\u0131 kal\u0131yor.<\/p>\n<p>Ransomware, kurbanlar\u0131ndan fidye talep etmek isteyen makus gayeli hackerlar\u0131n kulland\u0131\u011f\u0131 bir yaz\u0131l\u0131m. Haberlere nazaran hackerlar\u0131n kurban\u0131 olan \u015fah\u0131slar bilgisayarlar\u0131ndaki evraklara eri\u015fmek i\u00e7in <strong>fiyat \u00f6demek <\/strong>zorundalar. \u015eayet kurban fiyat \u00f6demezse, \u00f6demeleri gereken fiyata her ge\u00e7en g\u00fcn 10.000 dolar daha ekleniyor.<\/p>\n<p>Hackerlar\u0131n kulland\u0131\u011f\u0131 Gigabyte\u2019\u0131n <strong>gdrv.sys<\/strong> s\u00fcr\u00fcc\u00fcs\u00fcndeki y\u00fcr\u00fct\u00fclebilir evrak\u0131n ismi Steel.exe. Bu, <strong>ROBNR.EXE<\/strong> isimli bir belgeyi \u00e7\u0131kar\u0131yor ve bunu Windows\u2019un s\u00fcreksiz belgeler k\u0131sm\u0131na aktar\u0131yor. ROBNR.EXE, biri Gigabyte\u2019\u0131n olmak \u00fczere iki farkl\u0131 \u015fof\u00f6r y\u00fckl\u00fcyor.<br \/> \u00a0<\/p>\n<div> <\/div>\n","protected":false},"excerpt":{"rendered":"<p>Be\u015ferler bilgisayarlar\u0131na antivir\u00fcs y\u00fcklediklerinde genel manada inan\u00e7ta olduklar\u0131n\u0131 d\u00fc\u015f\u00fcn\u00fcyorlar. Fakat yeni yap\u0131lan bir ara\u015ft\u0131rma, sisteminizde &#8230;<\/p>\n","protected":false},"author":1,"featured_media":17039,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[854],"tags":[2682,2931,3346,1691],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/kutaybilen.com.tr\/index.php?rest_route=\/wp\/v2\/posts\/17038"}],"collection":[{"href":"https:\/\/kutaybilen.com.tr\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/kutaybilen.com.tr\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/kutaybilen.com.tr\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/kutaybilen.com.tr\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=17038"}],"version-history":[{"count":1,"href":"https:\/\/kutaybilen.com.tr\/index.php?rest_route=\/wp\/v2\/posts\/17038\/revisions"}],"predecessor-version":[{"id":17040,"href":"https:\/\/kutaybilen.com.tr\/index.php?rest_route=\/wp\/v2\/posts\/17038\/revisions\/17040"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/kutaybilen.com.tr\/index.php?rest_route=\/wp\/v2\/media\/17039"}],"wp:attachment":[{"href":"https:\/\/kutaybilen.com.tr\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=17038"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/kutaybilen.com.tr\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=17038"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/kutaybilen.com.tr\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=17038"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}