{"id":21988,"date":"2022-05-05T22:30:03","date_gmt":"2022-05-05T19:30:03","guid":{"rendered":"https:\/\/kutaybilen.com.tr\/?p=21988"},"modified":"2022-05-05T22:30:03","modified_gmt":"2022-05-05T19:30:03","slug":"bir-hacker-8-yil-boyunca-botnetle-anime-goruntuleri-indirmis","status":"publish","type":"post","link":"https:\/\/kutaybilen.com.tr\/?p=21988","title":{"rendered":"Bir Hacker, 8 Y\u0131l Boyunca Botnetle Anime G\u00f6r\u00fcnt\u00fcleri \u0130ndirmi\u015f"},"content":{"rendered":"<p>Siber g\u00fcvenlik ara\u015ft\u0131rmac\u0131lar\u0131, bug\u00fcn \u00e7ok enteresan bir <strong>hackerl\u0131k<\/strong> faaliyetini kamuoyuyla payla\u015ft\u0131.\u00a0Forcepoint&#39;ten ara\u015ft\u0131rmac\u0131lar\u0131n aktard\u0131\u011f\u0131na g\u00f6re\u00a0bir hacker, yakla\u015f\u0131k 8 y\u0131l boyunca\u00a0D-Link NVR (a\u011f g\u00f6r\u00fcnt\u00fc kaydediciler) ve NAS (a\u011f temasl\u0131 depolama) ayg\u0131tlar\u0131n\u0131 bir botnete d\u00f6n\u00fc\u015ft\u00fcrd\u00fc. Sessiz sedas\u0131z yap\u0131lan bu s\u00fcrecin tek hedefiyse \u00e7evrimi\u00e7i internet sitelerine ba\u011flanarak anime g\u00f6r\u00fcnt\u00fcler indirmekti.\u00a0Cereals ismi verilen ve birinci kere <strong>2012<\/strong> y\u0131l\u0131nda g\u00f6r\u00fclen bu botnet, tepe noktas\u0131na ula\u015ft\u0131\u011f\u0131 <strong>2015<\/strong> <strong>y\u0131l\u0131nda 10.000&#39;den fazla <\/strong>botu toplayabiliyordu.<\/p>\n<p>Boyutunun b\u00fcy\u00fckl\u00fc\u011f\u00fcne\u00a0ra\u011fmen botnet, siber g\u00fcvenlik firmalar\u0131n\u0131n radar\u0131na <strong>yakalanmadan<\/strong> faaliyet y\u00fcr\u00fctmeyi ba\u015fard\u0131.\u00a0Cereals, yava\u015f\u00e7a ortadan kalkmaya ba\u015flad\u0131 zira a\u00e7\u0131klar\u0131n\u0131 kulland\u0131\u011f\u0131 D-Link ayg\u0131tlar\u0131 eskidi ve sahipleri taraf\u0131ndan kullan\u0131lmamaya ba\u015fland\u0131. Ayr\u0131ca\u00a0<strong>Cr1ptT0r<\/strong> ismi verilen bir fidye yaz\u0131l\u0131m\u0131n\u0131n 2019 y\u0131l\u0131n\u0131n k\u0131\u015f aylar\u0131ndaki D-Link ayg\u0131tlara y\u00f6nelik sald\u0131r\u0131s\u0131nda\u00a0Cereals berbat niyetli yaz\u0131l\u0131m\u0131 da yok edildi. 8 y\u0131ll\u0131k maceran\u0131n ba\u015frol\u00fc olan botnetin ve korunmas\u0131z ayg\u0131tlar\u0131n ortadan kalkmas\u0131yla birlikte\u00a0Cereals&#39;\u0131n \u00f6yk\u00fcs\u00fc kamuoyuyla payla\u015f\u0131ld\u0131.<\/p>\n<p><b>Sadece tek bir a\u00e7\u0131\u011f\u0131 kulland\u0131:<\/b><\/p>\n<p><img decoding=\"async\" src=\"https:\/\/www.webtekno.com\/images\/editor\/default\/0002\/61\/e1e7a529f8e10fed6f075bc282f35c3eafc0e56d.png\"\/><\/p>\n<p>Ara\u015ft\u0131rmac\u0131lar\u0131n belirtti\u011fine g\u00f6re\u00a0Cereals&#39;\u0131n faaliyet y\u00fcr\u00fctme bi\u00e7imi benzersizdi zira bu botnet 8 y\u0131ll\u0131k hayat\u0131 boyunca sadece <strong>tek bir a\u00e7\u0131\u011f\u0131<\/strong> kulland\u0131. Bu a\u00e7\u0131k, D-Link ayg\u0131t yaz\u0131l\u0131m\u0131n\u0131n SMS bildirimi \u00f6zelli\u011fiyle \u015firketin NAS ve NVR ayg\u0131tlar\u0131ndaki s\u0131n\u0131r\u0131 harekete ge\u00e7irmesi \u00fczerinden istismar ediliyordu. A\u00e7\u0131k; Cereals&#39;\u0131n sahibine, savunmas\u0131z cihaz\u0131n\u00a0sunucusuna mak\u00fbs niyetli bir bi\u00e7imde d\u00fczenlenmi\u015f bir <strong>HTTP<\/strong> <strong>iste\u011fi<\/strong> yollay\u0131p bu formda k\u00f6k dizini ayr\u0131cal\u0131klar\u0131yla komut \u00e7al\u0131\u015ft\u0131rmas\u0131na imkan tan\u0131yordu.<\/p>\n<p>Forcepoint&#39;in a\u00e7\u0131klamas\u0131na nazaran hacker, interneti tarayarak bu a\u00e7\u0131\u011fa sahip D-Link sistemlerini buluyor ve bu g\u00fcvenlik a\u00e7\u0131\u011f\u0131n\u0131 kullanarak Cereals yaz\u0131l\u0131m\u0131n\u0131 NAS ve NVR ayg\u0131tlar\u0131na y\u00fckl\u00fcyordu. Bununla birlikte\u00a0Cereals, tek bir a\u00e7\u0131\u011f\u0131 kullanmas\u0131na kar\u015f\u0131n bir olduk\u00e7a <strong>geli\u015fmi\u015f<\/strong> bir sistem \u00fczere g\u00f6r\u00fcn\u00fcyor. Vir\u00fcs\u00fcn bula\u015ft\u0131\u011f\u0131 ayg\u0131tlara eri\u015fim i\u00e7in <strong>4 farkl\u0131 art kap\u0131 d\u00fczene\u011fine<\/strong> sahip botnet, di\u011fer sald\u0131rganlar\u0131n sistemi ele ge\u00e7irmesini engellemek i\u00e7in ayg\u0131tlar\u0131n sistemine yama yap\u0131yordu ve botlar\u0131 <strong>12<\/strong> <strong>k\u00fc\u00e7\u00fck<\/strong> <strong>alt<\/strong> <strong>a\u011f<\/strong> arac\u0131l\u0131\u011f\u0131yla y\u00f6netiyordu.<\/p>\n<p><img decoding=\"async\" src=\"https:\/\/www.webtekno.com\/images\/editor\/default\/0002\/61\/366884caeb0ca47e49796c314c912ea01935ebce.jpeg\"\/><\/p>\n<p>Forcepoint ara\u015ft\u0131rmac\u0131lar\u0131, t\u00fcm geli\u015fmi\u015f \u00f6zelliklerine kar\u015f\u0131n Cereals&#39;\u0131n bir &#39;<strong>hobi<\/strong> <strong>projesi<\/strong>&#39; oldu\u011funu vurguluyor.\u00a0D-Link NAS ve NVR sistemlerinin \u00f6tesinde bir faaliyet y\u00fcr\u00fctmeye kalk\u0131\u015fmayan botnet, ayr\u0131yeten anime g\u00f6r\u00fcnt\u00fcleri indirmek d\u0131\u015f\u0131nda da hi\u00e7bir faaliyet i\u00e7in kullan\u0131lmam\u0131\u015f. <strong>DDoS<\/strong> <strong>h\u00fccumlar\u0131<\/strong> yapmayan botnet, y\u00f6netti\u011fi ayg\u0131tlardaki kullan\u0131c\u0131 bilgilerini elde etmek i\u00e7in de y\u00f6nlendirilmemi\u015f. Ad\u0131n\u0131n\u00a0<strong>Stefan<\/strong> oldu\u011fu s\u00f6ylenen Alman hacker\u0131n bu nedenle botneti rastgele bir c\u00fcr\u00fcm i\u015flemek gayesiyle yaratmad\u0131\u011f\u0131 d\u00fc\u015f\u00fcn\u00fcl\u00fcyor.<\/p>\n<div> <\/div>\n","protected":false},"excerpt":{"rendered":"<p>Siber g\u00fcvenlik ara\u015ft\u0131rmac\u0131lar\u0131, bug\u00fcn \u00e7ok enteresan bir hackerl\u0131k faaliyetini kamuoyuyla payla\u015ft\u0131.\u00a0Forcepoint&#39;ten ara\u015ft\u0131rmac\u0131lar\u0131n &#8230;<\/p>\n","protected":false},"author":1,"featured_media":21989,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[15],"tags":[3842,3256,3997,1035],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/kutaybilen.com.tr\/index.php?rest_route=\/wp\/v2\/posts\/21988"}],"collection":[{"href":"https:\/\/kutaybilen.com.tr\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/kutaybilen.com.tr\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/kutaybilen.com.tr\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/kutaybilen.com.tr\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=21988"}],"version-history":[{"count":1,"href":"https:\/\/kutaybilen.com.tr\/index.php?rest_route=\/wp\/v2\/posts\/21988\/revisions"}],"predecessor-version":[{"id":21990,"href":"https:\/\/kutaybilen.com.tr\/index.php?rest_route=\/wp\/v2\/posts\/21988\/revisions\/21990"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/kutaybilen.com.tr\/index.php?rest_route=\/wp\/v2\/media\/21989"}],"wp:attachment":[{"href":"https:\/\/kutaybilen.com.tr\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=21988"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/kutaybilen.com.tr\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=21988"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/kutaybilen.com.tr\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=21988"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}