{"id":8960,"date":"2022-04-11T17:36:04","date_gmt":"2022-04-11T14:36:04","guid":{"rendered":"https:\/\/kutaybilen.com.tr\/?p=8960"},"modified":"2022-04-11T17:36:04","modified_gmt":"2022-04-11T14:36:04","slug":"850-000-bilgisayara-bulasan-retadup-etkisiz-hale-getirildi","status":"publish","type":"post","link":"https:\/\/kutaybilen.com.tr\/?p=8960","title":{"rendered":"850.000 Bilgisayara Bula\u015fan Retadup, Etkisiz Hale Getirildi"},"content":{"rendered":"<p>Retadup isimli ziyanl\u0131 yaz\u0131l\u0131m, bilgisayarlara bula\u015f\u0131yor ve bir bilgisayar\u0131n i\u015flemcisini kripto para madencili\u011fi i\u00e7in kullanmaya ba\u015fl\u0131yor. Berbat hedefli yaz\u0131l\u0131m, temelde para kazanmak i\u00e7in kullan\u0131lm\u0131\u015f olmas\u0131na ra\u011fmen\u00a0bu ziyanl\u0131 yaz\u0131l\u0131mlar, basit\u00e7e casus yaz\u0131l\u0131m yahut fidye yaz\u0131l\u0131m\u0131 \u00fczere di\u011fer berbat emelli kodlar\u0131 da \u00e7al\u0131\u015ft\u0131rabiliyor.<\/p>\n<p>Berbat maksatl\u0131 yaz\u0131l\u0131m, birebir vakitte bilgisayardan bilgisayara yay\u0131lmas\u0131na m\u00fcsaade veren kayda k\u0131ymet riskli \u00f6zelliklere de sahip. Retadup, birinci ortaya \u00e7\u0131kmas\u0131ndan bu yana ABD, Rusya,\u00a0Orta ve G\u00fcney Amerika d\u00e2hil olmak \u00fczere t\u00fcm d\u00fcnyaya yay\u0131ld\u0131.<\/p>\n<p><b>Avast, Retadup\u2019u\u00a0etkisiz h\u00e2le getirdi:<\/b><\/p>\n<p><img decoding=\"async\" src=\"https:\/\/www.webtekno.com\/images\/editor\/default\/0002\/17\/af2f1476b85e02e95ce4ae7b9cee9718c1ce7a08.jpeg\"\/><\/p>\n<p>Y\u0131llar\u0131n g\u00fcvenlik firmas\u0131 Avast ise bu casus yaz\u0131l\u0131m\u0131n\u0131 etkisiz h\u00e2le getirdiklerini bir blog yaz\u0131s\u0131yla duyurdu. Avast, berbat gayeli yaz\u0131l\u0131m\u0131n komut ve denetim sunucusundaki bir yaz\u0131l\u0131m kusurunu ke\u015ffettikten sonra bu yaz\u0131l\u0131ma m\u00fcdahale etmek i\u00e7in d\u00e2hil oldu.<\/p>\n<p>G\u00fcvenlik firmas\u0131, bu mak\u00fbs hedefli yaz\u0131l\u0131m\u0131n kurbanlar\u0131n bilgisayarlar\u0131na girerek bu ziyanl\u0131 yaz\u0131l\u0131m\u0131 ortadan kald\u0131racakt\u0131 ancak\u00a0Avast, bu s\u00fcreci yapmak i\u00e7in k\u00e2fi yasal otoriteye sahip de\u011fildi. Makus emelli yaz\u0131l\u0131m\u0131n altyap\u0131s\u0131n\u0131n bir\u00e7ok Fransa&#39;da bulundu\u011fundan\u00a0Avast, Frans\u0131z polisi ile temasa ge\u00e7ti.<\/p>\n<p>Temmuz ay\u0131ndan beri \u00e7al\u0131\u015fmalar\u0131na devam eden Frans\u0131z polisi, sunucuyu denetim alt\u0131na alma ve etkilenen bilgisayarlar\u0131 temizleme i\u00e7in operasyonlara ba\u015flad\u0131. Frans\u0131z polisine nazaran Retadup, d\u00fcnyan\u0131n en b\u00fcy\u00fck botnet a\u011f\u0131 olarak de\u011ferlendirildi.<\/p>\n<p><img decoding=\"async\" src=\"https:\/\/www.webtekno.com\/images\/editor\/default\/0002\/17\/52c6d200708fca18e27176fd67c364cd73592fb7.jpeg\"\/><\/p>\n<p>Ara\u015ft\u0131rmac\u0131lar;\u00a0k\u00f6t\u00fc gayeli yaz\u0131l\u0131m operat\u00f6rleri taraf\u0131ndan fark edilmemesi i\u00e7in dikkatle \u00e7al\u0131\u015fmak zorunda olduklar\u0131n\u0131, mak\u00fbs emelli yaz\u0131l\u0131m operat\u00f6rlerinin misillemede bulunabilece\u011finden korktuklar\u0131n\u0131 s\u00f6ylediler. G\u00fcvenlik \u015firketi,<em> &#8220;K\u00f6t\u00fc hedefli yaz\u0131l\u0131m geli\u015ftiricileri, \u00e7o\u011funlukla uygun bir pasif gelir elde ederek kripto para madencili\u011fi yap\u0131yorlard\u0131 fakat Retadup&#39;u b\u00fcsb\u00fct\u00fcn ortadan kald\u0131rmak \u00fczere oldu\u011fumuzu anlarlarsa\u00a0k\u00f6t\u00fc hedefli yaz\u0131l\u0131mlar\u0131n\u0131 son vurgunlar\u0131n\u0131 yapmak i\u00e7in y\u00fcz binlerce bilgisayara fidye yaz\u0131l\u0131m\u0131 g\u00f6nderebilirlerdi\u201d<\/em> a\u00e7\u0131klamas\u0131n\u0131 yapt\u0131. \u00a0<\/p>\n<p><b>Botnet, sunucularda bulunan bir a\u00e7\u0131k sayesinde imha edildi:<\/b><\/p>\n<p><img decoding=\"async\" src=\"https:\/\/www.webtekno.com\/images\/editor\/default\/0002\/17\/0bd90c09e53717c809a70c8aeb0d7d71c11e9025.jpeg\"\/><\/p>\n<p>Polis, berbat niyetli komut ve denetim sunucusunu\u00a0Retadup&#39;un kendi kendini imha etme durumlar\u0131n\u0131 birbirine ba\u011flayan haz\u0131rlanm\u0131\u015f bir dezenfeksiyon sunucusuyla de\u011fi\u015ftirdi. Aktifli\u011finin birinci saniyesinde, sunucudan komut almak i\u00e7in birka\u00e7 bin robot ba\u011fland\u0131. Dezenfeksiyon sunucusu onlara kar\u015f\u0131l\u0131k verdi ve onlar\u0131 dezenfekte ederek protokol tasar\u0131m kusurunu berbata kulland\u0131. Bunu yaparak\u00a0\u015firket, berbat hedefli yaz\u0131l\u0131m\u0131n \u00e7al\u0131\u015fmas\u0131n\u0131 durdurabildi ve makus maksatl\u0131 kodu 850.000&#39;den fazla vir\u00fcsl\u00fc bilgisayarda kald\u0131rd\u0131.<\/p>\n<p>Frans\u0131z polisinin siber \u00fcnite lideri Jean-Dominique Nollet, makus gayeli yaz\u0131l\u0131m operat\u00f6rlerinin birka\u00e7 milyon euro bedelinde kripto para \u00fcnitesi \u00fcretti\u011fini s\u00f6yledi. Bir berbat maksatl\u0131 yaz\u0131l\u0131m botnetin uzaktan kapat\u0131lmas\u0131, bu alanda ender g\u00f6r\u00fclebilecek bir muvaffakiyet olarak yorumlan\u0131yor.<\/p>\n<div> <\/div>\n<div>\n<div> <\/div>\n<\/p><\/div>\n","protected":false},"excerpt":{"rendered":"<p>Retadup isimli ziyanl\u0131 yaz\u0131l\u0131m, bilgisayarlara bula\u015f\u0131yor ve bir bilgisayar\u0131n i\u015flemcisini kripto para madencili\u011fi i\u00e7in kullanmaya ba\u015fl\u0131yor. Berbat &#8230;<\/p>\n","protected":false},"author":1,"featured_media":8961,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[15],"tags":[1590,2036,1237],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/kutaybilen.com.tr\/index.php?rest_route=\/wp\/v2\/posts\/8960"}],"collection":[{"href":"https:\/\/kutaybilen.com.tr\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/kutaybilen.com.tr\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/kutaybilen.com.tr\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/kutaybilen.com.tr\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=8960"}],"version-history":[{"count":1,"href":"https:\/\/kutaybilen.com.tr\/index.php?rest_route=\/wp\/v2\/posts\/8960\/revisions"}],"predecessor-version":[{"id":8962,"href":"https:\/\/kutaybilen.com.tr\/index.php?rest_route=\/wp\/v2\/posts\/8960\/revisions\/8962"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/kutaybilen.com.tr\/index.php?rest_route=\/wp\/v2\/media\/8961"}],"wp:attachment":[{"href":"https:\/\/kutaybilen.com.tr\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=8960"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/kutaybilen.com.tr\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=8960"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/kutaybilen.com.tr\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=8960"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}