{"id":11093,"date":"2022-10-07T11:39:27","date_gmt":"2022-10-07T08:39:27","guid":{"rendered":"https:\/\/www.kaspersky.com.tr\/blog\/?p=11093"},"modified":"2022-10-07T11:39:27","modified_gmt":"2022-10-07T08:39:27","slug":"nullmixer-trojan-dropper","status":"publish","type":"post","link":"https:\/\/www.kaspersky.com.tr\/blog\/nullmixer-trojan-dropper\/11093\/","title":{"rendered":"NullMixer: birden \u00e7ok k\u00f6t\u00fc ama\u00e7l\u0131 yaz\u0131l\u0131m bir arada"},"content":{"rendered":"

Korsan yaz\u0131l\u0131m indirmek her zaman \u015fans i\u015fi. Baz\u0131lar\u0131 \u015fansl\u0131yken baz\u0131lar\u0131 daha az \u015fansl\u0131. Kullan\u0131c\u0131, lisans sat\u0131n al\u0131rken \u00f6dedi\u011finden daha fazla para kaybedebilir. Korsan oyun<\/a> gibi g\u00f6r\u00fcnen ve torrentler<\/a> sayesinde yay\u0131lan \u00e7e\u015fitli k\u00f6t\u00fc ama\u00e7l\u0131 yaz\u0131l\u0131m t\u00fcrleri hakk\u0131nda \u00e7ok kez konu\u015ftuk. Ge\u00e7ti\u011fimiz g\u00fcnlerde, ara\u015ft\u0131rmac\u0131lar\u0131m\u0131z, kullan\u0131c\u0131lar\u0131n lisanss\u0131z yaz\u0131l\u0131m indirirken kar\u015f\u0131la\u015fabilece\u011fi bir ba\u015fka yayg\u0131n tehdit olan NullMixer dropper\u0131 konu alan\u00a0 yeni bir \u00e7al\u0131\u015fma yay\u0131nlad\u0131<\/a>.<\/p>\n

Truva at\u0131 dropperlar\u0131 nelerdir? \u00d6rne\u011fin \u2014 NullMixer<\/h2>\n

Basit\u00e7e tan\u0131mlamak gerekirse, Truva at\u0131 dropperlar\u0131<\/a> (ya da sadece \u201cdropperlar\u201d), k\u00f6t\u00fc ama\u00e7l\u0131 yaz\u0131l\u0131mlar\u0131 da\u011f\u0131tmak i\u00e7in kullan\u0131lan ara\u00e7lard\u0131r. Ama\u00e7lar\u0131, di\u011fer k\u00f6t\u00fc ama\u00e7l\u0131 yaz\u0131l\u0131mlar\u0131 (baz\u0131 durumlarda birka\u00e7 olayda) kullan\u0131c\u0131n\u0131n cihaz\u0131na, ona fark ettirmeden y\u00fcklemektir. NullMixer\u2019\u0131 \u00f6rne\u011fini inceleyerek, bunu nas\u0131l yapt\u0131klar\u0131na bakal\u0131m.<\/p>\n

Bu dropper, kullan\u0131c\u0131lara korsan yaz\u0131l\u0131m ve crack<\/a> (yasal yaz\u0131l\u0131m\u0131n korumas\u0131n\u0131 k\u0131ran ara\u00e7lar) vaat eden siteler taraf\u0131ndan da\u011f\u0131t\u0131l\u0131yor. K\u00f6t\u00fc ama\u00e7l\u0131 yaz\u0131l\u0131m geli\u015ftiricileri, arama motoru optimizasyonu (SEO)<\/a> ara\u00e7lar\u0131n\u0131 becerikli bir \u015fekilde kullan\u0131yor. \u201cCracked yaz\u0131l\u0131m\u201d veya \u201ckeygen\u201d (key generator <\/a>i\u00e7in kullan\u0131lan argo terim) gibi aramalar i\u00e7in, bahsi ge\u00e7en bu k\u00f6t\u00fc ama\u00e7l\u0131 siteler genellikle arama sonu\u00e7lar\u0131nda en \u00fcstte yer al\u0131yor.<\/p>\n

Kullan\u0131c\u0131 b\u00f6yle bir siteden korsan yaz\u0131l\u0131m indirmeye \u00e7al\u0131\u015f\u0131rken, belirli bir internet sayfas\u0131na ula\u015fana kadar birka\u00e7 kez y\u00f6nlendiriliyor. Bu sayfada, parola korumal\u0131 bir ar\u015fivin ba\u011flant\u0131s\u0131, bu ar\u015fivin nas\u0131l indirilece\u011fi ve nas\u0131l a\u00e7\u0131laca\u011f\u0131na ili\u015fkin talimatlar ile kar\u015f\u0131la\u015f\u0131yorlar.<\/p>\n

\u00a0<\/p>\n

\"\"

Sahte korsan yaz\u0131l\u0131m indirirken kar\u015f\u0131la\u015f\u0131lan ar\u015fiv ve talimatlar<\/p><\/div>\n

\u00a0<\/strong><\/p>\n

\u0130yi haber, kurban\u0131n sadece siteyi ziyaret etmesiyle bula\u015fan hileli mekanizmalar\u0131n\u0131n olmamas\u0131. Ba\u011flant\u0131n\u0131n t\u0131klanmas\u0131ndan k\u00f6t\u00fc ama\u00e7l\u0131 yaz\u0131l\u0131m\u0131n indirilmesine ve ba\u015flat\u0131lmas\u0131na kadar t\u00fcm ad\u0131mlar\u0131, kullan\u0131c\u0131lar\u0131n ger\u00e7ekle\u015ftirmesi gerekiyor. Kurban ku\u015fkulan\u0131r ve geriye kalan ad\u0131mlar\u0131 tamamlamazsa, bilgisayara hi\u00e7bir \u015fey olmaz. Nullmixer distrib\u00fct\u00f6rleri, \u00e7ok a\u00e7\u0131k bir bi\u00e7imde sahte bir g\u00fcvenlik duygusu yarat\u0131yor ve buna g\u00fcveniyorlar. Bir\u00e7ok kullan\u0131c\u0131, arama sonu\u00e7lar\u0131n\u0131n ilk sayfas\u0131nda k\u00f6t\u00fc bir \u015feyle kar\u015f\u0131la\u015fmayaca\u011f\u0131n\u0131 d\u00fc\u015f\u00fcn\u00fcyor ve bu y\u00fczden bir anl\u0131k dikkatsizlikle cihazlar\u0131na Truva At\u0131 kuruyor.<\/p>\n

NullMixer ile gelen k\u00f6t\u00fc ama\u00e7l\u0131 yaz\u0131l\u0131mlar<\/h2>\n

NullMixer ayn\u0131 anda bir\u00e7ok k\u00f6t\u00fc ama\u00e7l\u0131 yaz\u0131l\u0131m\u0131 \u00e7al\u0131\u015ft\u0131r\u0131yor ve bunlar\u0131n yar\u0131s\u0131ndan fazlas\u0131 k\u00f6t\u00fc ama\u00e7l\u0131 indirme programlar\u0131<\/a>. Yani, bir kez ba\u015flat\u0131ld\u0131\u011f\u0131nda, sisteminize ba\u015fka bir \u015fey (veya daha b\u00fcy\u00fck olas\u0131l\u0131kla bir\u00e7ok \u015fey) indiriyorlar. Sonu\u00e7 olarak, istedi\u011finiz program yerine bir s\u00fcr\u00fc k\u00f6t\u00fc ama\u00e7l\u0131 yaz\u0131l\u0131m edinmi\u015f oluyorsunuz.<\/p>\n

\u0130ndirme programlar\u0131 d\u0131\u015f\u0131nda pakette ba\u015fka neler var? Tam bir h\u0131rs\u0131z<\/a> tak\u0131m\u0131, yani oturum a\u00e7ma kimlik bilgilerini edinmeye \u00e7al\u0131\u015fan programlar. Aralar\u0131nda en k\u00f6t\u00fc \u015f\u00f6hretlisi, ara\u015ft\u0131rmac\u0131lar\u0131n radarlar\u0131na ilk kez 2020\u2019de giren ve o zamandan beri \u201cpazar lideri\u201d haline gelen RedLine<\/a>. Parolalar\u0131, banka kart\u0131 bilgilerini, kripto c\u00fczdan anahtarlar\u0131n\u0131, parola olmadan hesaplar\u0131n\u0131za giri\u015f yap\u0131lmas\u0131n\u0131 sa\u011flayan oturum tan\u0131mlama bilgilerini ve anl\u0131k mesajlar\u0131 \u00e7alar.<\/p>\n

NullMixer kurbanlar\u0131, indirme programlar\u0131 ve h\u0131rs\u0131zlar\u0131n yan\u0131 s\u0131ra, \u00f6zellikle DanaBot<\/a> olmak \u00fczere birka\u00e7 bankac\u0131l\u0131k Truva at\u0131n\u0131<\/a> da indirmi\u015f oluyor. DanaBot, cihazdan bilgi \u00e7almakla kalm\u0131yor, ayn\u0131 zamanda \u00e7evrimi\u00e7i ma\u011faza veya sosyal a\u011f sayfalar\u0131na sahte formlar yerle\u015ftiriyor. B\u00f6ylece kurbanlar, banka kartlar\u0131n\u0131n bilgilerini payla\u015fm\u0131\u015f oluyor. Belki de en \u00f6nemlisi, DanaBot\u2019un, sahiplerine vir\u00fcsl\u00fc cihaza tam eri\u015fim sa\u011flamas\u0131. B\u00f6ylece, sald\u0131rganlar istediklerini yapabiliyor.<\/p>\n

Ayr\u0131ca, NullMixer \u00fcr\u00fcn yelpazesinde tam te\u015fekk\u00fcll\u00fc casus yaz\u0131l\u0131mlar da bulunuyor. PseudoManuscrypt<\/a> Truva At\u0131, kullan\u0131c\u0131 verilerini \u00e7alabilir (bir VPN ile g\u00f6nderildi\u011finde bile), ekran g\u00f6r\u00fcnt\u00fcleri alabilir, ses ve ekran g\u00f6r\u00fcnt\u00fcs\u00fc kaydedebilir. ,Ayn\u0131 bir casus gibi izlerini de kapatabilen PseudoManuscrypt, etkinli\u011fini gizlemek i\u00e7in sistem g\u00fcnl\u00fcklerini<\/a> siler.<\/p>\n

Siber su\u00e7lular\u0131n a\u011f\u0131na d\u00fc\u015fmemenin yollar\u0131<\/h2>\n

Ba\u015fta da belirtti\u011fimiz gibi korsan yaz\u0131l\u0131m indirmek her zaman risklidir. Bu y\u00fczden, her zaman oldu\u011fu gibi \u00f6nerimiz, sadece resmi kaynaklardan indirdi\u011finiz lisansl\u0131 programlar\u0131 y\u00fcklemeniz. Herhangi bir nedenle \u00fccretli lisans sat\u0131n alam\u0131yorsan\u0131z, her zaman \u00fccretsiz bir alternatif arayabilir, bir s\u00fcre deneme s\u00fcr\u00fcm\u00fcn\u00fc kullanabilir veya indirimleri bekleyebilirsiniz. \u00d6rne\u011fin bu g\u00f6nderimiz<\/a>, yasalara kar\u015f\u0131 gelmeden veya paran\u0131z\u0131 ya da hesaplar\u0131n\u0131z\u0131 riske atmadan oyunlardan nas\u0131l tasarruf edece\u011finizi a\u00e7\u0131kl\u0131yor.<\/p>\n

Cihaz\u0131n\u0131z\u0131n ger\u00e7ekten g\u00fcvende oldu\u011fundan emin olmak i\u00e7in k\u00f6t\u00fc ama\u00e7l\u0131 yaz\u0131l\u0131mlar\u0131 uzak tutacak\u00a0g\u00fcvenilir bir g\u00fcvenlik \u00e7\u00f6z\u00fcm\u00fc<\/a> kullan\u0131n. \u00dcr\u00fcnlerimiz NullMixer\u2019\u0131 ve onunla birlikte gelen c\u00fcmb\u00fc\u015f\u00fc ba\u015far\u0131l\u0131 bir \u015fekilde a\u011f\u0131na d\u00fc\u015f\u00fcr\u00fcr.<\/p>\n\n","protected":false},"excerpt":{"rendered":"

NullMixer dropper\u0131n\u0131n bir cihaza bir s\u00fcr\u00fc Truva at\u0131n\u0131 nas\u0131l indirebilece\u011fini a\u00e7\u0131kl\u0131yoruz.<\/p>\n","protected":false},"author":2477,"featured_media":11094,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[1351],"tags":[2402,2463,2593,1986,113],"class_list":{"0":"post-11093","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-threats","8":"tag-dropperlar","9":"tag-korsanlar","10":"tag-nullmixer","11":"tag-truva-atlari","12":"tag-windows"},"hreflang":[{"hreflang":"tr","url":"https:\/\/www.kaspersky.com.tr\/blog\/nullmixer-trojan-dropper\/11093\/"},{"hreflang":"en-in","url":"https:\/\/www.kaspersky.co.in\/blog\/nullmixer-trojan-dropper\/24741\/"},{"hreflang":"en-ae","url":"https:\/\/me-en.kaspersky.com\/blog\/nullmixer-trojan-dropper\/20212\/"},{"hreflang":"en-us","url":"https:\/\/usa.kaspersky.com\/blog\/nullmixer-trojan-dropper\/27215\/"},{"hreflang":"en-gb","url":"https:\/\/www.kaspersky.co.uk\/blog\/nullmixer-trojan-dropper\/25069\/"},{"hreflang":"es-mx","url":"https:\/\/latam.kaspersky.com\/blog\/nullmixer-trojan-dropper\/25372\/"},{"hreflang":"es","url":"https:\/\/www.kaspersky.es\/blog\/nullmixer-trojan-dropper\/27911\/"},{"hreflang":"it","url":"https:\/\/www.kaspersky.it\/blog\/nullmixer-trojan-dropper\/27253\/"},{"hreflang":"ru","url":"https:\/\/www.kaspersky.ru\/blog\/nullmixer-trojan-dropper\/34055\/"},{"hreflang":"x-default","url":"https:\/\/www.kaspersky.com\/blog\/nullmixer-trojan-dropper\/45723\/"},{"hreflang":"fr","url":"https:\/\/www.kaspersky.fr\/blog\/nullmixer-trojan-dropper\/19559\/"},{"hreflang":"pt-br","url":"https:\/\/www.kaspersky.com.br\/blog\/nullmixer-trojan-dropper\/20128\/"},{"hreflang":"de","url":"https:\/\/www.kaspersky.de\/blog\/nullmixer-trojan-dropper\/29356\/"},{"hreflang":"ja","url":"https:\/\/blog.kaspersky.co.jp\/nullmixer-trojan-dropper\/32603\/"},{"hreflang":"nl","url":"https:\/\/www.kaspersky.nl\/blog\/nullmixer-trojan-dropper\/28523\/"},{"hreflang":"ru-kz","url":"https:\/\/blog.kaspersky.kz\/nullmixer-trojan-dropper\/25492\/"},{"hreflang":"en-au","url":"https:\/\/www.kaspersky.com.au\/blog\/nullmixer-trojan-dropper\/31116\/"},{"hreflang":"en-za","url":"https:\/\/www.kaspersky.co.za\/blog\/nullmixer-trojan-dropper\/30806\/"}],"acf":[],"banners":"","maintag":{"url":"https:\/\/www.kaspersky.com.tr\/blog\/tag\/truva-atlari\/","name":"Truva Atlar\u0131"},"_links":{"self":[{"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/posts\/11093","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/users\/2477"}],"replies":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/comments?post=11093"}],"version-history":[{"count":1,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/posts\/11093\/revisions"}],"predecessor-version":[{"id":11096,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/posts\/11093\/revisions\/11096"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/media\/11094"}],"wp:attachment":[{"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/media?parent=11093"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/categories?post=11093"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/tags?post=11093"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}