{"id":11622,"date":"2023-08-17T10:00:14","date_gmt":"2023-08-17T07:00:14","guid":{"rendered":"https:\/\/www.kaspersky.com.tr\/blog\/?p=11622"},"modified":"2023-08-13T00:48:25","modified_gmt":"2023-08-12T21:48:25","slug":"dangerous-chrome-extensions-87-million","status":"publish","type":"post","link":"https:\/\/www.kaspersky.com.tr\/blog\/dangerous-chrome-extensions-87-million\/11622\/","title":{"rendered":"Chrome Web Ma\u011fazas\u0131&#8217;ndaki k\u00f6t\u00fc ama\u00e7l\u0131 uzant\u0131lar"},"content":{"rendered":"<p>K\u0131sa bir s\u00fcre \u00f6nce, Chrome Web Ma\u011fazas\u0131\u2019nda (Google Chrome\u2019un resmi taray\u0131c\u0131 uzant\u0131 ma\u011fazas\u0131) birka\u00e7 d\u00fczine k\u00f6t\u00fc ama\u00e7l\u0131 eklenti ke\u015ffedildi. Bu uzant\u0131lar\u0131n en pop\u00fcler olan\u0131 dokuz milyonun \u00fczerinde indirilmi\u015fti ve bu eklentilerin toplam indirilme say\u0131s\u0131 yakla\u015f\u0131k 87 milyondu. Bu yaz\u0131da, s\u00f6z konusu uzant\u0131lar\u0131n neler oldu\u011funu ve neden tehlikeli olduklar\u0131n\u0131 a\u00e7\u0131klamaya \u00e7al\u0131\u015faca\u011f\u0131z.<\/p>\n<h2>Chrome Web Ma\u011fazas\u0131\u2019ndaki k\u00f6t\u00fc ama\u00e7l\u0131 uzant\u0131lar<\/h2>\n<p>Her \u015fey, ba\u011f\u0131ms\u0131z siber g\u00fcvenlik ara\u015ft\u0131rmac\u0131s\u0131 Vladimir Palant\u2019\u0131n Chrome Web Ma\u011fazas\u0131\u2019nda \u015f\u00fcpheli kod i\u00e7eren PDF Toolbox (PDF Ara\u00e7 Kutusu) adl\u0131 bir uzant\u0131 <a target=\"_blank\" rel=\"nofollow noopener\" href=\"https:\/\/palant.info\/2023\/05\/16\/malicious-code-in-pdf-toolbox-extension\/\">bulmas\u0131yla<\/a> ba\u015flad\u0131. Buldu\u011fu eklenti, ilk bak\u0131\u015fta Office belgelerini d\u00f6n\u00fc\u015ft\u00fcrmek ve PDF dosyalar\u0131yla ilgili di\u011fer basit i\u015flemleri ger\u00e7ekle\u015ftirmek i\u00e7in kullan\u0131lan son derece normal bir eklenti gibi g\u00f6z\u00fck\u00fcyordu.<\/p>\n<p>PDF Toolbox, iki milyona yak\u0131n indirme ve ortalama 4,2 puanla etkileyici bir kullan\u0131c\u0131 taban\u0131na sahipti ve olumlu yorumlar alm\u0131\u015ft\u0131. Ancak, bu uzant\u0131n\u0131n i\u00e7inde ilgin\u00e7 bir \u201cek i\u015flev\u201d ke\u015ffedildi: eklenti, serasearchtop[.]com sitesine eri\u015ferek kullan\u0131c\u0131 taraf\u0131ndan g\u00f6r\u00fcnt\u00fclenen t\u00fcm sayfalara rastgele kod y\u00fckl\u00fcyordu.<\/p>\n<p>Daha sonra Palant, Chrome Web Ma\u011fazas\u0131\u2019nda bu sunucuya eri\u015fen di\u011fer uzant\u0131lar\u0131 arad\u0131 ve benzer ek i\u015flevlere sahip birka\u00e7 d\u00fczine eklenti daha buldu. Bu eklentiler toplamda 55 milyon kez indirilmi\u015fti.<\/p>\n<p>Son olarak Palant, elindeki k\u00f6t\u00fc ama\u00e7l\u0131 uzant\u0131 \u00f6rneklerinden yola \u00e7\u0131karak, Google\u2019\u0131n ma\u011fazas\u0131nda daha da kapsaml\u0131 bir arama yapt\u0131 ve tamamen farkl\u0131 temel i\u015flevlere sahip <a target=\"_blank\" rel=\"nofollow noopener\" href=\"https:\/\/palant.info\/2023\/05\/31\/more-malicious-extensions-in-chrome-web-store\/\">34 k\u00f6t\u00fc ama\u00e7l\u0131 uzant\u0131 ke\u015ffetti<\/a>. Bu uzant\u0131lar, toplamda 87 milyon kez indirilmi\u015fti. Ara\u015ft\u0131rmac\u0131n\u0131n buldu\u011fu en pop\u00fcler k\u00f6t\u00fc ama\u00e7l\u0131 eklenti, dokuz milyon kez indirilen \u201cAutoskip for Youtube\u201d oldu.<\/p>\n<p>Uzant\u0131lar, 2021 ve 2022\u2019de Chrome Web Ma\u011fazas\u0131\u2019na y\u00fcklenmi\u015fti, yani \u00e7al\u0131\u015fma yap\u0131ld\u0131\u011f\u0131nda en az alt\u0131 ayd\u0131r oradayd\u0131lar. Dahas\u0131, baz\u0131lar\u0131 hakk\u0131nda yap\u0131lan kullan\u0131c\u0131 yorumlar\u0131 incelendi\u011finde, dikkatli kullan\u0131c\u0131lar\u0131n, arama sonu\u00e7lar\u0131ndaki adresleri reklam yaz\u0131l\u0131m\u0131 ba\u011flant\u0131lar\u0131yla de\u011fi\u015ftiren uzant\u0131lar fark etti\u011fi g\u00f6r\u00fcld\u00fc. Tahmin edebilece\u011finiz \u00fczere bu \u015fikayetler Chrome Web Ma\u011fazas\u0131 moderat\u00f6rleri taraf\u0131ndan fark edilmedi.<\/p>\n<p>Palant\u2019\u0131n \u00e7al\u0131\u015fmas\u0131n\u0131n ve ayn\u0131 konuda uzman bir ekip taraf\u0131ndan haz\u0131rlanan <a target=\"_blank\" href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/malicious-chrome-extensions-with-75m-installs-removed-from-web-store\/\" rel=\"noopener nofollow\">ba\u015fka bir makalenin<\/a> yay\u0131nlanmas\u0131n\u0131n ard\u0131ndan, Google nihayet bu tehlikeli uzant\u0131lar\u0131 kald\u0131rd\u0131. Ancak bunun ger\u00e7ekle\u015fmesi i\u00e7in birka\u00e7 tan\u0131nm\u0131\u015f uzman\u0131n konuyla ilgilenip soruna i\u015faret etmesi gerekti. Bu arada, Google Play\u2019de de durum pek farkl\u0131 de\u011fil \u2014 orada da s\u0131radan kullan\u0131c\u0131lar\u0131n \u015fikayetleri genellikle <a target=\"_blank\" rel=\"nofollow noopener\" href=\"https:\/\/www.kaspersky.com.tr\/blog\/camscanner-malicious-android-app\/6373\/\">dikkate al\u0131nm\u0131yor<\/a>.<\/p>\n<h2>K\u00f6t\u00fc ama\u00e7l\u0131 taray\u0131c\u0131 uzant\u0131lar\u0131 neden \u00f6zellikle zararl\u0131d\u0131r?<\/h2>\n<p>Taray\u0131c\u0131 uzant\u0131lar\u0131 \u00f6zetle \u00fc\u00e7 ana sorun te\u015fkil eder. Birincisi, sahip olduklar\u0131 kullan\u0131c\u0131 verilerine eri\u015fim d\u00fczeyidir. Asl\u0131nda, herhangi bir eklentinin d\u00fczg\u00fcn \u00e7al\u0131\u015fmas\u0131 ve yararl\u0131 olmas\u0131 i\u00e7in, genellikle <strong>t\u00fcm web sitelerindeki t\u00fcm verilerinizi okumak ve de\u011fi\u015ftirmek<\/strong> i\u00e7in izninize ihtiya\u00e7lar\u0131 vard\u0131r.<\/p>\n<p>Yanl\u0131\u015f duymad\u0131n\u0131z, durum tam olarak b\u00f6yledir. Genel kural gere\u011fi, taray\u0131c\u0131 eklentileri, t\u00fcm sitelerdeki t\u00fcm verilerinizi g\u00f6r\u00fcnt\u00fclemek ve de\u011fi\u015ftirmek i\u00e7in izin ister. Yani, ziyaret etti\u011finiz t\u00fcm sitelerde yapt\u0131\u011f\u0131n\u0131z her \u015feyi g\u00f6r\u00fcrler ve g\u00f6r\u00fcnt\u00fclenen bir sayfan\u0131n i\u00e7eri\u011fini keyfi olarak de\u011fi\u015ftirebilirler.<\/p>\n<p>Bu \u00e7al\u0131\u015fma prensibi sonucunda bu uzant\u0131lar\u0131 geli\u015ftirenlerin yapmas\u0131na izin verilen i\u015flemler genel olarak \u015funlard\u0131r:<\/p>\n<ul>\n<li>Kullan\u0131c\u0131lar hakk\u0131nda bilgi toplamak ve satmak i\u00e7in t\u00fcm kullan\u0131c\u0131 aktivitelerini takip ederler.<\/li>\n<li>Kart ayr\u0131nt\u0131lar\u0131n\u0131 ve hesap kimlik bilgilerini \u00e7alarlar.<\/li>\n<li>Web sayfalar\u0131na reklamlar yerle\u015ftirirler.<\/li>\n<li>Arama sonu\u00e7lar\u0131ndaki ba\u011flant\u0131lar\u0131 de\u011fi\u015ftirirler (yukar\u0131da belirtildi\u011fi gibi).<\/li>\n<li>Taray\u0131c\u0131n\u0131n ana sayfas\u0131n\u0131 bir reklam ba\u011flant\u0131s\u0131yla de\u011fi\u015ftirirler.<\/li>\n<\/ul>\n<p>Bir eklentinin <a target=\"_blank\" href=\"https:\/\/www.kaspersky.com.tr\/blog\/dangers-of-browser-extensions\/11016\/\" rel=\"noopener\">k\u00f6t\u00fc ama\u00e7l\u0131 i\u015flevselli\u011finin<\/a> eklentiyi geli\u015ftirenlerin ama\u00e7lar\u0131 do\u011frultusunda zaman i\u00e7inde de\u011fi\u015febilece\u011fini unutmay\u0131n. Bu eklentilerin sahipleri de de\u011fi\u015febilir. \u00d6nceden g\u00fcvenli olan bir uzant\u0131da, geli\u015ftiren ki\u015filerin s\u00f6z konusu eklentiyi ba\u015fka birine satmas\u0131yla birlikte k\u00f6t\u00fc ama\u00e7l\u0131 \u00f6zelliklerin ortaya \u00e7\u0131kt\u0131\u011f\u0131 durumlar ya\u015fanm\u0131\u015ft\u0131r.<\/p>\n<p>\u0130kinci sorun, kullan\u0131c\u0131lar\u0131n genellikle taray\u0131c\u0131 uzant\u0131lar\u0131n\u0131n tehlikelerine \u00e7ok az dikkat etmeleridir. Bu uzant\u0131lar\u0131n bir\u00e7o\u011funu y\u00fcklerler ve bu uzant\u0131lara taray\u0131c\u0131daki herhangi bir veriyi okumak ve de\u011fi\u015ftirmek i\u00e7in izin verirler. Peki kullan\u0131c\u0131lar\u0131n ne gibi se\u00e7enekleri var? Do\u011frudan reddederlerse, eklenti \u00e7al\u0131\u015fmaz.<\/p>\n<p>Teorik olarak, bu eklentilerin yerle\u015ftirildi\u011fi ma\u011fazalar\u0131n moderat\u00f6rleri uzant\u0131lar\u0131n g\u00fcvenli\u011fini izlemelidir. Ancak yukar\u0131da eklentilerle ilgili a\u00e7\u0131klad\u0131\u011f\u0131m\u0131z \u00fc\u00e7 numaral\u0131 sorundan da anla\u015f\u0131laca\u011f\u0131 gibi, bunu yapmakta ba\u015far\u0131l\u0131 olamayabilirler. Google\u2019\u0131n resmi Chrome Web Ma\u011fazas\u0131\u2019nda bile d\u00fczinelerce k\u00f6t\u00fc ama\u00e7l\u0131 uzant\u0131 bulundu\u011funu unutmayal\u0131m. Ayr\u0131ca bu uzant\u0131lar, kullan\u0131c\u0131lar\u0131n olumsuz yorumlar\u0131na ra\u011fmen y\u0131llarca orada kalabilirler.<\/p>\n<h2>K\u00f6t\u00fc ama\u00e7l\u0131 bir uzant\u0131 y\u00fcklediyseniz ne yapmal\u0131s\u0131n\u0131z?<\/h2>\n<p>Bir eklentinin bir ma\u011fazada yasaklanmas\u0131n\u0131n, onu y\u00fckleyen t\u00fcm kullan\u0131c\u0131lar\u0131n cihazlar\u0131ndan otomatik olarak kald\u0131r\u0131laca\u011f\u0131 anlam\u0131na gelmedi\u011fini unutmay\u0131n. Bu nedenle, cihaz\u0131n\u0131zda y\u00fckl\u00fc herhangi bir k\u00f6t\u00fc ama\u00e7l\u0131 uzant\u0131 olup olmad\u0131\u011f\u0131n\u0131 kontrol etmekte fayda var. Hemen a\u015fa\u011f\u0131da listelenen eklentileri silin ve gerekirse g\u00fcvenli bir alternatif indirin:<\/p>\n<ul>\n<li>Autoskip for Youtube<\/li>\n<li>Soundboost<\/li>\n<li>Crystal Adblock<\/li>\n<li>Brisk VPN<\/li>\n<li>Clipboard Helper<\/li>\n<li>Maxi Refresher<\/li>\n<li>Quick Translation<\/li>\n<li>Easyview Reader view<\/li>\n<li>PDF Toolbox<\/li>\n<li>Epsilon Ad blocker<\/li>\n<li>Craft Cursors<\/li>\n<li>Alfablocker ad blocker<\/li>\n<li>Zoom Plus<\/li>\n<li>Base Image Downloader<\/li>\n<li>Clickish fun cursors<\/li>\n<li>Cursor-A custom cursor<\/li>\n<li>Amazing Dark Mode<\/li>\n<li>Maximum Color Changer for Youtube<\/li>\n<li>Awesome Auto Refresh<\/li>\n<li>Venus Adblock<\/li>\n<li>Adblock Dragon<\/li>\n<li>Readl Reader mode<\/li>\n<li>Volume Frenzy<\/li>\n<li>Image download center<\/li>\n<li>Font Customizer<\/li>\n<li>Easy Undo Closed Tabs<\/li>\n<li>Screence screen recorder<\/li>\n<li>OneCleaner<\/li>\n<li>Repeat button<\/li>\n<li>Leap Video Downloader<\/li>\n<li>Tap Image Downloader<\/li>\n<li>Qspeed Video Speed Controller<\/li>\n<li>HyperVolume<\/li>\n<li>Light picture-in-picture<\/li>\n<\/ul>\n<p>Bu liste bizzat Vladimir Palant taraf\u0131ndan <a target=\"_blank\" rel=\"nofollow noopener\" href=\"https:\/\/palant.info\/2023\/05\/31\/more-malicious-extensions-in-chrome-web-store\/\">d\u00fczenlendi<\/a>. Ancak Palant, k\u00f6t\u00fc ama\u00e7l\u0131 eklentiler listesinin hala eksik olabilece\u011finin alt\u0131n\u0131 \u00f6nemle \u00e7iziyor. Bu y\u00fczden di\u011fer uzant\u0131lara kar\u015f\u0131 da dikkatli olun.<\/p>\n<h2>K\u00f6t\u00fc ama\u00e7l\u0131 taray\u0131c\u0131 uzant\u0131lar\u0131na kar\u015f\u0131 kendinizi nas\u0131l savunursunuz?<\/h2>\n<p>Bu hikaye, taray\u0131c\u0131 uzant\u0131lar\u0131n\u0131z\u0131 ald\u0131\u011f\u0131n\u0131z ma\u011fazalar\u0131n moderat\u00f6rlerine asla ko\u015fulsuz g\u00fcven duymaman\u0131z gerekti\u011fini g\u00f6steriyor. Kendi \u00f6nlemlerinizi alman\u0131z her zaman ak\u0131ll\u0131ca olacakt\u0131r. Kendinizi k\u00f6t\u00fc ama\u00e7l\u0131 eklentilerden a\u015fa\u011f\u0131daki hususlara dikkat ederek koruyabilirsiniz:<\/p>\n<ul>\n<li>\u00c7ok fazla taray\u0131c\u0131 uzant\u0131s\u0131 y\u00fcklemeyin. Ne kadar az uzant\u0131, o kadar g\u00fcvenli.<\/li>\n<li>Bir uzant\u0131 y\u00fcklemeden \u00f6nce, onunla ilgili yorumlar\u0131 okuyun. Elbette, bu \u00f6nlemler g\u00fcvenlik a\u00e7\u0131s\u0131ndan y\u00fczde y\u00fcz garanti sa\u011flamaz, ancak baz\u0131 durumlarda en az\u0131ndan k\u00f6t\u00fc ama\u00e7l\u0131 bir eklentinin maskesini d\u00fc\u015f\u00fcrmenizi sa\u011flar.<\/li>\n<li>Y\u00fckl\u00fc uzant\u0131lar listenizi zaman zaman g\u00f6zden ge\u00e7irin ve kullanmad\u0131\u011f\u0131n\u0131z\/ger\u00e7ekten ihtiyac\u0131n\u0131z olmayan uzant\u0131lardan kurtulun.<\/li>\n<li>T\u00fcm cihazlar\u0131n\u0131za <a href=\"https:\/\/www.kaspersky.com.tr\/premium?icid=tr_bb2023-kdplacehd_acq_ona_smm__onl_b2c_kdaily_lnk_sm-team___kprem___\" target=\"_blank\" rel=\"noopener\">g\u00fcvenilir korumay\u0131<\/a> y\u00fckleyin.<\/li>\n<\/ul>\n<input type=\"hidden\" class=\"category_for_banner\" value=\"premium-generic\">\n","protected":false},"excerpt":{"rendered":"<p>Google\u2019\u0131n Chrome Web Ma\u011fazas\u0131\u2019ndan yap\u0131lan toplam 87 milyon indirmeye e\u015flik eden onlarca k\u00f6t\u00fc ama\u00e7l\u0131 uzant\u0131 ke\u015ffedildi.<\/p>\n","protected":false},"author":2726,"featured_media":11623,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[1351],"tags":[16,22,1749,537,1750],"class_list":{"0":"post-11622","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-threats","8":"tag-chrome","9":"tag-google","10":"tag-tarayicilar","11":"tag-tehditler","12":"tag-uzantilar"},"hreflang":[{"hreflang":"tr","url":"https:\/\/www.kaspersky.com.tr\/blog\/dangerous-chrome-extensions-87-million\/11622\/"},{"hreflang":"en-in","url":"https:\/\/www.kaspersky.co.in\/blog\/dangerous-chrome-extensions-87-million\/25861\/"},{"hreflang":"en-ae","url":"https:\/\/me-en.kaspersky.com\/blog\/dangerous-chrome-extensions-87-million\/21302\/"},{"hreflang":"ar","url":"https:\/\/me.kaspersky.com\/blog\/dangerous-chrome-extensions-87-million\/10931\/"},{"hreflang":"en-us","url":"https:\/\/usa.kaspersky.com\/blog\/dangerous-chrome-extensions-87-million\/28561\/"},{"hreflang":"en-gb","url":"https:\/\/www.kaspersky.co.uk\/blog\/dangerous-chrome-extensions-87-million\/26168\/"},{"hreflang":"es-mx","url":"https:\/\/latam.kaspersky.com\/blog\/dangerous-chrome-extensions-87-million\/26523\/"},{"hreflang":"es","url":"https:\/\/www.kaspersky.es\/blog\/dangerous-chrome-extensions-87-million\/29008\/"},{"hreflang":"it","url":"https:\/\/www.kaspersky.it\/blog\/dangerous-chrome-extensions-87-million\/27906\/"},{"hreflang":"ru","url":"https:\/\/www.kaspersky.ru\/blog\/dangerous-chrome-extensions-87-million\/35676\/"},{"hreflang":"x-default","url":"https:\/\/www.kaspersky.com\/blog\/dangerous-chrome-extensions-87-million\/48562\/"},{"hreflang":"fr","url":"https:\/\/www.kaspersky.fr\/blog\/dangerous-chrome-extensions-87-million\/20839\/"},{"hreflang":"pt-br","url":"https:\/\/www.kaspersky.com.br\/blog\/dangerous-chrome-extensions-87-million\/21534\/"},{"hreflang":"de","url":"https:\/\/www.kaspersky.de\/blog\/dangerous-chrome-extensions-87-million\/30351\/"},{"hreflang":"ja","url":"https:\/\/blog.kaspersky.co.jp\/dangerous-chrome-extensions-87-million\/34234\/"},{"hreflang":"ru-kz","url":"https:\/\/blog.kaspersky.kz\/dangerous-chrome-extensions-87-million\/26477\/"},{"hreflang":"en-au","url":"https:\/\/www.kaspersky.com.au\/blog\/dangerous-chrome-extensions-87-million\/32170\/"},{"hreflang":"en-za","url":"https:\/\/www.kaspersky.co.za\/blog\/dangerous-chrome-extensions-87-million\/31854\/"}],"acf":[],"banners":"","maintag":{"url":"https:\/\/www.kaspersky.com.tr\/blog\/tag\/chrome\/","name":"Chrome"},"_links":{"self":[{"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/posts\/11622","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/users\/2726"}],"replies":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/comments?post=11622"}],"version-history":[{"count":3,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/posts\/11622\/revisions"}],"predecessor-version":[{"id":11626,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/posts\/11622\/revisions\/11626"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/media\/11623"}],"wp:attachment":[{"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/media?parent=11622"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/categories?post=11622"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/tags?post=11622"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}