{"id":2221,"date":"2016-06-27T03:55:00","date_gmt":"2016-06-27T07:55:00","guid":{"rendered":"https:\/\/www.kaspersky.com.tr\/blog\/?p=2221"},"modified":"2019-11-15T15:00:08","modified_gmt":"2019-11-15T12:00:08","slug":"ransomware-blocker-to-cryptor","status":"publish","type":"post","link":"https:\/\/www.kaspersky.com.tr\/blog\/ransomware-blocker-to-cryptor\/2221\/","title":{"rendered":"Olaylar ve rakamlarla fidye yaz\u0131l\u0131m\u0131n\u0131n tarihi ve evrimi"},"content":{"rendered":"<p>Fidye yaz\u0131l\u0131mlar\u0131 son d\u00f6nemlerde herkesin g\u00fcndeminde. Yeni bir tehdit \u00e7\u0131kmas\u0131 durumunda unutulacak s\u0131radan bir yaz\u0131l\u0131m m\u0131 bu? Maalesef, di\u011ferlerinden farkl\u0131 olarak: evrensel boyutlarda kontrolden \u00e7\u0131kmak \u00fczere olan bu zararl\u0131 yaz\u0131l\u0131m, yak\u0131n bir zamanda yok olacak bir konu de\u011fil. Sizi korkutmaya \u00e7al\u0131\u015fm\u0131yoruz \u2013 yani evet, asl\u0131nda biraz \u00e7al\u0131\u015f\u0131yoruz ama laf olsun diye de\u011fil.  <a href=\"https:\/\/www.kaspersky.com\/blog\/kaspersky-security-network-explained\/8657\/\" target=\"_blank\" rel=\"noopener noreferrer nofollow\">Kaspersky Security Network<\/a>\u2018\u00fcn toplad\u0131\u011f\u0131 istatistiklere bir g\u00f6z at\u0131n, g\u00f6receksiniz \u2013 ger\u00e7ekten ciddi bir tehdit ile kar\u015f\u0131 kar\u015f\u0131yay\u0131z. <\/p>\n<p><strong>\u0130lk dalga: engelleyiciler <\/strong><br>\nFidye yaz\u0131l\u0131mlar\u0131n\u0131n tarihi iki par\u00e7aya ayr\u0131labilir: \u015fifreleme \u00f6ncesi ve sonras\u0131. Engelleyiciler modern dosya \u015fifreleyicilerin atalar\u0131 konumundad\u0131r. Bu zararl\u0131 yaz\u0131l\u0131m, kullan\u0131c\u0131n\u0131n fidye \u00f6deyene kadar i\u015fletim sistemine ya da taray\u0131c\u0131s\u0131na eri\u015fimini engeller. \u00d6deme i\u015flemi genellikle k\u0131sa koda g\u00f6nderilen SMS ile ya da e-c\u00fczdana para transferi yapman\u0131z\u0131 istiyorlard\u0131.<\/p>\n<p> Bu zararl\u0131 yaz\u0131l\u0131m olduk\u00e7a karl\u0131yd\u0131 \u2013 ve siber su\u00e7lular bunu s\u0131kl\u0131kla kullan\u0131yordu. Do\u011fal olarak, g\u00fcvenlik uzmanlar\u0131 ve kolluk kuvvetleri problemi \u00e7abuk\u00e7a \u00e7\u00f6zd\u00fc. <\/p>\n<p>Siber su\u00e7lular\u0131n bu ekmek kap\u0131s\u0131n\u0131n \u00f6deme k\u0131sm\u0131na \u00e7ok keskin bir \u00e7\u00f6z\u00fcm buldular. Elektronik \u00f6deme d\u00fczenleyici kurallar\u0131n\u0131n de\u011fi\u015fmesiyle beraber, bu siber su\u00e7 bir anda daha az kazan\u00e7l\u0131 ve daha \u00e7ok riskli olmaya ba\u015flad\u0131. Ka\u00e7\u0131n\u0131lmaz olarak da bir\u00e7ok su\u00e7lu yakaland\u0131. <\/p>\n<blockquote class=\"twitter-tweet\" data-width=\"500\" data-dnt=\"true\">\n<p lang=\"en\" dir=\"ltr\"><a href=\"https:\/\/twitter.com\/hashtag\/Tip?src=hash&amp;ref_src=twsrc%5Etfw\" target=\"_blank\" rel=\"noopener nofollow\">#Tip<\/a> of the week: Fighting screen lockers with <a href=\"https:\/\/twitter.com\/kaspersky?ref_src=twsrc%5Etfw\" target=\"_blank\" rel=\"noopener nofollow\">@kaspersky<\/a> products <a href=\"https:\/\/t.co\/SAS4x4ve9o\" target=\"_blank\" rel=\"noopener nofollow\">https:\/\/t.co\/SAS4x4ve9o<\/a> <a href=\"https:\/\/t.co\/11SGH4e8nR\" target=\"_blank\" rel=\"noopener nofollow\">pic.twitter.com\/11SGH4e8nR<\/a><\/p>\n<p>\u2014 Kaspersky (@kaspersky) <a href=\"https:\/\/twitter.com\/kaspersky\/status\/738735944132636673?ref_src=twsrc%5Etfw\" target=\"_blank\" rel=\"noopener nofollow\">June 3, 2016<\/a><\/p><\/blockquote>\n<p><script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><br>\n<strong>\u0130kinci dalga: dosya \u015fifreleyiciler<\/strong><br>\nBirka\u00e7 y\u0131l \u00f6nce, her \u015fey de\u011fi\u015fti. Bitcoin\u2019in kullan\u0131m\u0131 d\u00fcnya \u00e7evresinde artt\u0131k\u00e7a pop\u00fclaritesi de siber su\u00e7lular aras\u0131nda artt\u0131. \u0130sminden de anla\u015f\u0131laca\u011f\u0131 gibi, cryptocurrency birimi ayn\u0131 zamanda dijital varl\u0131kt\u0131r. Takip edilmesi ya da d\u00fczenlenmesi imkans\u0131z bir \u00f6deme sistemidir. Haliyle siber su\u00e7lular bunu tercih ediyorlar. Buna ek olarak yeni bir g\u00f6r\u00fc\u015f benimsediler: kullan\u0131c\u0131n\u0131n taray\u0131c\u0131ya ya da i\u015fletim sistemine eri\u015fimi \u015fifrelemek yerine, sabit diskteki dosyalar\u0131 \u015fifrelemeye ba\u015flad\u0131lar. <\/p>\n<p>Neden \u015fifreleme bu denli etkili? Ki\u015fisel dosyalar e\u015fsizdir, yani bir kullan\u0131c\u0131 dosyas\u0131n\u0131 format atarak kurtaramazs\u0131n\u0131z. E\u011fer \u015fifreleyen sistem g\u00fc\u00e7l\u00fcyse, kullan\u0131c\u0131lar dosyalar\u0131n\u0131 geri alamazlar ve \u015fifrelerini kendileri \u00e7\u00f6zemezler. Bu sebeple de siber su\u00e7lular\u0131n bireysel kullan\u0131c\u0131lardan y\u00fczlerce, \u015firketlerden ve kurulu\u015flardan binlerce dolar talep edebiliyor.<\/p>\n<p>Bir s\u00fcre i\u00e7in, ilk nesil dosya \u015fifreleyiciler, engelleyiciler kadar yayg\u0131n de\u011fildi. Bu y\u00fczden siber su\u00e7lular\u0131n yeni zararl\u0131 yaz\u0131l\u0131ma ge\u00e7meleri uzun s\u00fcrmedi. 2015\u2019in sonunda fidye yaz\u0131l\u0131m\u0131 sald\u0131r\u0131lar\u0131 \u00e7\u0131\u011f gibi b\u00fcy\u00fcd\u00fc.<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/media.kasperskydaily.com\/wp-content\/uploads\/sites\/91\/2016\/06\/06014122\/01.png\" alt=\"01\" width=\"2199\" height=\"969\" class=\"alignnone size-full wp-image-2223\"><\/p>\n<p>Kaspersky Security Network verilerine g\u00f6re yapt\u0131\u011f\u0131m\u0131z analizlerde, bir y\u0131lda yap\u0131lan sald\u0131r\u0131lar<strong> be\u015f kattan daha fazla <\/strong>artm\u0131\u015f durumda: 2014 \u2013 2015 aras\u0131nda etkilenen kullan\u0131c\u0131 say\u0131s\u0131 131,111\u2019ken, 2015-2016 aras\u0131nda bu rakam 718,536 oldu.<\/p>\n<p><strong>D\u00fcnya genelinde sald\u0131r\u0131lar ve fidye yaz\u0131l\u0131mlar\u0131n\u0131n t\u00fcrleri<\/strong><br>\nFidye yaz\u0131l\u0131mlar\u0131ndan en etkilenen 10 \u00fclke Hindistan, Rusya, Kazakistan, \u0130talya, Almanya, Vietnam, Cezayir, Brazilya, Ukrayna ve Amerika Birle\u015fik Devletleri. Fakat Hindistan, Cezayir, Rusya, Vietnam, Kazakistan, Ukrayna ve Brezilya daha \u00e7ok engelleyicinin basit bir versiyonu ile y\u00fczle\u015fiyor. Amerika bu kadar \u015fansl\u0131 de\u011fil, fidye yaz\u0131l\u0131mlar\u0131nda zarar g\u00f6rm\u00fc\u015flerin %40\u2019\u0131 tehlikeli dosya \u015fifreleme taraf\u0131ndan etkilenmi\u015f. \u0130talya ve Almanya\u2019da durup daha k\u00f6t\u00fc: bu \u00fclkelerde \u2018fidye yaz\u0131l\u0131m\u0131\u2019 ile \u2018dosya engelleme\u2019 ayn\u0131 anlama geliyor.<\/p>\n<p>2015 \u2013 2016 aras\u0131nda, en aktif Trojanlar: <a href=\"https:\/\/www.kaspersky.com\/blog\/teslacrypt-strikes-again\/10860\/\" target=\"_blank\" rel=\"noopener noreferrer nofollow\">TeslaCrypt<\/a> (Neredeyse sald\u0131r\u0131lar\u0131n yar\u0131s\u0131, fakat bizim bunun i\u00e7in <a href=\"https:\/\/support.kaspersky.com\/viruses\/disinfection\/10556?_ga=1.213978197.312917906.1457175256\" target=\"_blank\" rel=\"noopener noreferrer\">\u00e7\u00f6z\u00fcc\u00fcm\u00fcz<\/a> var), <a href=\"https:\/\/www.kaspersky.com\/blog\/ctb-locker-strikes-web-servers\/11593\/\" target=\"_blank\" rel=\"noopener noreferrer nofollow\">CTB-Locker<\/a>, Scatter ve <a href=\"https:\/\/securelist.com\/analysis\/kaspersky-security-bulletin\/73038\/kaspersky-security-bulletin-2015-overall-statistics-for-2015\/\" target=\"_blank\" rel=\"noopener noreferrer\">Cryakl<\/a> (Ayn\u0131 zamanda bunu da <a href=\"https:\/\/noransom.kaspersky.com\/?_ga=1.183788900.312917906.1457175256\" target=\"_blank\" rel=\"noopener noreferrer\">\u00e7\u00f6zebiliyoruz<\/a>). B\u00fct\u00fcn sald\u0131r\u0131lar\u0131n %80\u2019i bu d\u00f6rt t\u00fcr taraf\u0131ndan yap\u0131ld\u0131.<br>\n<img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/media.kasperskydaily.com\/wp-content\/uploads\/sites\/91\/2016\/06\/06014120\/04-1.png\" alt=\"04-1\" width=\"1028\" height=\"815\" class=\"alignnone size-full wp-image-2224\"><\/p>\n<p>\u015eunu da belirtelim: Ba\u015flang\u0131\u00e7ta, fidye vir\u00fcsleri \u00e7o\u011funlukla ev kullan\u0131c\u0131lar\u0131n\u0131 hedef al\u0131yordu. \u201dDosya \u015fifreleme\u201dye geli\u015ftirildi\u011finde, \u015firketler de hedef al\u0131nmaya ba\u015fland\u0131: <strong>Yani fidye yaz\u0131l\u0131m arac\u0131l\u0131\u011f\u0131yla sald\u0131r\u0131ya u\u011frayan kullan\u0131c\u0131lar\u0131n say\u0131s\u0131 2014-2015\u2019te oldu\u011funun 2015-2016\u2019da iki kat\u0131ndan fazlas\u0131na (%6.8\u2019den %13.3\u2019e) \u00e7\u0131kt\u0131.<\/strong><br>\n<img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/media.kasperskydaily.com\/wp-content\/uploads\/sites\/91\/2016\/06\/06014119\/07.png\" alt=\"07\" width=\"1602\" height=\"687\" class=\"alignnone size-full wp-image-2225\"><\/p>\n<p>Fidye yaz\u0131l\u0131mlar\u0131n\u0131n 2014\u2019ten 2016\u2019ya evrimini securelist.com\u2019da daha detayl\u0131 okumak i\u00e7in <a href=\"https:\/\/securelist.com\/analysis\/publications\/75145\/pc-ransomware-in-2014-2016\/\" target=\"_blank\" rel=\"noopener noreferrer\">t\u0131klay\u0131n<\/a>.<\/p>\n<p><strong>Nas\u0131l korunabilirim?<\/strong><br>\n1. D\u00fczenli yedekler al\u0131n.<\/p>\n<p>2. G\u00fcvenilir g\u00fcvenlik \u00e7\u00f6z\u00fcm\u00fc kullan\u0131n. Mesela <a href=\"https:\/\/kas.pr\/kdkistr\" target=\"_blank\" rel=\"noopener noreferrer\">Kaspersky Internet Security<\/a> ki bizim en \u00f6nemli <a href=\"https:\/\/kas.pr\/kdktstr\" target=\"_blank\" rel=\"noopener noreferrer\">\u00fcr\u00fcnlerimizden<\/a> biridir, bilinen b\u00fct\u00fcn fidye yaz\u0131l\u0131m t\u00fcrlerini ke\u015ffediyor ve engelliyor. Ayn\u0131 zamanda \u00fcr\u00fcnde bulunan g\u00f6m\u00fcl\u00fc <a href=\"https:\/\/www.kaspersky.com\/blog\/ransomware-protection-video\/8765\/\" target=\"_blank\" rel=\"noopener noreferrer nofollow\">mod\u00fcl<\/a> sayesinde en yeni ve hen\u00fcz ke\u015ffedilmemi\u015f dosya \u015fifrelemelerden de koruyor. <\/p>\n<p>3. Yaz\u0131l\u0131m\u0131n\u0131z\u0131 d\u00fczenli olarak g\u00fcncelleyin: G\u00fcncellemeler yaz\u0131l\u0131m\u0131n zay\u0131fl\u0131klar\u0131n\u0131 g\u00fc\u00e7lendirir. Daha az hata demek, bilgisayar\u0131n\u0131z\u0131n korumas\u0131n\u0131n artmas\u0131 demektir. <\/p>\n<p>4. Kaspersky Daily ve <a href=\"https:\/\/threatpost.com\/\" target=\"_blank\" rel=\"noopener noreferrer nofollow\">threatpost.com<\/a>\u2018daki siber g\u00fcvenlik haberlerini takip edin \u2013 g\u00fcncel olaylar\u0131 ka\u00e7\u0131rmay\u0131n. \u00c7evrenizdekilere \u00f6\u011frendi\u011finiz tehditler ve korunma yollar\u0131n\u0131 anlatmay\u0131 unutmay\u0131n.<\/p>\n<p>5. E\u011fer fidye yaz\u0131l\u0131m\u0131ndan zarar g\u00f6rd\u00fcyseniz, a\u00e7t\u0131rma y\u00f6ntemlerini denemeden para \u00f6demeyin. E\u011fer bir engelleyici ile kar\u015f\u0131 kar\u015f\u0131yaysan\u0131z, \u00fccretsiz <a href=\"https:\/\/www.kaspersky.com\/blog\/kaspersky-windowsunlocker-2\/12275\/\" target=\"_blank\" rel=\"noopener noreferrer nofollow\">WindowsUnlocker<\/a> arac\u0131m\u0131z\u0131 deneyin. E\u011fer fidye yaz\u0131l\u0131m\u0131 ile kar\u015f\u0131 kar\u015f\u0131yaysan\u0131z <a href=\"https:\/\/noransom.kaspersky.com\/?_ga=1.213559510.312917906.1457175256\" target=\"_blank\" rel=\"noopener noreferrer\">\u015furay\u0131<\/a> ziyaret ederek \u00e7\u00f6z\u00fcm\u00fc olup olmad\u0131\u011f\u0131n\u0131 kontrol edin. <\/p>\n","protected":false},"excerpt":{"rendered":"<p>Fidye yaz\u0131l\u0131mlar\u0131 son d\u00f6nemlerde herkesin g\u00fcndeminde. Yeni bir tehdit \u00e7\u0131kmas\u0131 durumunda unutulacak s\u0131radan bir yaz\u0131l\u0131m m\u0131 bu? Maalesef, di\u011ferlerinden farkl\u0131 olarak: evrensel boyutlarda kontrolden \u00e7\u0131kmak \u00fczere olan bu zararl\u0131 yaz\u0131l\u0131m,<\/p>\n","protected":false},"author":421,"featured_media":2222,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[1351],"tags":[886,885,888,591,887,537,889,553],"class_list":{"0":"post-2221","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-threats","8":"tag-dosya-sifreleme","9":"tag-engelleyiciler","10":"tag-fidye","11":"tag-fidye-yazilimi","12":"tag-kaspersky-windows-unlocker","13":"tag-tehditler","14":"tag-trojanlar","15":"tag-zararli-yazilim-2"},"hreflang":[{"hreflang":"tr","url":"https:\/\/www.kaspersky.com.tr\/blog\/ransomware-blocker-to-cryptor\/2221\/"},{"hreflang":"en-ae","url":"https:\/\/me-en.kaspersky.com\/blog\/ransomware-blocker-to-cryptor\/5504\/"},{"hreflang":"en-us","url":"https:\/\/usa.kaspersky.com\/blog\/ransomware-blocker-to-cryptor\/7327\/"},{"hreflang":"en-gb","url":"https:\/\/www.kaspersky.co.uk\/blog\/ransomware-blocker-to-cryptor\/7353\/"},{"hreflang":"es-mx","url":"https:\/\/latam.kaspersky.com\/blog\/ransomware-blocker-to-cryptor\/7295\/"},{"hreflang":"es","url":"https:\/\/www.kaspersky.es\/blog\/ransomware-blocker-to-cryptor\/8526\/"},{"hreflang":"it","url":"https:\/\/www.kaspersky.it\/blog\/ransomware-blocker-to-cryptor\/8444\/"},{"hreflang":"ru","url":"https:\/\/www.kaspersky.ru\/blog\/ransomware-blocker-to-cryptor\/12301\/"},{"hreflang":"x-default","url":"https:\/\/www.kaspersky.com\/blog\/ransomware-blocker-to-cryptor\/12435\/"},{"hreflang":"fr","url":"https:\/\/www.kaspersky.fr\/blog\/ransomware-blocker-to-cryptor\/5777\/"},{"hreflang":"pt-br","url":"https:\/\/www.kaspersky.com.br\/blog\/ransomware-blocker-to-cryptor\/6438\/"},{"hreflang":"de","url":"https:\/\/www.kaspersky.de\/blog\/ransomware-blocker-to-cryptor\/8031\/"},{"hreflang":"ja","url":"https:\/\/blog.kaspersky.co.jp\/ransomware-blocker-to-cryptor\/11817\/"},{"hreflang":"ru-kz","url":"https:\/\/blog.kaspersky.kz\/ransomware-blocker-to-cryptor\/12301\/"},{"hreflang":"en-au","url":"https:\/\/www.kaspersky.com.au\/blog\/ransomware-blocker-to-cryptor\/12435\/"},{"hreflang":"en-za","url":"https:\/\/www.kaspersky.co.za\/blog\/ransomware-blocker-to-cryptor\/12435\/"}],"acf":[],"banners":"","maintag":{"url":"https:\/\/www.kaspersky.com.tr\/blog\/tag\/dosya-sifreleme\/","name":"dosya \u015fifreleme"},"_links":{"self":[{"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/posts\/2221","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/users\/421"}],"replies":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/comments?post=2221"}],"version-history":[{"count":2,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/posts\/2221\/revisions"}],"predecessor-version":[{"id":7180,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/posts\/2221\/revisions\/7180"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/media\/2222"}],"wp:attachment":[{"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/media?parent=2221"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/categories?post=2221"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/tags?post=2221"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}