{"id":2632,"date":"2016-11-14T01:47:01","date_gmt":"2016-11-14T06:47:01","guid":{"rendered":"https:\/\/www.kaspersky.com.tr\/blog\/?p=2632"},"modified":"2017-09-21T14:43:29","modified_gmt":"2017-09-21T11:43:29","slug":"advertising-svpeng","status":"publish","type":"post","link":"https:\/\/www.kaspersky.com.tr\/blog\/advertising-svpeng\/2632\/","title":{"rendered":"Yeni Google Ads Trojan\u0131"},"content":{"rendered":"<p>Zararl\u0131 olabilecek sitelere girmiyorsan bilgisayar\u0131na zararl\u0131 yaz\u0131l\u0131m girmez \u2013 de\u011fil mi? Hay\u0131r, de\u011fil. Maalesef, \u015f\u00fcphelendi\u011fin mailleri a\u00e7masan, hi\u00e7bir porno siteye girmesen ve resmi olmayan hi\u00e7bir kaynaktan uygulama y\u00fcklemesen bile yeteri kadar korunamazs\u0131n.<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/media.kasperskydaily.com\/wp-content\/uploads\/sites\/91\/2016\/11\/06013641\/svpeng-ads-featured-1.jpg\" alt=\"svpeng-ads-featured-1\" width=\"1280\" height=\"840\" class=\"alignnone size-full wp-image-2634\"><\/p>\n<p>Yeni olaylar zararl\u0131 yaz\u0131l\u0131mlar\u0131n herhangi resmi bir sitede de bulunabilece\u011fini g\u00f6sterdi. <a href=\"https:\/\/securelist.com\/blog\/research\/76286\/disassembling-a-mobile-trojan-attack\/\" target=\"_blank\" rel=\"noopener\">378,000 Android kullan\u0131c\u0131s\u0131<\/a>n\u0131n cihazlar\u0131na Google AdSense\u2019den bula\u015fan Svenpeng.q isimli mobil bankac\u0131l\u0131k trojan\u0131 tespit edildi. <\/p>\n<p><a href=\"https:\/\/tr.wikipedia.org\/wiki\/AdSense\" target=\"_blank\" rel=\"noopener nofollow\">Google AdSense<\/a> d\u00fcnyadaki en b\u00fcy\u00fck reklam a\u011f\u0131rd\u0131r. Bir\u00e7ok siber su\u00e7lu bu a\u011fa s\u0131z\u0131p zararl\u0131 yaz\u0131l\u0131mlar\u0131 da\u011f\u0131tman\u0131n hayalini kurar. Ama g\u00f6r\u00fcnen o ki Svpeng.q yaz\u0131l\u0131m\u0131n\u0131n yarat\u0131c\u0131lar\u0131 bunu ba\u015farm\u0131\u015f. <\/p>\n<p>Su\u00e7lular taraf\u0131ndan g\u00f6nderilen reklamda gizlenen bir kod arac\u0131l\u0131\u011f\u0131yla otomatik olarak Svpeng.q kurulum paketi indiriliyor. Google Chrome genellikle potansiyel tehdit i\u00e7eren i\u00e7erikler indirildi\u011finde kullan\u0131c\u0131lar\u0131 uyar\u0131yor, bu sebeple su\u00e7lular \u00f6zel bir fonksiyon kullanarak cihazlar\u0131n Trojan\u0131 sessizce indirmesini sa\u011flad\u0131lar. <\/p>\n<p>Bu script sadece dokunmatik cihazlar\u0131n Chrome taray\u0131c\u0131lar\u0131nda \u00e7al\u0131\u015fmas\u0131 i\u00e7in ayarlanm\u0131\u015ft\u0131. B\u00f6ylelikle su\u00e7lular Android i\u00e7in yazd\u0131klar\u0131 Svpeng.q vir\u00fcs\u00fcn\u00fc sadece tablet ve ak\u0131ll\u0131 telefon sahiplerine bula\u015ft\u0131rmay\u0131 hedeflediler. <\/p>\n<blockquote class=\"twitter-tweet\" data-width=\"500\" data-dnt=\"true\">\n<p lang=\"en\" dir=\"ltr\">Disassembling a <a href=\"https:\/\/twitter.com\/hashtag\/mobile?src=hash&amp;ref_src=twsrc%5Etfw\" target=\"_blank\" rel=\"noopener nofollow\">#mobile<\/a> <a href=\"https:\/\/twitter.com\/hashtag\/banking?src=hash&amp;ref_src=twsrc%5Etfw\" target=\"_blank\" rel=\"noopener nofollow\">#banking<\/a> <a href=\"https:\/\/twitter.com\/hashtag\/Trojan?src=hash&amp;ref_src=twsrc%5Etfw\" target=\"_blank\" rel=\"noopener nofollow\">#Trojan<\/a> attack \u2013 <a href=\"https:\/\/t.co\/plcDumMXlu\" target=\"_blank\" rel=\"noopener nofollow\">https:\/\/t.co\/plcDumMXlu<\/a> <a href=\"https:\/\/twitter.com\/hashtag\/infosec?src=hash&amp;ref_src=twsrc%5Etfw\" target=\"_blank\" rel=\"noopener nofollow\">#infosec<\/a> <a href=\"https:\/\/t.co\/BCgAiGSp22\" target=\"_blank\" rel=\"noopener nofollow\">pic.twitter.com\/BCgAiGSp22<\/a><\/p>\n<p>\u2014 Kaspersky (@kaspersky) <a href=\"https:\/\/twitter.com\/kaspersky\/status\/795666479471587328?ref_src=twsrc%5Etfw\" target=\"_blank\" rel=\"noopener nofollow\">November 7, 2016<\/a><\/p><\/blockquote>\n<p><script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<p>Svpeng.q hakk\u0131nda detayl\u0131 bilgiyi Securelist\u2019ten alabilirsiniz. Uzun hikayesinin k\u0131sas\u0131, s\u0131radan bankac\u0131l\u0131k Trojan\u0131ndan ba\u015fka bir \u015fey olmayan bu vir\u00fcs\u00fcn temel arac\u0131; bankac\u0131l\u0131k uygulamas\u0131n\u0131n aray\u00fcz\u00fcn\u00fc taklit ederek kredi kart\u0131 bilgilerini siber su\u00e7lulara g\u00f6ndermek. Su\u00e7lular da bu verilerle kullan\u0131c\u0131lar\u0131n paralar\u0131n\u0131 \u00e7al\u0131yor. <\/p>\n<p>Bulgular\u0131m\u0131z\u0131 Google ile payla\u015ft\u0131k ve geli\u015ftiricile Chrome\u2019da kullan\u0131c\u0131lara g\u00fcvenlik bildirimi sa\u011flayan \u00f6zelli\u011fin g\u00fcvenlik a\u00e7\u0131\u011f\u0131n\u0131 onard\u0131lar. <\/p>\n<p>\u015eunu da belirtmekte fayda var, e\u011fer bir \u015fekilde cihaz\u0131n\u0131za Svpeng.q inerse direkt olarak zarar g\u00f6rmezsiniz. Bu zararl\u0131 yaz\u0131l\u0131m\u0131 kurman\u0131z laz\u0131m, bu sebeple bu zararl\u0131 yaz\u0131l\u0131m sizi kand\u0131rmaya \u00e7al\u0131\u015f\u0131yor: \u00d6rne\u011fin bu zararl\u0131 yaz\u0131l\u0131m\u0131n kurulum dosyas\u0131n\u0131n ismi Android_guncelleme_6.apk ya da Instagram.apk olabiliyor. G\u00f6r\u00fcnen o ki bu taktik gayet iyi \u015fekilde i\u015fe yaram\u0131\u015f.<\/p>\n<blockquote class=\"twitter-tweet\" data-width=\"500\" data-dnt=\"true\">\n<p lang=\"en\" dir=\"ltr\"><a href=\"https:\/\/twitter.com\/hashtag\/Malvertising?src=hash&amp;ref_src=twsrc%5Etfw\" target=\"_blank\" rel=\"noopener nofollow\">#Malvertising<\/a> is an ambiguous term referring to malicious online ads, fraudulent &amp; legal alike. Learn more! <a href=\"http:\/\/t.co\/atD0f6ygtJ\" target=\"_blank\" rel=\"noopener nofollow\">http:\/\/t.co\/atD0f6ygtJ<\/a><\/p>\n<p>\u2014 Kaspersky (@kaspersky) <a href=\"https:\/\/twitter.com\/kaspersky\/status\/507906133533929472?ref_src=twsrc%5Etfw\" target=\"_blank\" rel=\"noopener nofollow\">September 5, 2014<\/a><\/p><\/blockquote>\n<p><script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><br>\n<strong><br>\nReklamlara saklanan Trojanlardan kendinizi nas\u0131l koruyabilirsiniz <\/strong><br>\nEn g\u00fcvenilir siteler bile sizi hi\u00e7 beklenmedik risklere sokabilir. Kendinizi korumak i\u00e7in \u015fu maddeleri uygulay\u0131n. <\/p>\n<p>1.Cihaz\u0131n\u0131za nas\u0131l girdi\u011finde emin olmad\u0131\u011f\u0131n\u0131z hi\u00e7bir dosyay\u0131 a\u00e7may\u0131n. \u0130sminin android_guncelleme.apk olmas\u0131 ger\u00e7ekten g\u00fcncelleme oldu\u011fu anlam\u0131na gelmez. Ayarlar, Cihaz Bilgileri men\u00fcs\u00fcnden g\u00fcncelleme olup olmad\u0131\u011f\u0131n\u0131 kontol edebilirsiniz. <\/p>\n<p>2. \u00dc\u00e7\u00fcnc\u00fc parti uygulamalar\u0131n cihaz\u0131n\u0131zda \u00e7al\u0131\u015fmas\u0131na izin vermeyin. Her Android cihazda bu ayar vard\u0131r. Bu \u015fekilde, yanl\u0131\u015fl\u0131kla g\u00fcncelleme gibi g\u00f6z\u00fcken vir\u00fcs\u00fc y\u00fcklemeye \u00e7al\u0131\u015fsan\u0131z bile sistem izin vermez. <\/p>\n<p>3. Ger\u00e7ek g\u00fcncellemeleri m\u00fcmk\u00fcn oldu\u011funda \u00e7abuk yap\u0131n. Ek olarak, cihaz\u0131n\u0131zdaki Google Chrome\u2019u da m\u00fcmk\u00fcn oldu\u011funda g\u00fcncelleyin. K\u0131sa zaman\u0131n\u0131z\u0131 alacak g\u00fcncelleme zaman\u0131n\u0131z\u0131, huzurunuzu hatta paran\u0131z\u0131 koruyabilir. <\/p>\n<p>4. T\u00fcm cihazlar\u0131n\u0131zda anti vir\u00fcs \u00e7\u00f6z\u00fcm\u00fc kullan\u0131n. Bunun gibi durumlarda ger\u00e7ek zamanl\u0131 koruma sa\u011flayan anti vir\u00fcs \u00e7\u00f6z\u00fcmleri kullan\u0131c\u0131y\u0131 koruyabilir \u2013 b\u00f6ylelikle g\u00fcvende kalmak i\u00e7in s\u00fcrekli tarama yapman\u0131z gerekmez. Svpeng pop\u00fcler anti vir\u00fcsleri nas\u0131l \u201cdurduraca\u011f\u0131n\u0131\u201d gayet iyi biliyor, yani normal taramalar i\u015fe yaramaz. Di\u011ferlerinin aksine <a href=\"http:\/\/kas.pr\/kdkisatr\" target=\"_blank\" rel=\"noopener\">Kaspersky Antivirus &amp; Security for Android<\/a> \u00fcr\u00fcn\u00fcm\u00fcz Svpeng vir\u00fcs\u00fcn\u00fc Trojan.Banker.Androidos.Svpeng.Q olarak tan\u0131yor ve an\u0131nda engelliyor. <\/p>\n","protected":false},"excerpt":{"rendered":"<p>Zararl\u0131 olabilecek sitelere girmiyorsan bilgisayar\u0131na zararl\u0131 yaz\u0131l\u0131m girmez \u2013 de\u011fil mi? Hay\u0131r, de\u011fil. Maalesef, \u015f\u00fcphelendi\u011fin mailleri a\u00e7masan, hi\u00e7bir porno siteye girmesen ve resmi olmayan hi\u00e7bir kaynaktan uygulama y\u00fcklemesen bile yeteri<\/p>\n","protected":false},"author":696,"featured_media":2633,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[1351],"tags":[1045,791,897,537],"class_list":{"0":"post-2632","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-threats","8":"tag-bankacilik-trojani","9":"tag-reklam","10":"tag-svpeng","11":"tag-tehditler"},"hreflang":[{"hreflang":"tr","url":"https:\/\/www.kaspersky.com.tr\/blog\/advertising-svpeng\/2632\/"},{"hreflang":"en-ae","url":"https:\/\/me-en.kaspersky.com\/blog\/advertising-svpeng\/5692\/"},{"hreflang":"ar","url":"https:\/\/me.kaspersky.com\/blog\/advertising-svpeng\/3991\/"},{"hreflang":"en-us","url":"https:\/\/usa.kaspersky.com\/blog\/advertising-svpeng\/7992\/"},{"hreflang":"en-gb","url":"https:\/\/www.kaspersky.co.uk\/blog\/advertising-svpeng\/7952\/"},{"hreflang":"es-mx","url":"https:\/\/latam.kaspersky.com\/blog\/advertising-svpeng\/7936\/"},{"hreflang":"es","url":"https:\/\/www.kaspersky.es\/blog\/advertising-svpeng\/9511\/"},{"hreflang":"it","url":"https:\/\/www.kaspersky.it\/blog\/advertising-svpeng\/9307\/"},{"hreflang":"ru","url":"https:\/\/www.kaspersky.ru\/blog\/advertising-svpeng\/13572\/"},{"hreflang":"x-default","url":"https:\/\/www.kaspersky.com\/blog\/advertising-svpeng\/13423\/"},{"hreflang":"fr","url":"https:\/\/www.kaspersky.fr\/blog\/advertising-svpeng\/6303\/"},{"hreflang":"pl","url":"https:\/\/plblog.kaspersky.com\/advertising-svpeng\/5652\/"},{"hreflang":"de","url":"https:\/\/www.kaspersky.de\/blog\/advertising-svpeng\/9197\/"},{"hreflang":"ja","url":"https:\/\/blog.kaspersky.co.jp\/advertising-svpeng\/13230\/"},{"hreflang":"ru-kz","url":"https:\/\/blog.kaspersky.kz\/advertising-svpeng\/13572\/"},{"hreflang":"en-au","url":"https:\/\/www.kaspersky.com.au\/blog\/advertising-svpeng\/13423\/"},{"hreflang":"en-za","url":"https:\/\/www.kaspersky.co.za\/blog\/advertising-svpeng\/13423\/"}],"acf":[],"banners":"","maintag":{"url":"https:\/\/www.kaspersky.com.tr\/blog\/tag\/tehditler\/","name":"tehditler"},"_links":{"self":[{"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/posts\/2632","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/users\/696"}],"replies":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/comments?post=2632"}],"version-history":[{"count":1,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/posts\/2632\/revisions"}],"predecessor-version":[{"id":3988,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/posts\/2632\/revisions\/3988"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/media\/2633"}],"wp:attachment":[{"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/media?parent=2632"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/categories?post=2632"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/tags?post=2632"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}