{"id":2791,"date":"2016-12-21T03:09:00","date_gmt":"2016-12-21T08:09:00","guid":{"rendered":"https:\/\/www.kaspersky.com.tr\/blog\/?p=2791"},"modified":"2017-09-21T14:43:26","modified_gmt":"2017-09-21T11:43:26","slug":"cryptxxx-v3-ransomware","status":"publish","type":"post","link":"https:\/\/www.kaspersky.com.tr\/blog\/cryptxxx-v3-ransomware\/2791\/","title":{"rendered":"CryptXXX versiyon 3 i\u00e7in \u00fccretsiz \u00e7\u00f6z\u00fcm arac\u0131"},"content":{"rendered":"<p>Nisan 2016\u2019da gen\u00e7 ve a\u00e7g\u00f6zl\u00fc CryptXXX isimli \u015fifreliyici trojan piyasaya \u00e7\u0131kt\u0131. Pek pop\u00fcler olan Angler ve Neutrino exploit kitleri taraf\u0131ndan da\u011f\u0131t\u0131ld\u0131. Yarat\u0131c\u0131lar\u0131 bu zararl\u0131 program\u0131 da\u011f\u0131tt\u0131ktan sonra b\u00fcy\u00fck ihtimalle arkalar\u0131na yaslan\u0131p zengin olacaklar\u0131n\u0131 d\u00fc\u015f\u00fcnd\u00fcler. Ancak i\u015fler bekledikleri gibi gitmedi.<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/media.kasperskydaily.com\/wp-content\/uploads\/sites\/91\/2016\/12\/06013522\/cryptxxx3-decryptor-featured-1.jpg\" alt=\"\" width=\"1280\" height=\"840\" class=\"alignnone size-full wp-image-2792\"><\/p>\n<p>CryptXXX trojan\u0131 ke\u015ffedildikten birka\u00e7 g\u00fcn <a href=\"https:\/\/www.proofpoint.com\/us\/threat-insight\/post\/cryptxxx-new-ransomware-actors-behind-reveton-dropping-angler\" target=\"_blank\" rel=\"noopener nofollow\">sonra<\/a>, Kasperksy Lab uzmanlar\u0131 \u015fifreleme algoritmas\u0131nda bir hata ke\u015ffetti ve bu hatay\u0131 kullanarak <a href=\"https:\/\/www.kaspersky.com.tr\/blog\/cryptxxx-ransomware\/2047\/\" target=\"_blank\" rel=\"noopener\">\u00e7\u00f6z\u00fcm \u00fcretti<\/a>. \u00dccretsiz arac\u0131m\u0131z olan Rannoh decryptor, CryptXXX taraf\u0131ndan \u015fifrelenmi\u015f dosyalar\u0131 \u00e7\u00f6zmek i\u00e7in kullan\u0131ld\u0131. <\/p>\n<p>Su\u00e7lular rahatlar\u0131n\u0131 bozup ellerindeki yaz\u0131l\u0131m\u0131 daha da g\u00fc\u00e7lendirmek i\u00e7in \u00e7al\u0131\u015fmaya ba\u015flad\u0131lar. Yeni versiyonu da\u011f\u0131tmaya ba\u015flad\u0131lar ancak uzmanlar\u0131m\u0131z\u0131n elinde birka\u00e7 g\u00fcn dayanabilen \u015fifreleyici i\u00e7in <a href=\"https:\/\/www.kaspersky.com.tr\/blog\/cryptxxx-decryption-20\/2058\/\" target=\"_blank\" rel=\"noopener\">ikinci bir \u00e7\u00f6z\u00fcm<\/a> geli\u015ftirildi. Rannoh decryptor g\u00fcncellendi, dosyalar\u0131 \u015fifrelenen kullan\u0131c\u0131lar fidye \u00f6demeden dosyalar\u0131n\u0131 kurtard\u0131lar. <\/p>\n<blockquote class=\"twitter-tweet\" data-width=\"500\" data-dnt=\"true\">\n<p lang=\"tr\" dir=\"ltr\">G\u00fcncelleme: CryptXXX tekrar \u00e7\u00f6z\u00fcld\u00fc <a href=\"https:\/\/t.co\/BS00Vptz54\" target=\"_blank\" rel=\"noopener nofollow\">https:\/\/t.co\/BS00Vptz54<\/a> <a href=\"https:\/\/t.co\/0RXozIweY4\" target=\"_blank\" rel=\"noopener nofollow\">pic.twitter.com\/0RXozIweY4<\/a><\/p>\n<p>\u2014 Kaspersky T\u00fcrkiye (@KasperskyTR) <a href=\"https:\/\/twitter.com\/KasperskyTR\/status\/731124942130057217?ref_src=twsrc%5Etfw\" target=\"_blank\" rel=\"noopener nofollow\">May 13, 2016<\/a><\/p><\/blockquote>\n<p><script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<p>Son s\u00fcr\u00fcm\u00fc de engellememizden sonra, su\u00e7lular rahatlar\u0131n\u0131 tekrar bozup \u00fc\u00e7\u00fcnc\u00fc versiyonu geli\u015ftirdiler ve eminiz ki kimsenin \u00e7\u00f6z\u00fcm bulamayaca\u011f\u0131n\u0131 d\u00fc\u015f\u00fcnd\u00fcler. <\/p>\n<p>Nerdeyse ba\u015far\u0131yorlard\u0131. Uzunca bir s\u00fcre CryptXXX v.3 global \u00f6l\u00e7ekte insanlar i\u00e7in tehdit olu\u015fturmaya devam etti, kullan\u0131c\u0131lar\u0131n dosyalar\u0131n\u0131 \u015fifreleyip fidye istemeye devam etti. Ayr\u0131ca son versiyon farkl\u0131 uygulamalardan <a href=\"https:\/\/threatpost.com\/updated-cryptxxx-ransomware-big-money-potential\/118464\/\" target=\"_blank\" rel=\"noopener nofollow\">kimlik \u00e7alma yetisine de sahip<\/a>ti. <\/p>\n<p>Yeni versiyonun da\u011f\u0131t\u0131m\u0131 May\u0131s ay\u0131nda ba\u015flad\u0131 ve uzmanlar\u0131m\u0131z birka\u00e7 y\u00fcz bin kullan\u0131c\u0131n\u0131n bundan etkilenmi\u015f olabilece\u011fini belirtiyor. Sadece Kaspersky Lab \u00fcr\u00fcnleri bile 80,000\u2019den fazla CryptXXX v.3 sald\u0131r\u0131s\u0131n\u0131 engelledi. Yap\u0131lan her d\u00f6rt sald\u0131r\u0131dan biri Amerika\u2019daki kullan\u0131c\u0131lar\u0131 hedef ald\u0131. Rusya, Almanya, Japonya, Hindistan ve Kanada toplamda sald\u0131r\u0131lar\u0131n %28\u2019ini ald\u0131. <\/p>\n<p><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/media.kasperskydaily.com\/wp-content\/uploads\/sites\/91\/2016\/12\/06013520\/cryptxxx-demand-message-1-1.png\" alt=\"\" width=\"1251\" height=\"912\" class=\"alignnone size-full wp-image-2794\"><\/p>\n<p><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/media.kasperskydaily.com\/wp-content\/uploads\/sites\/91\/2016\/12\/06013519\/cryptxxx-demand-message-2-1.png\" alt=\"\" width=\"1251\" height=\"809\" class=\"alignnone size-full wp-image-2795\"><\/p>\n<p>Fidye talep mesajlar\u0131 CryptXXX trojan\u0131n\u0131n versiyonuna g\u00f6re de\u011fi\u015fiyor ancak yukar\u0131daki \u00f6rneklere benziyor. <\/p>\n<p>Ancak hi\u00e7bir \u015fey sonsuza kadar s\u00fcrmez. Bug\u00fcn sizlere ara\u00e7t\u0131rmac\u0131lar\u0131m\u0131z\u0131n CryptXXX v.3\u2019\u00fcn sebep oldu\u011fu .cryp1, .crpyt ve .cryptz uzant\u0131l\u0131 \u015fifrelenmi\u015f dosyalar\u0131 a\u00e7abildi\u011fimizi duyurmaktan mutluluk duyar\u0131z! \u015eifreleri \u00e7\u00f6zmenize yarayacak olan Rannoh Decryptor arac\u0131n\u0131 i<a href=\"https:\/\/support.kaspersky.com\/viruses\/disinfection\/8547?_ga=1.66443181.2016803411.1475150380#block1\" target=\"_blank\" rel=\"noopener\">nternet sitemizde<\/a> ve <a href=\"https:\/\/www.nomoreransom.org\/\" target=\"_blank\" rel=\"noopener nofollow\">NoMoreRansom.org<\/a> internet sitesinde bulabilirsiniz. <\/p>\n<p>E\u011fer size CryptXXX bula\u015ft\u0131ysa \u2013 yukar\u0131da belirtti\u011fimiz internet sitelerinden birini ziyaret edin, gerekli dosyay\u0131 indirin ve dosyalar\u0131n\u0131z\u0131 geri al\u0131n. T\u00fcm ara\u00e7lar\u0131m\u0131z \u00fccretsizdir ve \u015fifreleyici trojanlar\u0131n bir\u00e7o\u011funu \u00e7\u00f6zmeye yarar, b\u00f6ylelikle fidye \u00f6demek zorunda kalmazs\u0131n\u0131z.<\/p>\n<p>Kaspersky Lab ara\u015ft\u0131rmac\u0131m\u0131z Anton Ivanov\u2019un dedi\u011fine g\u00f6re; \u201c<em>Cihaz\u0131na fidye yaz\u0131l\u0131m\u0131 bula\u015fan kullan\u0131c\u0131lara yapt\u0131\u011f\u0131m\u0131z genel \u00f6neri \u015fu; e\u011fer dosyalar\u0131n\u0131z\u0131 kurtarabilecek bir \u00e7\u00f6z\u00fcm program\u0131 mevcut de\u011filse, <a href=\"https:\/\/www.kaspersky.com.tr\/blog\/no-no-ransom\/2582\/\" target=\"_blank\" rel=\"noopener\">l\u00fctfen su\u00e7lulara fidye \u00f6demeyin<\/a>. Zarar g\u00f6rm\u00fc\u015f dosyalar\u0131n\u0131z\u0131 saklay\u0131n ve sab\u0131rl\u0131 olun \u2013 b\u00fcy\u00fck ihtimalle yak\u0131n bir gelecekte dosyalar\u0131n\u0131z\u0131 kurtarabilecek \u015fifre \u00e7\u00f6z\u00fcm anahtar\u0131 \u00fcretece\u011fiz. Bu olaya \u00f6rnek olarak CryptXXX v.3\u2019\u00fc g\u00f6sterebiliriz. D\u00fcnya \u00e7evresinden bir\u00e7ok g\u00fcvenlik uzman\u0131 devaml\u0131 olarak fidye yaz\u0131l\u0131m\u0131 ma\u011fdurlar\u0131na yard\u0131m etmek i\u00e7in \u00e7al\u0131\u015f\u0131yor. Er ya da ge\u00e7 sizin ya\u015fad\u0131\u011f\u0131n\u0131z fidye yaz\u0131l\u0131m\u0131 sorununa \u00e7\u00f6z\u00fcm bulunacakt\u0131r.<\/em>\u201d <\/p>\n<p><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/media.kasperskydaily.com\/wp-content\/uploads\/sites\/91\/2016\/12\/06013518\/vpn_banner-2-1.png\" alt=\"\" width=\"1280\" height=\"270\" class=\"alignnone size-full wp-image-2796\"><\/p>\n<p>Di\u011fer \u00f6nerimiz ise yar\u0131n\u0131 d\u00fc\u015f\u00fcnerek bug\u00fcn korunmaya ba\u015flaman\u0131z. Tedbirli olup dosyalar\u0131n\u0131z\u0131n \u015fifrelenmesinin \u00f6n\u00fcnde ge\u00e7mek \u00e7ok daha iyi olacakt\u0131r. Her ihtimale kar\u015f\u0131 \u015fu iki basit ad\u0131m\u0131 uygulaman\u0131z\u0131 \u00f6neririz:<\/p>\n<p>1. Dosyalar\u0131n\u0131z\u0131 d\u00fczenli olarak yedekleyin ve yedekleri harici bir diskte saklay\u0131n.<br>\n2. \u0130yi bir anti vir\u00fcs \u00e7\u00f6z\u00fcm\u00fc kullan\u0131n. Bu arada son ba\u011f\u0131ms\u0131z \u00e7al\u0131\u015fmalar Kaspersky Internet Security\u2019nin <a href=\"https:\/\/www.kaspersky.com.tr\/blog\/effitas-certification\/2528\/\" target=\"_blank\" rel=\"noopener\">fidye yaz\u0131l\u0131mlar\u0131na kar\u015f\u0131 son derece ba\u015far\u0131l\u0131<\/a> oldu\u011funu g\u00f6sterdi.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Nisan 2016\u2019da gen\u00e7 ve a\u00e7g\u00f6zl\u00fc CryptXXX isimli \u015fifreliyici trojan piyasaya \u00e7\u0131kt\u0131. Pek pop\u00fcler olan Angler ve Neutrino exploit kitleri taraf\u0131ndan da\u011f\u0131t\u0131ld\u0131. Yarat\u0131c\u0131lar\u0131 bu zararl\u0131 program\u0131 da\u011f\u0131tt\u0131ktan sonra b\u00fcy\u00fck ihtimalle arkalar\u0131na yaslan\u0131p zengin olacaklar\u0131n\u0131 d\u00fc\u015f\u00fcnd\u00fcler. Ancak i\u015fler bekledikleri gibi gitmedi.<\/p>\n","protected":false},"author":696,"featured_media":2793,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[1351],"tags":[817,827,591,352,36,447,828,853,553],"class_list":{"0":"post-2791","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-threats","8":"tag-cryptxxx","9":"tag-decryptor","10":"tag-fidye-yazilimi","11":"tag-kaspersky-lab","12":"tag-malware-2","13":"tag-ransomware","14":"tag-sifre-cozucu","15":"tag-ucretsiz-arac","16":"tag-zararli-yazilim-2"},"hreflang":[{"hreflang":"tr","url":"https:\/\/www.kaspersky.com.tr\/blog\/cryptxxx-v3-ransomware\/2791\/"},{"hreflang":"en-ae","url":"https:\/\/me-en.kaspersky.com\/blog\/cryptxxx-v3-ransomware\/5769\/"},{"hreflang":"en-us","url":"https:\/\/usa.kaspersky.com\/blog\/cryptxxx-v3-ransomware\/10593\/"},{"hreflang":"en-gb","url":"https:\/\/www.kaspersky.co.uk\/blog\/cryptxxx-v3-ransomware\/8168\/"},{"hreflang":"es-mx","url":"https:\/\/latam.kaspersky.com\/blog\/cryptxxx-v3-ransomware\/8724\/"},{"hreflang":"es","url":"https:\/\/www.kaspersky.es\/blog\/cryptxxx-v3-ransomware\/9768\/"},{"hreflang":"it","url":"https:\/\/www.kaspersky.it\/blog\/cryptxxx-v3-ransomware\/9521\/"},{"hreflang":"ru","url":"https:\/\/www.kaspersky.ru\/blog\/cryptxxx-v3-ransomware\/13804\/"},{"hreflang":"x-default","url":"https:\/\/www.kaspersky.com\/blog\/cryptxxx-v3-ransomware\/13628\/"},{"hreflang":"fr","url":"https:\/\/www.kaspersky.fr\/blog\/cryptxxx-v3-ransomware\/6435\/"},{"hreflang":"pt-br","url":"https:\/\/www.kaspersky.com.br\/blog\/cryptxxx-v3-ransomware\/6805\/"},{"hreflang":"pl","url":"https:\/\/plblog.kaspersky.com\/cryptxxx-v3-ransomware\/5855\/"},{"hreflang":"de","url":"https:\/\/www.kaspersky.de\/blog\/cryptxxx-v3-ransomware\/9419\/"},{"hreflang":"ja","url":"https:\/\/blog.kaspersky.co.jp\/cryptxxx-v3-ransomware\/13488\/"},{"hreflang":"ru-kz","url":"https:\/\/blog.kaspersky.kz\/cryptxxx-v3-ransomware\/13804\/"},{"hreflang":"en-au","url":"https:\/\/www.kaspersky.com.au\/blog\/cryptxxx-v3-ransomware\/13628\/"},{"hreflang":"en-za","url":"https:\/\/www.kaspersky.co.za\/blog\/cryptxxx-v3-ransomware\/13628\/"}],"acf":[],"banners":"","maintag":{"url":"https:\/\/www.kaspersky.com.tr\/blog\/tag\/fidye-yazilimi\/","name":"Fidye Yaz\u0131l\u0131m\u0131"},"_links":{"self":[{"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/posts\/2791","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/users\/696"}],"replies":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/comments?post=2791"}],"version-history":[{"count":1,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/posts\/2791\/revisions"}],"predecessor-version":[{"id":3983,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/posts\/2791\/revisions\/3983"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/media\/2793"}],"wp:attachment":[{"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/media?parent=2791"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/categories?post=2791"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/tags?post=2791"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}