{"id":3100,"date":"2017-04-14T02:51:47","date_gmt":"2017-04-14T06:51:47","guid":{"rendered":"https:\/\/www.kaspersky.com.tr\/blog\/?p=3100"},"modified":"2019-11-15T14:52:02","modified_gmt":"2019-11-15T11:52:02","slug":"pegasus-spyware","status":"publish","type":"post","link":"https:\/\/www.kaspersky.com.tr\/blog\/pegasus-spyware\/3100\/","title":{"rendered":"Pegasus: iOS ve Android’teki nihai casusluk yaz\u0131l\u0131m\u0131"},"content":{"rendered":"

iPhone ve iPad kullan\u0131c\u0131lar\u0131 genellikle g\u00fcvende olduklar\u0131n\u0131 d\u00fc\u015f\u00fcn\u00fcrler. iOS i\u00e7in zararl\u0131 yaz\u0131l\u0131m olmad\u0131\u011f\u0131n\u0131 d\u00fc\u015f\u00fcn\u00fcrler. Apple\u2019\u0131n anti vir\u00fcs \u00e7\u00f6z\u00fcmlerine izin vermeyen marketi de kullan\u0131c\u0131lar\u0131n bu g\u00f6r\u00fc\u015flerini s\u00fcrd\u00fcrmesinin en b\u00fcy\u00fck sebeplerinden biri.<\/p>\n

Buradaki anahtar kelime \u201ciddia etmek\u201d. Asl\u0131nda iOS\u2019u hedef alan zararl\u0131 yaz\u0131l\u0131m mevcut \u2013 birka\u00e7 \u00f6rne\u011fi de var. 2016 A\u011fustos\u2019unda ara\u015ft\u0131rmac\u0131lar istenilen iPhone ve iPad cihazlar\u0131 hackleyip, kurban hakk\u0131nda verileri toparlayabildikleri, casus yaz\u0131l\u0131m Pegasus\u2019un varl\u0131\u011f\u0131n\u0131n ba\u015flang\u0131c\u0131ndan haber verdiler<\/a>. Bu ke\u015fif t\u00fcm siber d\u00fcnyay\u0131 huzursuz etti.<\/p>\n

D\u00fczenledi\u011fimiz Security Analyst Summit<\/a>\u2018te, Lookout\u2019tan ara\u015ft\u0131rmac\u0131lar Pegasus\u2019un sadece iOS i\u00e7in de\u011fil, Android i\u00e7in de tehdit oldu\u011funu belirttiler<\/a>. Android versiyonu, iOS versiyonuna g\u00f6re baz\u0131 farkl\u0131l\u0131klar g\u00f6steriyor. \u015eimdi Pegasus\u2019a d\u00f6nelim ve niye \u201cnihai\u201d dedi\u011fimizi a\u00e7\u0131klayal\u0131m.<\/p>\n

Pegasus: Ba\u015flang\u0131\u00e7<\/h2>\n

Pegasus, Birle\u015fik Arap Emirlikleri insan haklar\u0131 aktivisti Ahmed Mansoor<\/a> taraf\u0131ndan ke\u015ffedildi. Bu hedefli bir oltalama sald\u0131r\u0131s\u0131yd\u0131: \u0130\u00e7erisinde zararl\u0131 link oldu\u011funu d\u00fc\u015f\u00fcnd\u00fc\u011f\u00fc SMS mesajlar\u0131 alan Ahmed, bunlar\u0131 Citizen Lab\u2019a iletti. Bu kurulu\u015f da ara\u015ft\u0131rmas\u0131 i\u00e7in ba\u015fka bir g\u00fcvenlik firmas\u0131 olan Lookout\u2019a g\u00f6nderdi.<\/p>\n

Mansoor yan\u0131lmad\u0131. E\u011fer linke t\u0131klam\u0131\u015f olsayd\u0131, iPhonu\u2019na jailbreak i\u015flemi yap\u0131lmam\u0131\u015f iOS\u2019lar i\u00e7in yaz\u0131lm\u0131\u015f zararl\u0131 yaz\u0131l\u0131m bula\u015facakt\u0131. Lookout ara\u015ft\u0131rmac\u0131lar\u0131 \u015fimdiye kadar g\u00f6rd\u00fckleri en karma\u015f\u0131k u\u00e7 nokta zararl\u0131 yaz\u0131l\u0131m\u0131 oldu\u011funu belirtti ve bu yaz\u0131l\u0131ma Pegasus ad\u0131n\u0131 verdiler.<\/p>\n

Pegasus\u2019un alt\u0131ndan \u0130srailli zararl\u0131 yaz\u0131l\u0131m geli\u015ftiricisi NSO Group \u00e7\u0131kt\u0131. Bunun anlam\u0131 \u015fu, Pegasus en fazla teklifi verene sat\u0131lan ticari bir yaz\u0131l\u0131m. Pegasus\u2019un \u00e7al\u0131\u015fma mant\u0131\u011f\u0131 daha \u00f6nceden bilinmeyen (Zero day) g\u00fc\u00e7l\u00fc bir a\u00e7\u0131\u011fa dayan\u0131yor. Bu a\u00e7\u0131k iOS cihaza sessizce jailbreak i\u015flemi yaparak casusluk yaz\u0131l\u0131m\u0131 y\u00fckl\u00fcyor. Ba\u015fka bir siber g\u00fcvenlik firmas\u0131 olan Zerodium bir defas\u0131nda iOS\u2019un zero-day a\u00e7\u0131\u011f\u0131 i\u00e7in 1 milyon dolar para teklif etmi\u015fti, yani Pegasus\u2019un epey maliyetli oldu\u011funu s\u00f6yleyebiliriz.<\/p>\n

\n

An emergency #iOS<\/a> update patches #0day<\/a> used by government spyware https:\/\/t.co\/VyDbMcHRGL<\/a> pic.twitter.com\/6U8nX0baXY<\/a><\/p>\n

\u2014 Kaspersky (@kaspersky) August 26, 2016<\/a><\/p><\/blockquote>\n