{"id":4725,"date":"2018-02-13T11:48:13","date_gmt":"2018-02-13T08:48:13","guid":{"rendered":"https:\/\/www.kaspersky.com.tr\/blog\/?p=4725"},"modified":"2019-11-15T14:43:40","modified_gmt":"2019-11-15T11:43:40","slug":"cryakl-decrypted-for-good","status":"publish","type":"post","link":"https:\/\/www.kaspersky.com.tr\/blog\/cryakl-decrypted-for-good\/4725\/","title":{"rendered":"Yeni \u015fifre \u00e7\u00f6z\u00fcc\u00fc, Cryakl\/Fantomas kurbanlar\u0131n\u0131 kurtard\u0131"},"content":{"rendered":"<p>Fidye yaz\u0131l\u0131m\u0131 kurbanlar\u0131na yard\u0131m eden No More Ransom projesinden iyi haberler var: Kaspersky Lab ile i\u015fbirli\u011fi yapan Bel\u00e7ika polisi, Fantomas olarak da bilinen Cryakl adl\u0131 fidye yaz\u0131l\u0131m\u0131n\u0131n yeni s\u00fcr\u00fcmleriyle \u015fifrelenmi\u015f dosyalar\u0131 kurtarmak i\u00e7in gereken anahtarlar\u0131 elde etmeyi ba\u015fard\u0131. G\u00fcncellenmi\u015f \u015fifre \u00e7\u00f6z\u00fcc\u00fc arac\u0131, <a href=\"https:\/\/www.nomoreransom.org\/en\/index.html\" target=\"_blank\" rel=\"noopener nofollow\">projenin web sitesi<\/a>nde mevcut.<\/p>\n<h2>Cryakl nedir?<\/h2>\n<p>Trojan fidye yaz\u0131l\u0131m\u0131 Cryakl (Trojan-Ransom.Win32.Cryakl) son zamanlarda \u00f6n plana \u00e7\u0131km\u0131\u015f durumda. Ba\u015flarda bu yaz\u0131l\u0131m, s\u00f6zde bir kabahatla ilgili i\u015flem yapan bir tahkim mahkemesinden geliyor gibi g\u00f6r\u00fcnen e-postalar\u0131n i\u00e7ine eklenmi\u015f ar\u015fivler arac\u0131l\u0131\u011f\u0131yla da\u011f\u0131t\u0131l\u0131yordu. Bu mesajlar insanlar\u0131 endi\u015felendirdi\u011fi i\u00e7in, daha tecr\u00fcbeli kimselerde bile bu ekleri a\u00e7ma iste\u011fi do\u011fabiliyor. Daha sonra, bu e-postalar farkl\u0131 \u015fekiller almaya ba\u015flad\u0131. Art\u0131k, mesela yerel bir ev sahipleri derne\u011finden g\u00f6nderilmi\u015f gibi g\u00f6z\u00fckebiliyorlar.<\/p>\n<p>Kurban\u0131n bilgisayar\u0131ndaki dosyalar\u0131 \u015fifrelerken, Cryakl su\u00e7 merkezine g\u00f6nderdi\u011fi uzun bir anahtar yarat\u0131yor. Bu anahtar olmadan k\u00f6t\u00fc ama\u00e7l\u0131 yaz\u0131l\u0131m\u0131n etkiledi\u011fi dosyalar\u0131 kurtarmak imkans\u0131z. Sonras\u0131nda, Cryakl masa\u00fcst\u00fc duvar ka\u011f\u0131d\u0131n\u0131, yaz\u0131l\u0131m\u0131 geli\u015ftirenlerin ileti\u015fim bilgileriyle ve bir fidye iste\u011fiyle de\u011fi\u015ftiriyor. Cryakl ayn\u0131 zamanda 1964\u2019\u00fcn Frans\u0131z film k\u00f6t\u00fc karakteri Fantomas\u2019\u0131n maskesinin g\u00f6r\u00fcnt\u00fcs\u00fcn\u00fc ekrana yans\u0131t\u0131yor. Yaz\u0131l\u0131m\u0131n di\u011fer ad\u0131 da buradan geliyor. Cryakl \u00e7o\u011funlukla Rusya\u2019daki kullan\u0131c\u0131lar\u0131 etkiledi. Bu y\u00fczden hakk\u0131nda edinilen bilgilerin \u00e7o\u011fu Rus\u00e7a.<\/p>\n<blockquote class=\"wp-embedded-content\" data-secret=\"9Oz4dMQpJi\"><p><a href=\"https:\/\/www.kaspersky.com.tr\/blog\/ransomware-blocker-to-cryptor\/2221\/\" target=\"_blank\" rel=\"noopener\">Olaylar ve rakamlarla fidye yaz\u0131l\u0131m\u0131n\u0131n tarihi ve evrimi<\/a><\/p><\/blockquote>\n<p><iframe loading=\"lazy\" class=\"wp-embedded-content\" sandbox=\"allow-scripts\" security=\"restricted\" style=\"position: absolute; clip: rect(1px, 1px, 1px, 1px);\" title=\"\u201cOlaylar ve rakamlarla fidye yaz\u0131l\u0131m\u0131n\u0131n tarihi ve evrimi\u201d \u2014 Daily - Turkish - Turkey - www.kaspersky.com.tr\/blog\" src=\"https:\/\/www.kaspersky.com.tr\/blog\/ransomware-blocker-to-cryptor\/2221\/embed\/#?secret=D05cPB9SQa#?secret=9Oz4dMQpJi\" data-secret=\"9Oz4dMQpJi\" width=\"500\" height=\"282\" frameborder=\"0\" marginwidth=\"0\" marginheight=\"0\" scrolling=\"no\"><\/iframe><\/p>\n<h2>Ba\u015far\u0131 hikayesi<\/h2>\n<p>\u00d6nceden de belirtti\u011fimiz gibi, uzmanlar\u0131m\u0131z\u0131n ve Bel\u00e7ika polisinin ortakla\u015fa y\u00fcr\u00fctt\u00fc\u011f\u00fc \u00e7abalar sonucunda ana anahtarlar ele ge\u00e7irildi. Konu hakk\u0131nda inceleme, bilgisayar su\u00e7lar\u0131 ekibinin Bel\u00e7ika\u2019daki fidye yaz\u0131l\u0131m\u0131 kurbanlar\u0131n\u0131 fark etmesiyle ba\u015flad\u0131. Bu ekip sonras\u0131nda kom\u015fu bir \u00fclkede bir su\u00e7 merkezi ke\u015ffetti. Bel\u00e7ika federal savc\u0131s\u0131n\u0131n y\u00f6netti\u011fi operasyon, etkilenmi\u015f makinelerden ana anahtarlar\u0131 alan su\u00e7 merkezi sunucular\u0131n\u0131 etkisiz hale getirdi. Sonras\u0131nda daha \u00f6nce de yapm\u0131\u015f oldu\u011fu gibi, Kaspersky Lab emniyet te\u015fkilatlar\u0131na yard\u0131m etmek i\u00e7in i\u015fe koyundu. Sonu\u00e7lar her zamanki gibi \u00e7ok iyiydi: Uzmanlar\u0131m\u0131z ortaya \u00e7\u0131kar\u0131lan verileri incelediler ve \u015fifre \u00e7\u00f6z\u00fcc\u00fc anahtarlar\u0131 ay\u0131klad\u0131lar.<\/p>\n<p>Bu anahtarlar \u00e7oktan No More Ransom sitesindeki RakhniDecryptor arac\u0131na eklendi ve Bel\u00e7ika federal polisi de projenin resmi orta\u011f\u0131 oldu. 2016 Temmuz\u2019undan beri \u00e7al\u0131\u015fan No More Ransom, bug\u00fcne kadar fidye yaz\u0131l\u0131mlar\u0131n\u0131n dosyalar\u0131n\u0131 kullan\u0131lamaz hale getirdi\u011fi on binlerce insanlara kar\u015f\u0131l\u0131ks\u0131z yard\u0131m etti ve siber \u015fantajc\u0131lar\u0131n\u0131n en az 10 milyon avro kazanmas\u0131n\u0131 engelledi.<\/p>\n<blockquote class=\"wp-embedded-content\" data-secret=\"qSs8JwtgmJ\"><p><a href=\"https:\/\/www.kaspersky.com.tr\/blog\/no-more-ransom-first-anniversary\/3608\/\" target=\"_blank\" rel=\"noopener\">No More Ranson: Epey verimli bir y\u0131l<\/a><\/p><\/blockquote>\n<p><iframe loading=\"lazy\" class=\"wp-embedded-content\" sandbox=\"allow-scripts\" security=\"restricted\" style=\"position: absolute; clip: rect(1px, 1px, 1px, 1px);\" title=\"\u201cNo More Ranson: Epey verimli bir y\u0131l\u201d \u2014 Daily - Turkish - Turkey - www.kaspersky.com.tr\/blog\" src=\"https:\/\/www.kaspersky.com.tr\/blog\/no-more-ransom-first-anniversary\/3608\/embed\/#?secret=y046hXFX9D#?secret=qSs8JwtgmJ\" data-secret=\"qSs8JwtgmJ\" width=\"500\" height=\"282\" frameborder=\"0\" marginwidth=\"0\" marginheight=\"0\" scrolling=\"no\"><\/iframe><\/p>\n<h2>Cryakl fidye yaz\u0131l\u0131m\u0131yla \u015fifrelenmi\u015f dosyalar nas\u0131l kurtar\u0131l\u0131r<\/h2>\n<p>No More Ransom sitesi, Cryakl\u2019\u0131n etkiledi\u011fi dosyalar\u0131n \u015fifrelerini \u00e7\u00f6zmek i\u00e7in iki ara\u00e7 sa\u011fl\u0131yor. \u0130lkinin ad\u0131 RammohDecryptor. Bu yaz\u0131l\u0131m 2016\u2019da yay\u0131nland\u0131 ve Cryakl\u2019\u0131n eski s\u00fcr\u00fcmlerinde \u00e7al\u0131\u015f\u0131yor. Bu program\u0131 <a href=\"https:\/\/www.nomoreransom.org\/en\/decryption-tools.html#Cryakl\" target=\"_blank\" rel=\"noopener nofollow\">NoMoreRansom.org<\/a> adresinden indirebilir, \u015fifre \u00e7\u00f6zme i\u015flemi i\u00e7in yap\u0131lacaklar\u0131 <a href=\"https:\/\/support.kaspersky.com\/viruses\/disinfection\/8547?_ga=2.32780414.1139843794.1518419233-1508076597.1475216580#block1\" target=\"_blank\" rel=\"noopener\">buradan<\/a> \u00f6\u011frenebilirsiniz.<\/p>\n<p>\u0130kinci ara\u00e7 olan RakhniDecryptor\u2019u, Bel\u00e7ika polisinin ele ge\u00e7irdi\u011fi sunuculardan ald\u0131\u011f\u0131m\u0131z ana anahtarlar\u0131 ekleyerek yak\u0131n bir zamanda g\u00fcncelledik. Bunu da ayn\u0131 siteden indirebilirsiniz. Yapman\u0131z gerekenler \u015furada belirtiliyor. Cryakl\u2019\u0131n yeni s\u00fcr\u00fcmlerinin etkiledi\u011fi dosyalar\u0131n \u015fifrelerini \u00e7\u00f6zmek i\u00e7in RakhniDecryptor\u2019u kullanman\u0131z gerekiyor. Bu ara\u00e7lardan herhangi biri Cryakl\u2019\u0131n etkiledi\u011fi dosyalar\u0131 tamamiyle eski hallerine getirecektir.<\/p>\n<h2>\u0130leride nas\u0131l korunabiliriz<\/h2>\n<p>Kripto fidye yaz\u0131l\u0131mlar\u0131 s\u00f6z konusu oldu\u011funda, \u00f6nlem almak etkilenmi\u015f dosyalar\u0131 kurtarmaktan daha ucuz ve daha basit. Ba\u015fka bir deyi\u015fle, kendinizi \u015fimdiden g\u00fcvenceye almak ve sonras\u0131nda rahat uyumak dosyalar\u0131n \u015fifrelerini \u00e7\u00f6zmekle u\u011fra\u015fmaktan \u00e7ok daha iyi bir se\u00e7enek. Dosyalar\u0131n\u0131z\u0131 \u00f6nceden koruyabilmek i\u00e7in bir iki tavsiye vermek isteriz:<\/p>\n<ol>\n<li>Mutlaka en \u00f6nemli dosyalar\u0131n\u0131z\u0131n kopyalar\u0131n\u0131 ba\u015fka bir yerde bulundurun. Bu yer bulut, ba\u015fka bir s\u00fcr\u00fcc\u00fc, bir bellek ya da ba\u015fka bir bilgisayar olabilir. Yedekleme se\u00e7enekleri hakk\u0131nda daha fazla bilgi i\u00e7in <a href=\"https:\/\/www.kaspersky.com.tr\/blog\/how-to-backup\/4212\/\" target=\"_blank\" rel=\"noopener\">buraya<\/a> bakabilirsiniz.<\/li>\n<li>G\u00fcvenli bir antivir\u00fcs yaz\u0131l\u0131m\u0131 kullan\u0131n. <a href=\"http:\/\/kas.pr\/kdktstr\" target=\"_blank\" rel=\"noopener\">Kaspersky Total Security<\/a> gibi baz\u0131 g\u00fcvenlik \u00e7\u00f6z\u00fcmleri bir yandan da dosya yedekleme konusunda yard\u0131mc\u0131 olabilirler.<\/li>\n<li>G\u00fcvenilir olmayan kaynaklardan program indirmeyin. Bu programlar\u0131n y\u00fckleyicileri bilgisayar\u0131n\u0131zda istemeyece\u011finiz \u015feyler bar\u0131nd\u0131r\u0131yor olabilir.<\/li>\n<li>\u00d6nemli ya da g\u00fcvenilir g\u00f6z\u00fckse bile, bilinmeyen g\u00f6ndericilerden gelen e-postalardaki ekleri a\u00e7may\u0131n. \u015e\u00fcpheye d\u00fc\u015ferseniz, resmi websitesinde kurulu\u015fun telefon numaras\u0131n\u0131 bulun ve kontrol etmek i\u00e7in bu numaray\u0131 aray\u0131n.<\/li>\n<\/ol>\n","protected":false},"excerpt":{"rendered":"<p>Fidye yaz\u0131l\u0131m\u0131 kurbanlar\u0131na yard\u0131m eden No More Ransom projesinden iyi haberler var: Kaspersky Lab ile i\u015fbirli\u011fi yapan Bel\u00e7ika polisi, Fantomas olarak da bilinen Cryakl adl\u0131 fidye yaz\u0131l\u0131m\u0131n\u0131n yeni s\u00fcr\u00fcmleriyle \u015fifrelenmi\u015f dosyalar\u0131 kurtarmak i\u00e7in gereken anahtarlar\u0131 elde etmeyi ba\u015fard\u0131. G\u00fcncellenmi\u015f \u015fifre \u00e7\u00f6z\u00fcc\u00fc arac\u0131, projenin web sitesinde mevcut.<\/p>\n","protected":false},"author":2484,"featured_media":4726,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[1287,1351],"tags":[1540,1541,591,1542,1543,820,241],"class_list":{"0":"post-4725","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-news","8":"category-threats","9":"tag-cryakl","10":"tag-fantomas","11":"tag-fidye-yazilimi","12":"tag-fidye-yazilimi-cozum-araci","13":"tag-polis","14":"tag-tehdit","15":"tag-trojan"},"hreflang":[{"hreflang":"tr","url":"https:\/\/www.kaspersky.com.tr\/blog\/cryakl-decrypted-for-good\/4725\/"},{"hreflang":"en-in","url":"https:\/\/www.kaspersky.co.in\/blog\/cryakl-decrypted-for-good\/12509\/"},{"hreflang":"en-ae","url":"https:\/\/me-en.kaspersky.com\/blog\/cryakl-decrypted-for-good\/10359\/"},{"hreflang":"ar","url":"https:\/\/me.kaspersky.com\/blog\/cryakl-decrypted-for-good\/5639\/"},{"hreflang":"en-us","url":"https:\/\/usa.kaspersky.com\/blog\/cryakl-decrypted-for-good\/14653\/"},{"hreflang":"en-gb","url":"https:\/\/www.kaspersky.co.uk\/blog\/cryakl-decrypted-for-good\/12945\/"},{"hreflang":"es-mx","url":"https:\/\/latam.kaspersky.com\/blog\/cryakl-decrypted-for-good\/12452\/"},{"hreflang":"es","url":"https:\/\/www.kaspersky.es\/blog\/cryakl-decrypted-for-good\/15298\/"},{"hreflang":"it","url":"https:\/\/www.kaspersky.it\/blog\/cryakl-decrypted-for-good\/15024\/"},{"hreflang":"ru","url":"https:\/\/www.kaspersky.ru\/blog\/cryakl-decrypted-for-good\/19630\/"},{"hreflang":"x-default","url":"https:\/\/www.kaspersky.com\/blog\/cryakl-decrypted-for-good\/21129\/"},{"hreflang":"pl","url":"https:\/\/plblog.kaspersky.com\/cryakl-decrypted-for-good\/8924\/"},{"hreflang":"de","url":"https:\/\/www.kaspersky.de\/blog\/cryakl-decrypted-for-good\/15873\/"},{"hreflang":"zh","url":"https:\/\/www.kaspersky.com.cn\/blog\/cryakl-decrypted-for-good\/9348\/"},{"hreflang":"ja","url":"https:\/\/blog.kaspersky.co.jp\/cryakl-decrypted-for-good\/19532\/"},{"hreflang":"en-au","url":"https:\/\/www.kaspersky.com.au\/blog\/cryakl-decrypted-for-good\/19579\/"},{"hreflang":"en-za","url":"https:\/\/www.kaspersky.co.za\/blog\/cryakl-decrypted-for-good\/19581\/"}],"acf":[],"banners":"","maintag":{"url":"https:\/\/www.kaspersky.com.tr\/blog\/tag\/cryakl\/","name":"Cryakl"},"_links":{"self":[{"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/posts\/4725","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/users\/2484"}],"replies":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/comments?post=4725"}],"version-history":[{"count":2,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/posts\/4725\/revisions"}],"predecessor-version":[{"id":6966,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/posts\/4725\/revisions\/6966"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/media\/4726"}],"wp:attachment":[{"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/media?parent=4725"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/categories?post=4725"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/tags?post=4725"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}