{"id":5014,"date":"2018-06-14T09:31:34","date_gmt":"2018-06-14T06:31:34","guid":{"rendered":"https:\/\/www.kaspersky.com.tr\/blog\/?p=5014"},"modified":"2019-11-15T14:40:44","modified_gmt":"2019-11-15T11:40:44","slug":"malicious-chrome-extension","status":"publish","type":"post","link":"https:\/\/www.kaspersky.com.tr\/blog\/malicious-chrome-extension\/5014\/","title":{"rendered":"Veri h\u0131rs\u0131z\u0131 Chrome uzant\u0131s\u0131"},"content":{"rendered":"<p>Yaz\u0131l\u0131m ma\u011fazalar\u0131n\u0131n (Google, Apple, Amazon ve di\u011ferleri) sahipleri, k\u00f6t\u00fc ama\u00e7l\u0131 yaz\u0131l\u0131mlarla, g\u00fcvenlik \u00e7\u00f6z\u00fcm\u00fc sa\u011flay\u0131c\u0131lar\u0131 kadar yo\u011fun bir bi\u00e7imde m\u00fccadele etmek zorundad\u0131r. B\u00fct\u00fcn d\u00f6ng\u00fcler gibi bu da hi\u00e7 bitmeyen bir s\u00fcre\u00e7tir: Siber su\u00e7lular \u00e7evrimi\u00e7i ma\u011fazalara gizlice giren yaz\u0131l\u0131mlar yazar, hemen ard\u0131ndan bu yaz\u0131l\u0131ma bir isim verilir ve bu yaz\u0131l\u0131m ay\u0131plan\u0131r (silindi\u011fini s\u00f6ylemeye gerek bile yok), g\u00fcvenlik politikas\u0131 tekrar eden olaylardan ka\u00e7\u0131nmak i\u00e7in g\u00fcncellenir ve siber su\u00e7lular, olu\u015fturduklar\u0131 yaz\u0131l\u0131mlar\u0131 yeni politikalar dahilinde ma\u011fazaya gizlice sokman\u0131n bir yolunu bulur.<\/p>\n<p>Uygulamalar\u0131 her zaman yaln\u0131zca resmi kaynaklardan y\u00fcklemenizi \u00f6neririz. Ancak bu, bu t\u00fcr sitelerin k\u00f6t\u00fc ama\u00e7l\u0131 yaz\u0131l\u0131m i\u00e7ermedi\u011fi anlam\u0131na gelmez; yaln\u0131zca ba\u015fka yerlerde oldu\u011fundan daha az miktarda k\u00f6t\u00fc ama\u00e7l\u0131 yaz\u0131l\u0131m bulunur. Her ne kadar Google Play son derece g\u00fcvenli olsa da Chrome Web Ma\u011fazas\u0131 bamba\u015fka bir alemdir. Uzmanlar\u0131m\u0131z, Chrome Web Ma\u011fazas\u0131\u2019nda son zamanlarda kullan\u0131c\u0131lar\u0131n banka verilerini hedef alan k\u00f6t\u00fc ama\u00e7l\u0131 bir uzant\u0131 ke\u015ffettiler.<\/p>\n<h2>Taray\u0131c\u0131n\u0131zda Truval\u0131 bir bankac\u0131 var<\/h2>\n<p>Su\u00e7lumuz esas\u0131nda <a href=\"https:\/\/tr.0wikipedia.org\/wiki\/Man-in-the-middle_attack\" target=\"_blank\" rel=\"noopener nofollow\">aradaki adam sald\u0131r\u0131s\u0131<\/a> yapan \u201cDesbloquear Conte\u00fado\u201d (Portekizce \u201c\u0130\u00e7eri\u011fin Engelini Kald\u0131r\u201d) ad\u0131nda bir uzant\u0131yd\u0131. Kullan\u0131c\u0131lar bankalar\u0131n\u0131n web sitelerine girdiklerinde; k\u00f6t\u00fc ama\u00e7l\u0131 bir komut dosyas\u0131, trafi\u011fi siber su\u00e7lulara ait bir ara sunucu arac\u0131l\u0131\u011f\u0131yla yeniden y\u00f6nlendirerek ve siber su\u00e7lular\u0131n web sitesini \u00e7\u00f6z\u00fcmleyerek istedikleri \u015feyleri almalar\u0131n\u0131 sa\u011fl\u0131yordu.<\/p>\n<p>K\u00f6t\u00fc ama\u00e7l\u0131 yaz\u0131l\u0131mda, ayn\u0131 zamanda kullan\u0131c\u0131lar\u0131n \u00e7evrimi\u00e7i olarak girdikleri belirli bilgileri ay\u0131klamak i\u00e7in tasarlanm\u0131\u015f komut dosyalar\u0131 da bulunuyordu. \u00d6rne\u011fin; bir kullan\u0131c\u0131, bankan\u0131n giri\u015f sayfas\u0131na girdi\u011finde k\u00f6t\u00fc ama\u00e7l\u0131 yaz\u0131l\u0131m, bankan\u0131n aray\u00fcz\u00fcyle m\u00fckemmel bir \u015fekilde e\u015fle\u015fen bir ekran katman\u0131 kullanm\u0131\u015f, ancak giri\u015f, \u015fifre ve bir defal\u0131k onay kodu alanlar\u0131n\u0131n yerini kendisininkiyle de\u011fi\u015ftirmi\u015fti. Kullan\u0131c\u0131 giri\u015f d\u00fc\u011fmesine bast\u0131\u011f\u0131nda, k\u00f6t\u00fc ama\u00e7l\u0131 yaz\u0131l\u0131m, verileri kendisi i\u00e7in kopyal\u0131yordu.<\/p>\n<p>Sahte komut-kontrol sunucusunun bulundu\u011fu etki alan\u0131, daha \u00f6nce k\u00f6t\u00fc ama\u00e7l\u0131 oldu\u011fu ortaya \u00e7\u0131kan etki alanlar\u0131yla ayn\u0131 IP adresini kullan\u0131yordu. Ara\u015ft\u0131rmac\u0131lar\u0131m\u0131z\u0131n dikkatini \u00fczerine \u00e7eken \u015fey de buydu. Ara\u015ft\u0131rmac\u0131lar, \u015f\u00fcphelerini do\u011frulad\u0131ktan sonra Google ile ileti\u015fime ge\u00e7ti ve k\u00f6t\u00fc ama\u00e7l\u0131 yaz\u0131l\u0131mlar Chrome Web Ma\u011fazas\u0131\u2019ndan h\u0131zla kald\u0131r\u0131ld\u0131.<\/p>\n<p>Y\u00fckleme esnas\u0131nda, Chrome uzant\u0131lar\u0131n\u0131n bilgisayar\u0131n\u0131z \u00fczerinde neredeyse s\u0131n\u0131rs\u0131z bir g\u00fc\u00e7 talep etti\u011fini unutmay\u0131n. \u00c7o\u011fu k\u00f6t\u00fc ama\u00e7l\u0131 program\u0131n tek bir \u201cZiyaret etti\u011finiz web sitelerindeki t\u00fcm verilerinizi okuma ve de\u011fi\u015ftirme\u201d iznine ihtiyac\u0131 vard\u0131r ve bu, \u00e7ok g\u00fc\u00e7l\u00fc bir izindir.<\/p>\n<p>Bu nedenle uzant\u0131lara son derece dikkatle yakla\u015f\u0131n. Bu uzant\u0131lar her zaman iyi ama\u00e7l\u0131 <a href=\"https:\/\/www.kaspersky.com.tr\/blog\/browser-extensions-security\/4691\/?utm_source=kdaily&amp;utm_medium=blog&amp;utm_campaign=tr_browser-extensions-security_organic&amp;utm_content=sm-post&amp;utm_term=tr_kdaily_organic_sm-post_blog_browser-extensions-security\" target=\"_blank\" rel=\"noopener\">de\u011fildir<\/a>. \u0130ndirilmeleri \u00e7ok kolay olsa da g\u00fc\u00e7s\u00fcz olamayacaklar\u0131n\u0131 veya hi\u00e7bir zarar vermeyeceklerini varsaymak olduk\u00e7a kolayd\u0131r.<\/p>\n<blockquote class=\"wp-embedded-content\" data-secret=\"z2N3QHl1DW\"><p><a href=\"https:\/\/www.kaspersky.com.tr\/blog\/browser-extensions-security\/4691\/\" target=\"_blank\" rel=\"noopener\">Taray\u0131c\u0131 uzant\u0131lar\u0131na neden dikkat etmelisiniz<\/a><\/p><\/blockquote>\n<p><iframe loading=\"lazy\" class=\"wp-embedded-content\" sandbox=\"allow-scripts\" security=\"restricted\" style=\"position: absolute; clip: rect(1px, 1px, 1px, 1px);\" title=\"\u201cTaray\u0131c\u0131 uzant\u0131lar\u0131na neden dikkat etmelisiniz\u201d \u2014 Daily - Turkish - Turkey - www.kaspersky.com.tr\/blog\" src=\"https:\/\/www.kaspersky.com.tr\/blog\/browser-extensions-security\/4691\/embed\/#?secret=CIU0mwQLdu#?secret=z2N3QHl1DW\" data-secret=\"z2N3QHl1DW\" width=\"500\" height=\"282\" frameborder=\"0\" marginwidth=\"0\" marginheight=\"0\" scrolling=\"no\"><\/iframe><\/p>\n<h2>K\u00f6t\u00fc ama\u00e7l\u0131 taray\u0131c\u0131 uzant\u0131lar\u0131na kar\u015f\u0131 korunma<\/h2>\n<p>\u0130\u015fte, kullan\u0131\u015fl\u0131 bir taray\u0131c\u0131 uzant\u0131s\u0131 olarak gizli, k\u00f6t\u00fc ama\u00e7l\u0131 yaz\u0131l\u0131mlardan korunman\u0131z\u0131 sa\u011flayacak baz\u0131 ipu\u00e7lar\u0131:<\/p>\n<ul>\n<li>Yaln\u0131zca tam anlam\u0131yla g\u00fcvendi\u011finiz uzant\u0131lar\u0131 y\u00fckleyin. G\u00fcvenilebilecek m\u00fckemmel bir test maalesef yok ancak en az\u0131ndan tan\u0131nm\u0131\u015f geli\u015ftiricilerin sa\u011flad\u0131\u011f\u0131 uzant\u0131lara ba\u011fl\u0131 kal\u0131n.<\/li>\n<li>Ger\u00e7ekten ihtiyac\u0131n\u0131z olmad\u0131k\u00e7a ek uzant\u0131lar eklemeyin.<\/li>\n<li>Bir uzant\u0131 art\u0131k gerekli de\u011filse bu uzant\u0131y\u0131 kald\u0131r\u0131n. Bu uzant\u0131ya ihtiya\u00e7 duyarsan\u0131z her zaman yeniden y\u00fckleyebilirsiniz.<\/li>\n<li><a href=\"http:\/\/kas.pr\/kdkistr\" target=\"_blank\" rel=\"noopener\">Kaspersky Internet Security<\/a> gibi denenmi\u015f ve test edilmi\u015f bir g\u00fcvenlik \u00e7\u00f6z\u00fcm\u00fc kullan\u0131n. T\u00fcm yeni Chrome uzant\u0131lar\u0131, analiz i\u00e7in bize otomatik olarak g\u00f6nderilir. Bu nedenle, en son uzant\u0131larda bile k\u00f6t\u00fc ama\u00e7l\u0131 yaz\u0131l\u0131mlar\u0131n gizlenebilecekleri bir yer yoktur.<\/li>\n<\/ul>\n","protected":false},"excerpt":{"rendered":"<p>Uygulamalar\u0131 her zaman yaln\u0131zca resmi kaynaklardan y\u00fcklemenizi \u00f6neririz. Ancak bu, bu t\u00fcr sitelerin k\u00f6t\u00fc ama\u00e7l\u0131 yaz\u0131l\u0131m i\u00e7ermedi\u011fi anlam\u0131na gelmez; yaln\u0131zca ba\u015fka yerlerde oldu\u011fundan daha az miktarda k\u00f6t\u00fc ama\u00e7l\u0131 yaz\u0131l\u0131m bulunur. <\/p>\n","protected":false},"author":40,"featured_media":5016,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[1351],"tags":[16,1164,1551,820,241],"class_list":{"0":"post-5014","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-threats","8":"tag-chrome","9":"tag-eklentiler","10":"tag-tarayici","11":"tag-tehdit","12":"tag-trojan"},"hreflang":[{"hreflang":"tr","url":"https:\/\/www.kaspersky.com.tr\/blog\/malicious-chrome-extension\/5014\/"},{"hreflang":"en-in","url":"https:\/\/www.kaspersky.co.in\/blog\/malicious-chrome-extension\/13472\/"},{"hreflang":"en-ae","url":"https:\/\/me-en.kaspersky.com\/blog\/malicious-chrome-extension\/11261\/"},{"hreflang":"en-us","url":"https:\/\/usa.kaspersky.com\/blog\/malicious-chrome-extension\/15550\/"},{"hreflang":"en-gb","url":"https:\/\/www.kaspersky.co.uk\/blog\/malicious-chrome-extension\/13814\/"},{"hreflang":"es-mx","url":"https:\/\/latam.kaspersky.com\/blog\/malicious-chrome-extension\/13044\/"},{"hreflang":"es","url":"https:\/\/www.kaspersky.es\/blog\/malicious-chrome-extension\/16292\/"},{"hreflang":"it","url":"https:\/\/www.kaspersky.it\/blog\/malicious-chrome-extension\/15807\/"},{"hreflang":"ru","url":"https:\/\/www.kaspersky.ru\/blog\/malicious-chrome-extension\/20706\/"},{"hreflang":"x-default","url":"https:\/\/www.kaspersky.com\/blog\/malicious-chrome-extension\/22697\/"},{"hreflang":"fr","url":"https:\/\/www.kaspersky.fr\/blog\/malicious-chrome-extension\/10582\/"},{"hreflang":"pl","url":"https:\/\/plblog.kaspersky.com\/malicious-chrome-extension\/9258\/"},{"hreflang":"de","url":"https:\/\/www.kaspersky.de\/blog\/malicious-chrome-extension\/16933\/"},{"hreflang":"ja","url":"https:\/\/blog.kaspersky.co.jp\/malicious-chrome-extension\/20560\/"},{"hreflang":"ru-kz","url":"https:\/\/blog.kaspersky.kz\/malicious-chrome-extension\/16664\/"},{"hreflang":"en-au","url":"https:\/\/www.kaspersky.com.au\/blog\/malicious-chrome-extension\/20416\/"},{"hreflang":"en-za","url":"https:\/\/www.kaspersky.co.za\/blog\/malicious-chrome-extension\/20408\/"}],"acf":[],"banners":"","maintag":{"url":"https:\/\/www.kaspersky.com.tr\/blog\/tag\/eklentiler\/","name":"eklentiler"},"_links":{"self":[{"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/posts\/5014","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/users\/40"}],"replies":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/comments?post=5014"}],"version-history":[{"count":2,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/posts\/5014\/revisions"}],"predecessor-version":[{"id":6928,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/posts\/5014\/revisions\/6928"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/media\/5016"}],"wp:attachment":[{"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/media?parent=5014"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/categories?post=5014"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/tags?post=5014"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}