{"id":5045,"date":"2018-06-27T10:43:35","date_gmt":"2018-06-27T07:43:35","guid":{"rendered":"https:\/\/www.kaspersky.com.tr\/blog\/?p=5045"},"modified":"2019-11-15T14:40:16","modified_gmt":"2019-11-15T11:40:16","slug":"mobile-malware-part-1","status":"publish","type":"post","link":"https:\/\/www.kaspersky.com.tr\/blog\/mobile-malware-part-1\/5045\/","title":{"rendered":"Mobil canavarlar ve yuvalar\u0131 – birinci b\u00f6l\u00fcm"},"content":{"rendered":"

Son y\u0131llarda, telefonlar\u0131m\u0131z siber su\u00e7lular\u0131n dikkatini g\u00fcn ge\u00e7tik\u00e7e daha \u00e7ok \u00e7ekiyor. Sonu\u00e7ta, ak\u0131l\u0131 telefonlar\u0131m\u0131zdan hi\u00e7 ayr\u0131lam\u0131yoruz; ki\u015fisel belge ve foto\u011fraflar\u0131m\u0131z\u0131 saklarken, ileti\u015fim kurarken ve resim \u00e7ekerken en \u00e7ok onlar\u0131 kullan\u0131yoruz. Bu cihazlarla birlikte bilet veya c\u00fczdan ta\u015f\u0131mam\u0131za bile gerek kalm\u0131yor; ki avantajlar\u0131 bunlarla da s\u0131n\u0131rl\u0131 de\u011fil.<\/p>\n

Baz\u0131 durumlarda de\u011ferli veriler i\u00e7in olduk\u00e7a b\u00fcy\u00fck bir depolama alan\u0131 sunan bu cihazlar inan\u0131lmaz bir fayda sa\u011fl\u0131yor ve tabii ki k\u00f6t\u00fc ama\u00e7lara da m\u00fckemmel bir \u015fekilde hizmet edebiliyor. Bu nedenle ak\u0131ll\u0131 telefonlara \u00f6zg\u00fc k\u00f6t\u00fc ama\u00e7l\u0131 yaz\u0131l\u0131mlar\u0131n da sonu gelmiyor.<\/p>\n

Ge\u00e7en y\u0131l ak\u0131ll\u0131 telefonlarda ve tabletlerde 42.7 milyon adet k\u00f6t\u00fc ama\u00e7l\u0131 yaz\u0131l\u0131m yakalad\u0131k<\/a>. Mobil k\u00f6t\u00fc ama\u00e7l\u0131 yaz\u0131l\u0131mlarla ilgili bu yaz\u0131m\u0131zda, bu yaz\u0131l\u0131mlar\u0131 amac\u0131na ve davran\u0131\u015f\u0131na g\u00f6re \u00e7e\u015fitli t\u00fcrlere ay\u0131rd\u0131k. Birinci b\u00f6l\u00fcmde, bu yaz\u0131l\u0131mlar\u0131n olduk\u00e7a s\u0131radan \u00fc\u00e7 t\u00fcr\u00fcn\u00fc ele alaca\u011f\u0131z.<\/p>\n

Reklam yaz\u0131l\u0131m\u0131: Reklama t\u0131klatanlar ve davetsiz ba\u015fl\u0131klar<\/h2>\n

Mobil vir\u00fcslerin en yayg\u0131n t\u00fcrlerinden biri reklam yaz\u0131l\u0131m\u0131 \u015feklinde kar\u015f\u0131m\u0131za \u00e7\u0131kar. Bu yaz\u0131l\u0131m\u0131n g\u00f6revi, \u00e7evrimi\u00e7i ba\u015fl\u0131klar\u0131n otomatik t\u0131klanma veya kullan\u0131c\u0131lar\u0131 kendi \u00e7\u0131karlar\u0131 i\u00e7in kullanarak elle t\u0131klanma say\u0131lar\u0131n\u0131 art\u0131rmakt\u0131r. Bu yaz\u0131l\u0131mlardan baz\u0131lar\u0131 ise size istenmeyen reklamlar\u0131 g\u00f6stermekle yetinir.<\/p>\n

\u0130lk durumda, siz reklam\u0131 g\u00f6rmezsiniz bile. Fakat t\u0131klay\u0131c\u0131lar, ak\u0131ll\u0131 telefonunuzda bulunan veriler ve pil \u015farj\u0131 gibi kaynaklar\u0131 kullan\u0131r. Vir\u00fcs bula\u015fan ak\u0131ll\u0131 telefonun pili yaln\u0131zca birka\u00e7 saat dayan\u0131r ve faturan\u0131z size \u00e7ok da ho\u015f olmayan bir s\u00fcrpriz yapabilir.<\/p>\n

\u0130kinci tip reklam yaz\u0131l\u0131m\u0131 ise \u00e7evrimi\u00e7i ba\u015fl\u0131klar\u0131 kendi ba\u015fl\u0131klar\u0131yla de\u011fi\u015ftirir ve kullan\u0131c\u0131 o kadar \u00e7ok reklamla kar\u015f\u0131la\u015f\u0131r ki, bu reklamlar dikkatini ister \u00e7eksin ister \u00e7ekmesin, sonunda bu ba\u011flant\u0131lara t\u0131klar. \u00c7o\u011fu zaman, reklam ba\u015fl\u0131klar\u0131 her \u015feyin \u00f6n\u00fcne ge\u00e7er ve istenmeyen postalar o kadar artar ki, cihaz\u0131 kullanmak imkans\u0131z hale gelir.<\/p>\n

Baz\u0131 k\u00f6t\u00fc ama\u00e7l\u0131 yaz\u0131l\u0131mlar da siz fark\u0131nda olmadan \u00e7evrimi\u00e7i al\u0131\u015fkanl\u0131klar\u0131n\u0131zla ilgili bilgi toplar. Bu bilgiler daha sonra reklamc\u0131lar\u0131n eline ge\u00e7erek reklam kampanyalar\u0131ndaki ince ayarlar i\u00e7in kullan\u0131l\u0131r. Dahas\u0131, ba\u015fl\u0131klar k\u00f6t\u00fc ama\u00e7l\u0131 sitelere ba\u011flanabilir ve bu siteler telefonunuza \u00e7ok daha k\u00f6t\u00fc vir\u00fcsler bula\u015ft\u0131rabilir.<\/p>\n

K\u0131sa mesajlar ve Web aboneleri<\/h2>\n

Bug\u00fcn ele alaca\u011f\u0131m\u0131z ikinci k\u00f6t\u00fc ama\u00e7l\u0131 yaz\u0131l\u0131m t\u00fcr\u00fc Truva t\u0131klay\u0131c\u0131lar\u0131 olarak da bilinen aboneler. Bu yaz\u0131l\u0131mlar\u0131n g\u00f6revi, mobil hesab\u0131n\u0131zdan bilgi \u00e7almakt\u0131r. Mobil hesaplarda h\u0131rs\u0131zl\u0131k daha kolayd\u0131r \u00e7\u00fcnk\u00fc genellikle s\u0131k\u0131 kontrol alt\u0131nda tutulan kart numaralar\u0131 burada atlan\u0131r. Para \u00e7\u0131k\u0131\u015f\u0131 WAP veya SMS faturas\u0131 arac\u0131l\u0131\u011f\u0131yla ve bazen de ma\u011fdurun hesab\u0131ndan ayr\u0131cal\u0131kl\u0131 numaralara yap\u0131lan \u00e7a\u011fr\u0131lar \u00fczerinde sa\u011flan\u0131r.<\/p>\n

WAP\u2019\u0131n ne oldu\u011funu ve siber su\u00e7lular taraf\u0131ndan nas\u0131l k\u00f6t\u00fcye kullan\u0131ld\u0131\u011f\u0131n\u0131 buradan<\/a> \u00f6\u011frenenebilirsiniz. WAP t\u0131klay\u0131c\u0131s\u0131n\u0131n ad\u0131n\u0131za paral\u0131 abonelik olu\u015fturmas\u0131 i\u00e7in tek yapmas\u0131 gereken \u015fey sitede ilgili butona t\u0131klamakt\u0131r. K\u00f6t\u00fc ama\u00e7l\u0131 SMS yaz\u0131l\u0131mlar\u0131 ise mesaj g\u00f6ndermek i\u00e7in izin ister ve bir\u00e7ok kullan\u0131c\u0131 da bu izni hi\u00e7 d\u00fc\u015f\u00fcnmeden verir. Paran\u0131z\u0131 IP telefon<\/a> hizmeti \u00fczerinden \u00e7alan programlar\u0131n i\u015fi biraz daha zordur: Bu hizmet i\u00e7in bir hesap a\u00e7t\u0131rmalar\u0131 gerekir.<\/p>\n

Abonelik olu\u015fturan programlar\u0131n \u00e7arp\u0131c\u0131 bir \u00f6rne\u011fi Truva Ubsod\u2019dur. Bu program WAP uzman\u0131 bir ba\u015f belas\u0131d\u0131r. Faaliyetini m\u00fcmk\u00fcn oldu\u011fu kadar uzun s\u00fcre gizleyebilmek i\u00e7in \u201cubscri\u201d metin dizisini (\u201cabone olmak\u201d ya da \u201cabonelik\u201d anlam\u0131ndaki s\u00f6zc\u00fc\u011f\u00fcn bir b\u00f6l\u00fcm\u00fc) i\u00e7eren t\u00fcm SMS mesajlar\u0131n\u0131 siler. Dahas\u0131, WAP i\u015flemlerinin gerektirdi\u011fi \u00fczere Wi-Fi\u2019dan mobil internete ge\u00e7i\u015f yapabilir.<\/p>\n

Neyse ki istenmeyen aboneliklerden kurtulmak karma\u015f\u0131k bir i\u015f de\u011fildir; t\u00fcm abonelikler operat\u00f6r\u00fcn internet sitesindeki kullan\u0131c\u0131 hesab\u0131nda g\u00f6r\u00fcnt\u00fclenir. Buradan abonelikleri silebilece\u011finiz gibi telefonunuz i\u00e7in yeni aboneliklerin a\u00e7\u0131lmas\u0131n\u0131 da engelleyebilirsiniz (ancak baz\u0131 durumlarda bu engel sadece ge\u00e7ici s\u00fcreli\u011fine konabilir). Burada en \u00f6nemli nokta, hesab\u0131n\u0131zdan para s\u0131zd\u0131r\u0131ld\u0131\u011f\u0131n\u0131 m\u00fcmk\u00fcn oldu\u011funca erken fark ederek ta\u015fk\u0131nlar\u0131 \u00f6nlemektir.<\/p>\n

Yo\u011fun SMS g\u00f6nderen yaz\u0131l\u0131mlar ve DDoSer\u2019ler<\/h2>\n

Bu iki kategorideki k\u00f6t\u00fc ama\u00e7l\u0131 yaz\u0131l\u0131mlar program indirmek yerine veri g\u00f6nderir, hem de \u00e7uval dolusu! Bunu da izninizi istemeden, el alt\u0131ndan yaparlar. Doland\u0131r\u0131c\u0131lar sizin paran\u0131zla ba\u015fkalar\u0131n\u0131n hayatlar\u0131n\u0131 mahvederek bir servet elde edebilir.<\/p>\n

B\u00f6yle olunca da, holiganlar yo\u011fun SMS g\u00f6ndererek insanlar\u0131 rahats\u0131z eder veya cihazlar\u0131n\u0131 devre d\u0131\u015f\u0131 b\u0131rak\u0131r. Bir kullan\u0131c\u0131 ta\u015fk\u0131n yaz\u0131l\u0131mlar\u0131n\u0131 kendi iste\u011fiyle cihaz\u0131na y\u00fckleyip bu holiganlar\u0131n d\u00fc\u015fmanlar\u0131n\u0131 binlerce SMS mesaj\u0131na bo\u011fabilir. Fakat bunlar\u0131n \u00e7o\u011fu daha da ileri giderek ba\u015fkalar\u0131n\u0131n hesab\u0131na mesajlar da g\u00f6nderir ve hi\u00e7bir \u015feyden \u015f\u00fcphelenmeyen insanlar\u0131n cihazlar\u0131na el alt\u0131ndan k\u00f6t\u00fc ama\u00e7l\u0131 uygulama y\u00fckler.<\/p>\n

DDoSer\u2019ler<\/a> sadece ak\u0131ll\u0131 telefonlar\u0131 bo\u011fmakla kalmaz, ayn\u0131 zamanda \u00e7ok daha g\u00fc\u00e7l\u00fc cihazlar\u0131 ve hatta ba\u015fl\u0131ca \u00e7evrimi\u00e7i kaynaklar\u0131 da etkileyebilir. Siber su\u00e7lular bunun i\u00e7in vir\u00fcsl\u00fc ara\u00e7lar\u0131 bir a\u011f ile birle\u015ftirerek bir botnet<\/a> olu\u015fturur ve ma\u011fdurlara buradan yo\u011fun istek g\u00f6nderir. Bazen, t\u0131klay\u0131c\u0131lar ayn\u0131 Web sayfas\u0131n\u0131 defalarca a\u00e7maya \u00e7al\u0131\u015f\u0131rken DDoS g\u00f6revi de g\u00f6rebilir.<\/p>\n

Hem ta\u015fk\u0131n programlar\u0131 hem de DDoSer\u2019ler, ak\u0131ll\u0131 telefonunuzu kullanarak \u00fc\u00e7\u00fcnc\u00fc \u015fah\u0131slara zarar verir. Fakat cihaz\u0131n\u0131z\u0131n piline ve i\u015flemcisine yap\u0131lan a\u015f\u0131r\u0131 y\u00fcklenme sizi de rahats\u0131z eder, cebinizden \u00e7\u0131kan para da cabas\u0131d\u0131r. Genellikle bu t\u00fcr programlar yayg\u0131n de\u011fildir ama Temmuz 2013\u2019te yo\u011fun SMS g\u00f6nderen Didat, e-posta ile g\u00f6nderilen k\u00f6t\u00fc ama\u00e7l\u0131 programlar aras\u0131nda ilk 20\u2019ye girmi\u015ftir<\/a>.<\/p>\n

Ne kadar ileri giderseniz i\u015finizi o kadar zorla\u015f\u0131r<\/h2>\n

D\u00fcr\u00fcst olmak gerekirse, bug\u00fcn ele al\u0131\u011f\u0131m\u0131z mobil hainler denizdeki k\u00fc\u00e7\u00fck bal\u0131klardan ibaret. En k\u00f6t\u00fc ihtimalle, cep telefonu faturan\u0131z\u0131 biraz kabart\u0131r ve sinirlerinizi de biraz y\u0131prat\u0131rlar. Durum ne olursa olsun, bir vir\u00fcsten koruma yaz\u0131l\u0131m\u0131ndan yard\u0131m alarak bu hainleri tespit etmek ve ortadan kald\u0131rmak olduk\u00e7a kolayd\u0131r.<\/p>\n

\u00d6n\u00fcm\u00fczdeki b\u00f6l\u00fcmlerde, hiyerar\u015fide daha \u00fcst s\u0131ralarda yer alan baz\u0131 hainleri ele alaca\u011f\u0131z. G\u00fcncellemeleri takip edin ve mobil g\u00fcvenlik kurallar\u0131n\u0131 unutmay\u0131n:<\/p>\n