{"id":5807,"date":"2019-03-26T11:11:35","date_gmt":"2019-03-26T08:11:35","guid":{"rendered":"https:\/\/www.kaspersky.com.tr\/blog\/?p=5807"},"modified":"2019-11-15T14:31:26","modified_gmt":"2019-11-15T11:31:26","slug":"shadow-hammer-teaser","status":"publish","type":"post","link":"https:\/\/www.kaspersky.com.tr\/blog\/shadow-hammer-teaser\/5807\/","title":{"rendered":"Shadow Hammer: ASUS diz\u00fcst\u00fc bilgisayarlar i\u00e7in k\u00f6t\u00fc ama\u00e7l\u0131 g\u00fcncellemeler"},"content":{"rendered":"

Uzmanlar\u0131m\u0131z, \u00fcr\u00fcnlerimizde bulunan ve tedarik zinciri sald\u0131r\u0131lar\u0131n\u0131 tespit edebilen yeni bir teknoloji sayesinde \u015fimdiye kadarki en b\u00fcy\u00fck tedarik zinciri sald\u0131r\u0131lar\u0131ndan birini a\u00e7\u0131\u011fa \u00e7\u0131kard\u0131 (CCleaner sald\u0131r\u0131s\u0131n\u0131<\/a> hat\u0131rl\u0131yor musunuz? \u0130\u015fte bu sald\u0131r\u0131, ondan bile b\u00fcy\u00fck). Bir tehdit akt\u00f6r\u00fc, ASUS diz\u00fcst\u00fc bilgisayarlara BIOS, UEFI ve yaz\u0131l\u0131m g\u00fcncellemeleri sunan ASUS Live Update Yard\u0131mc\u0131 Program\u0131\u2019nda baz\u0131 de\u011fi\u015fiklikler yapt\u0131, programa bir arka kap\u0131 ekledi ve resmi kanallar arac\u0131l\u0131\u011f\u0131yla bunu kullan\u0131c\u0131lara da\u011f\u0131tt\u0131.<\/p>\n

Truva At\u0131 haline getirilen yard\u0131mc\u0131 program, yasal bir sertifikayla imzaland\u0131\u011f\u0131 ve ASUS\u2019un g\u00fcncellemelere \u00f6zel resmi sunucusunda bar\u0131nd\u0131r\u0131ld\u0131\u011f\u0131 i\u00e7in uzun bir s\u00fcre boyunca tespit edilemedi. Siber su\u00e7lular, k\u00f6t\u00fc ama\u00e7l\u0131 yard\u0131mc\u0131 program\u0131n dosya boyutunun orijinal dosya ile ayn\u0131 kalmas\u0131na bile dikkat etmi\u015flerdi.<\/p>\n

\u0130statistiklerimize g\u00f6re Kaspersky Lab \u00fcr\u00fcnlerinin 57.000\u2019den fazla kullan\u0131c\u0131s\u0131, i\u00e7inde arka kap\u0131 bulunan bu yard\u0131mc\u0131 program\u0131 bilgisayar\u0131na y\u00fckledi ancak bu program\u0131n toplamda yakla\u015f\u0131k 1 milyon ki\u015fiye ula\u015ft\u0131\u011f\u0131n\u0131 tahmin ediyoruz. Bununla birlikte, bu sald\u0131r\u0131n\u0131n arkas\u0131ndaki siber su\u00e7lular, kullan\u0131c\u0131lar\u0131n tamam\u0131yla ilgilenmiyordu; yaln\u0131zca 600 spesifik MAC adresini hedef ald\u0131lar, bu MAC adresleri i\u00e7in dosya karmalar\u0131 yard\u0131mc\u0131 program\u0131n farkl\u0131 s\u00fcr\u00fcmlerinin i\u00e7ine g\u00f6m\u00fclm\u00fc\u015ft\u00fc.<\/p>\n

Bu sald\u0131r\u0131y\u0131 ara\u015ft\u0131r\u0131rken \u00fc\u00e7 farkl\u0131 sat\u0131c\u0131n\u0131n yaz\u0131l\u0131mlar\u0131na kar\u015f\u0131 ayn\u0131 tekniklerin kullan\u0131ld\u0131\u011f\u0131 fark ettik. Elbette, sald\u0131r\u0131y\u0131 ASUS\u2019a ve di\u011fer \u015firketlere bildirdik. \u015eu anda t\u00fcm Kaspersky Lab \u00e7\u00f6z\u00fcmleri, truva at\u0131 haline getirilmi\u015f yard\u0131mc\u0131 programlar\u0131 tespit edip engelledi fakat yine de ASUS Live Update Yard\u0131mc\u0131 Program\u0131\u2019n\u0131 kullan\u0131yorsan\u0131z program\u0131 g\u00fcncellemenizi tavsiye ederiz. Konu hakk\u0131ndaki ara\u015ft\u0131rmalar\u0131m\u0131z devam ediyor.<\/p>\n

\u015eimdiye kadarki en b\u00fcy\u00fck tedarik zinciri hakk\u0131nda daha fazla bilgi almak, teknik ayr\u0131nt\u0131lar\u0131 ke\u015ffetmek, Risk G\u00f6stergelerini g\u00f6rmek ve kendinizi bu t\u00fcr tedarik zinciri sald\u0131r\u0131lar\u0131ndan korumakla ilgili tavsiye almak i\u00e7in SAS 2019 konferans\u0131n\u0131<\/a> ziyaret etmenizi \u00f6neririz; y\u0131l\u0131n en s\u0131cak g\u00fcvenlik konferans\u0131 8 Nisan tarihinde Singapur\u2019da ba\u015flayacak. Bu konferansta, \u00e7ok ilgin\u00e7 detaylarla birlikte Shadow Hammer APT\u2019sini ele alan bir konu\u015fma yapaca\u011f\u0131z. Biletler, neredeyse t\u00fckenmek \u00fczere, acele edin.<\/p>\n

Alternatif olarak SAS\u2019\u0131n yap\u0131ld\u0131\u011f\u0131 tarihlerde securelist.com<\/a> web sitesinde yay\u0131nlanacak olan raporumuzun tamam\u0131n\u0131 da okuyabilirsiniz. Bizi takip edin!<\/p>\n","protected":false},"excerpt":{"rendered":"

Teknolojilerimiz, \u015fimdiye kadarki en b\u00fcy\u00fck tedarik zinciri sald\u0131r\u0131lar\u0131ndan biri gibi g\u00f6r\u00fcnen bir tehdit tespit etti.<\/p>\n","protected":false},"author":2411,"featured_media":5808,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[1726,1194,1727],"tags":[1887,1886,337,1885,1611],"class_list":{"0":"post-5807","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-enterprise","8":"category-business","9":"category-smb","10":"tag-thesas2019","11":"tag-guncellemeler","12":"tag-sas","13":"tag-sas2019","14":"tag-tedarik-zinciri"},"hreflang":[{"hreflang":"tr","url":"https:\/\/www.kaspersky.com.tr\/blog\/shadow-hammer-teaser\/5807\/"},{"hreflang":"en-in","url":"https:\/\/www.kaspersky.co.in\/blog\/shadow-hammer-teaser\/15452\/"},{"hreflang":"en-ae","url":"https:\/\/me-en.kaspersky.com\/blog\/shadow-hammer-teaser\/13016\/"},{"hreflang":"en-us","url":"https:\/\/usa.kaspersky.com\/blog\/shadow-hammer-teaser\/17396\/"},{"hreflang":"en-gb","url":"https:\/\/www.kaspersky.co.uk\/blog\/shadow-hammer-teaser\/15544\/"},{"hreflang":"es-mx","url":"https:\/\/latam.kaspersky.com\/blog\/shadow-hammer-teaser\/14224\/"},{"hreflang":"es","url":"https:\/\/www.kaspersky.es\/blog\/shadow-hammer-teaser\/18089\/"},{"hreflang":"it","url":"https:\/\/www.kaspersky.it\/blog\/shadow-hammer-teaser\/17081\/"},{"hreflang":"ru","url":"https:\/\/www.kaspersky.ru\/blog\/shadow-hammer-teaser\/22486\/"},{"hreflang":"x-default","url":"https:\/\/www.kaspersky.com\/blog\/shadow-hammer-teaser\/26149\/"},{"hreflang":"fr","url":"https:\/\/www.kaspersky.fr\/blog\/shadow-hammer-teaser\/11539\/"},{"hreflang":"pl","url":"https:\/\/plblog.kaspersky.com\/shadow-hammer-teaser\/10502\/"},{"hreflang":"de","url":"https:\/\/www.kaspersky.de\/blog\/shadow-hammer-teaser\/18832\/"},{"hreflang":"ja","url":"https:\/\/blog.kaspersky.co.jp\/shadow-hammer-teaser\/22850\/"},{"hreflang":"ru-kz","url":"https:\/\/blog.kaspersky.kz\/shadow-hammer-teaser\/18169\/"},{"hreflang":"en-au","url":"https:\/\/www.kaspersky.com.au\/blog\/shadow-hammer-teaser\/22325\/"},{"hreflang":"en-za","url":"https:\/\/www.kaspersky.co.za\/blog\/shadow-hammer-teaser\/22261\/"}],"acf":[],"banners":"","maintag":{"url":"https:\/\/www.kaspersky.com.tr\/blog\/tag\/thesas2019\/","name":"#thesas2019"},"_links":{"self":[{"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/posts\/5807","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/users\/2411"}],"replies":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/comments?post=5807"}],"version-history":[{"count":2,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/posts\/5807\/revisions"}],"predecessor-version":[{"id":6818,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/posts\/5807\/revisions\/6818"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/media\/5808"}],"wp:attachment":[{"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/media?parent=5807"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/categories?post=5807"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/tags?post=5807"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}