{"id":6138,"date":"2019-07-17T12:17:09","date_gmt":"2019-07-17T09:17:09","guid":{"rendered":"https:\/\/www.kaspersky.com.tr\/blog\/?p=6138"},"modified":"2019-11-15T14:26:59","modified_gmt":"2019-11-15T11:26:59","slug":"finspy-commercial-spyware","status":"publish","type":"post","link":"https:\/\/www.kaspersky.com.tr\/blog\/finspy-commercial-spyware\/6138\/","title":{"rendered":"FinSpy \u2014 ticari casus yaz\u0131l\u0131m"},"content":{"rendered":"<p>Bir casus yaz\u0131l\u0131m, kendini gizleyen k\u00f6t\u00fc ama\u00e7l\u0131 yaz\u0131l\u0131m kodlay\u0131c\u0131lar\u0131 taraf\u0131ndan de\u011fil de ciddi bir IT firmas\u0131 taraf\u0131ndan geli\u015ftirildi\u011finde neler olur? Ge\u00e7ti\u011fimiz y\u0131lda, mobil cihazlarda bu casus yaz\u0131l\u0131mdan d\u00fczinelerce tespit ettik.<\/p>\n<h2>FinSpy yaz\u0131l\u0131m\u0131n\u0131n amac\u0131 ne<\/h2>\n<p>Casus yaz\u0131l\u0131m\u0131n bir masa\u00fcst\u00fc bilgisayar versiyonu da olmas\u0131na ra\u011fmen (\u00fcstelik sadece Windows i\u00e7in de\u011fil ayn\u0131 zaman macOS ve Linux i\u00e7in de), as\u0131l tehlike a\u011f\u0131rl\u0131kl\u0131 olarak mobil eklentilerden do\u011fmaktad\u0131r: FinSpy, hem iOS hem de Android cihazlara y\u00fcklenebilir ve her platform i\u00e7in ayn\u0131 i\u015flevler s\u00f6z konusudur. Uygulama, korsan\u0131n ilgili cihaz \u00fczerindeki verileri tamamen kontrol\u00fc alt\u0131na almas\u0131n\u0131 sa\u011flar.<\/p>\n<p>Bu k\u00f6t\u00fc ama\u00e7l\u0131 yaz\u0131l\u0131m, kurban\u0131na \u00f6zel bir \u015fekilde yap\u0131land\u0131r\u0131labilir ve korsana cihazdaki ki\u015filer, arama ge\u00e7mi\u015fi, konum belirleme, metinler, takvim ve benzeri veriler dahil olmak \u00fczere kullan\u0131c\u0131 hakk\u0131nda detayl\u0131 bilgi verir.<\/p>\n<p>Ancak hepsi bu de\u011fil. FinSpy, sesli aramalar\u0131, VoIP aramalar\u0131n\u0131 ve anl\u0131k mesajlar\u0131 kaydedebilir. WhatsApp, WeChat, Viber, Skype, Line, Telegram ve de Signal ile Threema gibi \u00e7ok say\u0131da haberle\u015fme hizmetini gizlice dinleyebilir. FinSpy, mesajlar\u0131n yan\u0131 s\u0131ra, mesajla\u015fma uygulamalar\u0131nda ma\u011fdurlar\u0131n g\u00f6nderip ald\u0131\u011f\u0131 dosyalar\u0131 ve de grup ve ki\u015fi bilgilerini de alabilir. FinSpy ile ilgili daha fazla bilgi i\u00e7in <a href=\"https:\/\/securelist.com\/new-finspy-ios-and-android-implants-revealed-itw\/91685\/\" target=\"_blank\" rel=\"noopener\">bkz. Securelist<\/a>.<\/p>\n<input type=\"hidden\" class=\"category_for_banner\" value=\"android-malware\">\n<h3>FinSpy yaz\u0131l\u0131m\u0131na kimler dikkat etmeli<\/h3>\n<p>FinSpy yaz\u0131l\u0131m\u0131 cihazlara, \u00e7o\u011fu k\u00f6t\u00fc ama\u00e7l\u0131 yaz\u0131l\u0131mla ayn\u0131 \u015fekilde girer. \u00c7o\u011funlukla k\u00f6t\u00fc ama\u00e7l\u0131 bir e-posta ya da metin mesaj\u0131 i\u00e7indeki bir ba\u011flant\u0131ya t\u0131kland\u0131\u011f\u0131nda y\u00fcklenir.<\/p>\n<p>Android cihaz sahipleri \u00f6zellikle risk b\u00f6lgesindedir; here bir de <a href=\"https:\/\/www.kaspersky.com.tr\/blog\/android-root-faq\/3388\/\" target=\"_blank\" rel=\"noopener\">cihazlar\u0131n\u0131n root edilmesi<\/a>, k\u00f6t\u00fc ama\u00e7l\u0131 yaz\u0131l\u0131m\u0131n i\u015fini b\u00fcy\u00fck \u00f6l\u00e7\u00fcde kolayla\u015ft\u0131r\u0131r. Ancak, kullan\u0131c\u0131n\u0131n k\u00f6k eri\u015fimi olmad\u0131\u011f\u0131 halde ak\u0131ll\u0131 telefona bir rooting uygulamas\u0131 y\u00fcklenirse (baz\u0131 ba\u015fka uygulamalar\u0131n y\u00fcklenmesi i\u00e7in ayr\u0131cal\u0131kl\u0131 kullan\u0131c\u0131 haklar\u0131 gerekti\u011finde oldu\u011fu gibi), FinSpy bu f\u0131rsattan yararlanarak k\u00f6k dizine eri\u015febilir. Bir ak\u0131ll\u0131 telefon root edilmi\u015f olmasa ve \u00fczerinde y\u00fckl\u00fc rooting uygulamas\u0131 olmasa dahi casus yaz\u0131l\u0131m, DirtyCow program\u0131 ile k\u00f6k eri\u015fimi kazanabilir.<\/p>\n<p>Apple kullan\u0131c\u0131lar\u0131 biraz daha \u015fansl\u0131d\u0131r. Bu casus yaz\u0131l\u0131m\u0131n iOS versiyonu i\u00e7in jailbreak gereklidir. \u015eayet iPhone\/iPad sahibi sistemi jailbreak yapt\u0131rm\u0131\u015fsa cihaza casus yaz\u0131l\u0131m, Android cihazlarla ayn\u0131 \u015fekilde girebilir. Jailbreak yoksa, korsan\u0131n cihaza fiziksel olarak eri\u015fip bizzat jailbreak yapmas\u0131 ve ard\u0131ndan FinSpy yaz\u0131l\u0131m\u0131n\u0131 y\u00fcklemesi gerekir.<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full wp-image-6140\" src=\"https:\/\/media.kasperskydaily.com\/wp-content\/uploads\/sites\/91\/2019\/07\/17120942\/finspy-commercial-spyware-infographic-EN.png\" alt=\"\" width=\"1200\" height=\"1698\"><\/p>\n<h3>FinSpy casus yaz\u0131l\u0131m\u0131ndan nas\u0131l korunabiliriz<\/h3>\n<p>FinSpy ve benzer casus yaz\u0131l\u0131mlar\u0131n tuza\u011f\u0131na d\u00fc\u015fmemek i\u00e7in a\u015fa\u011f\u0131daki esaslara uyman\u0131z gerekir:<\/p>\n<ul>\n<li>E-posta, anl\u0131k mesaj ve metin mesajlar\u0131ndaki \u015f\u00fcpheli ba\u011flant\u0131lara t\u0131klamay\u0131n.<\/li>\n<li>Kritik verilere eri\u015fimi olan cihazlarda k\u00f6k eri\u015fimi (Android) almaya \u00e7al\u0131\u015fmay\u0131n veya jailbreak (iOS) yapt\u0131rmay\u0131n.<\/li>\n<li>Bu t\u00fcr tehditleri alg\u0131layabilen <a href=\"http:\/\/kas.pr\/kdkistr\" target=\"_blank\" rel=\"noopener\">g\u00fcvenilir bir g\u00fcvenlik \u00e7\u00f6z\u00fcm\u00fc<\/a> kullan\u0131n; iPhone sahipleri, b\u00f6yle bir \u00e7\u00f6z\u00fcm\u00fcn iOS i\u00e7in ne yaz\u0131k ki mevcut olmad\u0131\u011f\u0131n\u0131 (<a href=\"https:\/\/www.kaspersky.com.tr\/blog\/ios-security-explainer\/5269\/\" target=\"_blank\" rel=\"noopener\">nedeni i\u00e7in t\u0131klay\u0131n<\/a>) unutmamal\u0131d\u0131r.<\/li>\n<\/ul>\n<input type=\"hidden\" class=\"category_for_banner\" value=\"kis-top3\">\n","protected":false},"excerpt":{"rendered":"<p>FinSpy, Android, iOS, Windows, macOS ve Linux i\u00e7in yasal olarak sat\u0131lan bir casus yaz\u0131l\u0131md\u0131r. Neler yapabilir ve kendinizi nas\u0131l savunabilirsiniz?<\/p>\n","protected":false},"author":2506,"featured_media":6139,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[1351],"tags":[105,1900,1956,750,665,1276,1465,531],"class_list":{"0":"post-6138","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-threats","8":"tag-android","9":"tag-casus-yazilim","10":"tag-finspy","11":"tag-ios","12":"tag-mobil-cihazlar","13":"tag-root","14":"tag-telegram","15":"tag-whatsapp"},"hreflang":[{"hreflang":"tr","url":"https:\/\/www.kaspersky.com.tr\/blog\/finspy-commercial-spyware\/6138\/"},{"hreflang":"en-in","url":"https:\/\/www.kaspersky.co.in\/blog\/finspy-commercial-spyware\/16160\/"},{"hreflang":"en-ae","url":"https:\/\/me-en.kaspersky.com\/blog\/finspy-commercial-spyware\/13666\/"},{"hreflang":"en-us","url":"https:\/\/usa.kaspersky.com\/blog\/finspy-commercial-spyware\/18053\/"},{"hreflang":"en-gb","url":"https:\/\/www.kaspersky.co.uk\/blog\/finspy-commercial-spyware\/16189\/"},{"hreflang":"es-mx","url":"https:\/\/latam.kaspersky.com\/blog\/finspy-commercial-spyware\/14942\/"},{"hreflang":"es","url":"https:\/\/www.kaspersky.es\/blog\/finspy-commercial-spyware\/18869\/"},{"hreflang":"it","url":"https:\/\/www.kaspersky.it\/blog\/finspy-commercial-spyware\/17615\/"},{"hreflang":"ru","url":"https:\/\/www.kaspersky.ru\/blog\/finspy-commercial-spyware\/23082\/"},{"hreflang":"x-default","url":"https:\/\/www.kaspersky.com\/blog\/finspy-commercial-spyware\/27606\/"},{"hreflang":"fr","url":"https:\/\/www.kaspersky.fr\/blog\/finspy-commercial-spyware\/11963\/"},{"hreflang":"pt-br","url":"https:\/\/www.kaspersky.com.br\/blog\/finspy-commercial-spyware\/12074\/"},{"hreflang":"pl","url":"https:\/\/plblog.kaspersky.com\/finspy-commercial-spyware\/10971\/"},{"hreflang":"de","url":"https:\/\/www.kaspersky.de\/blog\/finspy-commercial-spyware\/19721\/"},{"hreflang":"ja","url":"https:\/\/blog.kaspersky.co.jp\/finspy-commercial-spyware\/23625\/"},{"hreflang":"nl","url":"https:\/\/www.kaspersky.nl\/blog\/finspy-commercial-spyware\/24022\/"},{"hreflang":"ru-kz","url":"https:\/\/blog.kaspersky.kz\/finspy-commercial-spyware\/18666\/"},{"hreflang":"en-au","url":"https:\/\/www.kaspersky.com.au\/blog\/finspy-commercial-spyware\/22974\/"},{"hreflang":"en-za","url":"https:\/\/www.kaspersky.co.za\/blog\/finspy-commercial-spyware\/22913\/"}],"acf":[],"banners":"","maintag":{"url":"https:\/\/www.kaspersky.com.tr\/blog\/tag\/casus-yazilim\/","name":"casus yaz\u0131l\u0131m"},"_links":{"self":[{"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/posts\/6138","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/users\/2506"}],"replies":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/comments?post=6138"}],"version-history":[{"count":3,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/posts\/6138\/revisions"}],"predecessor-version":[{"id":6760,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/posts\/6138\/revisions\/6760"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/media\/6139"}],"wp:attachment":[{"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/media?parent=6138"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/categories?post=6138"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/tags?post=6138"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}