{"id":6411,"date":"2019-09-12T13:50:14","date_gmt":"2019-09-12T10:50:14","guid":{"rendered":"https:\/\/www.kaspersky.com.tr\/blog\/?p=6411"},"modified":"2019-11-15T14:24:32","modified_gmt":"2019-11-15T11:24:32","slug":"malicious-websites-infect-iphones","status":"publish","type":"post","link":"https:\/\/www.kaspersky.com.tr\/blog\/malicious-websites-infect-iphones\/6411\/","title":{"rendered":"K\u00f6t\u00fc ama\u00e7l\u0131 bir internet sitesinden iPhone’uma vir\u00fcs bula\u015fabilir. Do\u011fru mu yanl\u0131\u015f m\u0131?"},"content":{"rendered":"

iPhone telefonlar\u0131n tehditlere kar\u015f\u0131 tamamen ba\u011f\u0131\u015f\u0131k oldu\u011fu fikri defalarca \u00e7\u00fcr\u00fct\u00fclm\u00fc\u015ft\u00fcr<\/a>. Do\u011frusu, her ne kadar Apple marka ak\u0131ll\u0131 telefonlar Android cihazlara k\u0131yasla daha k\u00fc\u00e7\u00fck bir hedef te\u015fkil etse de, sadece tehlikeli bir internet sitesi a\u00e7arak her t\u00fcrl\u00fc k\u00f6t\u00fc ama\u00e7l\u0131 yaz\u0131l\u0131m\u0131 haberiniz olmadan indirip y\u00fckleyebilece\u011finiz s\u00f6ylenir. Bu g\u00f6nderide bunun do\u011frulu\u011funu ara\u015ft\u0131raca\u011f\u0131z.<\/p>\n

Ger\u00e7ek: K\u00f6t\u00fc ama\u00e7l\u0131 internet siteleri, iPhone\u2019un g\u00fcvenlik mekanizmalar\u0131n\u0131 iki y\u0131ldan uzun s\u00fcredir k\u0131rmaktad\u0131r<\/h2>\n

Google\u2019\u0131n Zero Projesinde \u00e7al\u0131\u015fan ara\u015ft\u0131rmac\u0131lar, en az iki y\u0131ld\u0131r iPhone telefonlara sald\u0131ran birtak\u0131m hacklenmi\u015f internet siteleri ke\u015ffetti<\/a>. Bunun i\u00e7in sald\u0131rganlar, yedisi iPhone kullan\u0131c\u0131lar\u0131n\u0131n b\u00fcy\u00fck \u00e7o\u011funlu\u011funun taray\u0131c\u0131s\u0131 olan Safari\u2019de bulunan 14 adet yaz\u0131l\u0131m a\u00e7\u0131\u011f\u0131ndan yararland\u0131.<\/p>\n

Kalan yaz\u0131l\u0131m a\u00e7\u0131klar\u0131ndan ikisi, k\u00f6t\u00fc ama\u00e7l\u0131 yaz\u0131l\u0131m\u0131n iOS\u2019un bir uygulaman\u0131n di\u011fer uygulamalar\u0131n verilerine eri\u015fmesini (ve tabii ki de\u011fi\u015ftirmesini) \u00f6nlemek i\u00e7in kulland\u0131\u011f\u0131 sandbox\u2019tan ka\u00e7mas\u0131na izin verdi. Di\u011fer be\u015fi de, iOS i\u015fletim sisteminin merkezi bile\u015feni olan \u00e7ekirde\u011fini etkiledi. \u00c7ekirde\u011fin k\u0131r\u0131lmas\u0131, sald\u0131rgana iPhone sahibinde dahi bulunmayan k\u00f6k eri\u015fim ayr\u0131cal\u0131klar\u0131 verir.<\/p>\n

S\u00f6z konusu k\u00f6t\u00fc ama\u00e7l\u0131 internet siteleri, iOS 10\u2019dan iOS 12\u2019ye kadar Apple\u2019\u0131n mobil i\u015fletim sisteminin t\u00fcm g\u00fcncel s\u00fcr\u00fcmlerine sald\u0131rabiliyordu. Sald\u0131rganlar, g\u00fcncellemeler kar\u015f\u0131s\u0131nda stratejilerini de\u011fi\u015ftirerek, \u00e7abalar\u0131n\u0131 tamamen yeni sistem a\u00e7\u0131klar\u0131na y\u00f6neltti.<\/p>\n

Etkilenen iPhone telefonlara ne t\u00fcr k\u00f6t\u00fc ama\u00e7l\u0131 yaz\u0131l\u0131m y\u00fcklenmi\u015f<\/h3>\n

Vir\u00fcsl\u00fc internet siteleri, ma\u011fdurlar\u0131n cihazlar\u0131na casus yaz\u0131l\u0131m y\u00fckleyebilmi\u015f, b\u00f6ylelikle s\u0131n\u0131rs\u0131z eri\u015fim ayr\u0131cal\u0131klar\u0131 elde etmi\u015f ve kullan\u0131c\u0131lar\u0131n fark etmeyece\u011fi \u015fekilde arka planda \u00e7al\u0131\u015fm\u0131\u015ft\u0131r. Bunun \u00fczerine, abart\u0131s\u0131z her dakika, cihazdan veri ay\u0131klar bir komut denetim sunucusuna g\u00f6nderirdi. Casus yaz\u0131l\u0131m, a\u011f\u0131rl\u0131kl\u0131 olarak a\u015fa\u011f\u0131dakilerle ilgilenmi\u015ftir:<\/p>\n