{"id":9164,"date":"2021-01-06T11:45:30","date_gmt":"2021-01-06T08:45:30","guid":{"rendered":"https:\/\/www.kaspersky.com.tr\/blog\/?p=9164"},"modified":"2021-01-06T11:45:30","modified_gmt":"2021-01-06T08:45:30","slug":"chrome-plugins-alert","status":"publish","type":"post","link":"https:\/\/www.kaspersky.com.tr\/blog\/chrome-plugins-alert\/9164\/","title":{"rendered":"Tehlikeli Chrome uzant\u0131lar\u0131"},"content":{"rendered":"<p>\u00c7\u00f6z\u00fcmlerimiz ge\u00e7ti\u011fimiz g\u00fcnlerde bir\u00e7ok Google Chrome kullan\u0131c\u0131s\u0131na birka\u00e7 saniyelik aral\u0131klarla arka arkaya tehdit uyar\u0131lar\u0131 vermeye ba\u015flad\u0131. Tehdidin kayna\u011f\u0131, Chrome\u2019un \u00fc\u00e7\u00fcnc\u00fc taraf bir siteden indirmeye \u00e7al\u0131\u015ft\u0131\u011f\u0131 Trojan.Multi.Preqw.gen olarak belirlendi. Sorunun neden kaynakland\u0131\u011f\u0131n\u0131, nas\u0131l \u00e7\u00f6z\u00fclece\u011fini ve bu konuda neler yap\u0131laca\u011f\u0131n\u0131 a\u00e7\u0131kl\u0131yoruz.<\/p>\n<h2>K\u00f6t\u00fc ama\u00e7l\u0131 uzant\u0131lar<\/h2>\n<p>Uzmanlar\u0131m\u0131z, Yandex\u2019deki meslekta\u015flar\u0131 ile i\u015fbirli\u011fi yaparak baz\u0131 hackerlar\u0131n yirmiden fazla taray\u0131c\u0131 uzant\u0131s\u0131n\u0131 istismar etti\u011fini ve Chrome\u2019u kullan\u0131c\u0131lar\u0131n bilgisayarlar\u0131nda kendi ama\u00e7lar\u0131 i\u00e7in \u00e7al\u0131\u015ft\u0131rd\u0131klar\u0131n\u0131 ke\u015ffetti. K\u00f6t\u00fc ama\u00e7l\u0131 i\u015fler yapt\u0131r\u0131lan uzant\u0131lar aras\u0131nda Frigate Light, Frigate CDN ve SaveFrom gibi olduk\u00e7a pop\u00fcler uzant\u0131lar da vard\u0131.<\/p>\n<p>Sekiz milyondan fazla kullan\u0131c\u0131n\u0131n taray\u0131c\u0131s\u0131na y\u00fcklenen bu uzant\u0131lar, arka planda uzak bir sunucuya eri\u015ferek k\u00f6t\u00fc ama\u00e7l\u0131 bir kod indirmeye \u00e7al\u0131\u015f\u0131yordu ve g\u00fcvenlik \u00e7\u00f6z\u00fcmlerimiz bu i\u015flemi tehlikeli olarak alg\u0131l\u0131yordu.<\/p>\n<h2>Sald\u0131rganlar ne yapmaya \u00e7al\u0131\u015f\u0131yordu ve kullan\u0131c\u0131lar ne t\u00fcr bir tehditle kar\u015f\u0131 kar\u015f\u0131yayd\u0131?<\/h2>\n<p>Sald\u0131rganlar, videolara trafik olu\u015fturmakla ilgileniyordu. Ba\u015fka bir deyi\u015fle uzant\u0131lar, kullan\u0131c\u0131lar\u0131n taray\u0131c\u0131lar\u0131nda belirli videolar\u0131 gizlice oynatarak video sitelerindeki g\u00f6r\u00fcnt\u00fcleme say\u0131lar\u0131n\u0131 art\u0131r\u0131yordu.<\/p>\n<p>G\u00f6r\u00fcnmez video oynat\u0131c\u0131 yaln\u0131zca kullan\u0131c\u0131 ger\u00e7ekten taray\u0131c\u0131y\u0131 kullan\u0131rken etkinle\u015ftiriliyordu, b\u00f6ylece bilgisayar\u0131n ka\u00e7\u0131n\u0131lmaz yava\u015flamas\u0131, Chrome\u2019un y\u00fck alt\u0131ndayken g\u00f6sterdi\u011fi ola\u011fan gecikmeye ba\u011flanabiliyordu.<\/p>\n<p><a href=\"https:\/\/habr.com\/en\/company\/yandex\/blog\/534586\/\" target=\"_blank\" rel=\"noopener nofollow\">Yandex\u2019teki meslekta\u015flar\u0131m\u0131za g\u00f6re<\/a>, baz\u0131 uzant\u0131lar\u0131n kullan\u0131c\u0131lar\u0131 bazen arka planda oynat\u0131lan videolar\u0131n sesini duyabiliyordu.<\/p>\n<p>K\u00f6t\u00fc ama\u00e7l\u0131 eklentiler, t\u00fcm bunlara ek olarak bir sosyal a\u011fa eri\u015fime de m\u00fcdahale ediyordu; muhtemelen daha sonra be\u011feni say\u0131s\u0131 y\u00fckseltmeyi hedefliyorlard\u0131. Ne ama\u00e7la olursa olsun, kimse sosyal medya hesab\u0131na s\u0131z\u0131lmas\u0131n\u0131 istemez.<\/p>\n<h2>Ne yap\u0131labilir?<\/h2>\n<p>G\u00fcvenlik \u00e7\u00f6z\u00fcm\u00fcn\u00fcz Google Chrome veya ba\u015fka herhangi bir <a href=\"https:\/\/tr.wikipedia.org\/wiki\/Chromium\" target=\"_blank\" rel=\"noopener nofollow\">Chromium<\/a> tabanl\u0131 taray\u0131c\u0131dan gelen tehditleri alg\u0131lamaya ba\u015flarsa yapman\u0131z gereken ilk \u015fey, k\u00f6t\u00fc ama\u00e7l\u0131 eklentileri devre d\u0131\u015f\u0131 b\u0131rakmak. Aksi takdirde g\u00fcvenlik uygulamas\u0131 bunlara tepki g\u00f6sterece\u011fi i\u00e7in arka arkaya alaca\u011f\u0131n\u0131z bildirimler \u00e7al\u0131\u015fman\u0131z\u0131 aksatabilir. Hangi eklentilerin tehlikeli oldu\u011fundan emin de\u011filseniz her birini tek tek devre d\u0131\u015f\u0131 b\u0131rakarak do\u011fru eklentiyi\/eklentileri bulmaya \u00e7al\u0131\u015f\u0131n.<\/p>\n<p>Yandex, (Chromium tabanl\u0131 olan) Yandex.Browser\u2019da baz\u0131 eklentileri otomatik olarak devre d\u0131\u015f\u0131 b\u0131rakt\u0131 ve tehdit olu\u015fturabilecek ba\u015fka eklentileri aramaya devam ediyor.<\/p>\n<p>Hen\u00fcz Kaspersky \u00fcr\u00fcnlerini kullanm\u0131yor, ancak bilgisayar\u0131n\u0131zda tehlikeli bir uygulama oldu\u011fundan \u015f\u00fcpheleniyorsan\u0131z <a href=\"https:\/\/www.kaspersky.com.tr\/advert\/security-cloud?icid=tr_kdailyplacehold_acq_ona_smm__onl_b2c_kasperskydaily_wpplaceholder____ksc___\" target=\"_blank\" rel=\"noopener\">ev kullan\u0131c\u0131lar\u0131na y\u00f6nelik \u00e7\u00f6z\u00fcmlerimizden birini<\/a> y\u00fckleyebilirsiniz. Yaln\u0131zca \u015f\u00fcphe duydu\u011funuz durumlarda de\u011fil, her hal\u00fckarda bu \u00e7\u00f6z\u00fcmleri kullanman\u0131z mant\u0131kl\u0131 olacakt\u0131r.<\/p>\n<input type=\"hidden\" class=\"category_for_banner\" value=\"ksc\">\n","protected":false},"excerpt":{"rendered":"<p>Birileri g\u00f6r\u00fcnt\u00fcleme say\u0131lar\u0131n\u0131 art\u0131rmak i\u00e7in Google Chrome uzant\u0131lar\u0131n\u0131 kullanarak kullan\u0131c\u0131lar\u0131n taray\u0131c\u0131lar\u0131nda gizlice video oynatmaya \u00e7al\u0131\u015ft\u0131.<\/p>\n","protected":false},"author":2581,"featured_media":9165,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[1287,1351],"tags":[16,1551,803,1750],"class_list":{"0":"post-9164","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-news","8":"category-threats","9":"tag-chrome","10":"tag-tarayici","11":"tag-tarayici-eklentisi","12":"tag-uzantilar"},"hreflang":[{"hreflang":"tr","url":"https:\/\/www.kaspersky.com.tr\/blog\/chrome-plugins-alert\/9164\/"},{"hreflang":"en-in","url":"https:\/\/www.kaspersky.co.in\/blog\/chrome-plugins-alert\/22355\/"},{"hreflang":"en-ae","url":"https:\/\/me-en.kaspersky.com\/blog\/chrome-plugins-alert\/17847\/"},{"hreflang":"en-us","url":"https:\/\/usa.kaspersky.com\/blog\/chrome-plugins-alert\/24029\/"},{"hreflang":"en-gb","url":"https:\/\/www.kaspersky.co.uk\/blog\/chrome-plugins-alert\/22115\/"},{"hreflang":"es-mx","url":"https:\/\/latam.kaspersky.com\/blog\/chrome-plugins-alert\/20790\/"},{"hreflang":"es","url":"https:\/\/www.kaspersky.es\/blog\/chrome-plugins-alert\/24464\/"},{"hreflang":"it","url":"https:\/\/www.kaspersky.it\/blog\/chrome-plugins-alert\/23643\/"},{"hreflang":"ru","url":"https:\/\/www.kaspersky.ru\/blog\/chrome-plugins-alert\/29889\/"},{"hreflang":"x-default","url":"https:\/\/www.kaspersky.com\/blog\/chrome-plugins-alert\/38242\/"},{"hreflang":"fr","url":"https:\/\/www.kaspersky.fr\/blog\/chrome-plugins-alert\/16182\/"},{"hreflang":"pt-br","url":"https:\/\/www.kaspersky.com.br\/blog\/chrome-plugins-alert\/16778\/"},{"hreflang":"pl","url":"https:\/\/plblog.kaspersky.com\/chrome-plugins-alert\/14330\/"},{"hreflang":"de","url":"https:\/\/www.kaspersky.de\/blog\/chrome-plugins-alert\/26002\/"},{"hreflang":"ja","url":"https:\/\/blog.kaspersky.co.jp\/chrome-plugins-alert\/29814\/"},{"hreflang":"nl","url":"https:\/\/www.kaspersky.nl\/blog\/chrome-plugins-alert\/26546\/"},{"hreflang":"ru-kz","url":"https:\/\/blog.kaspersky.kz\/chrome-plugins-alert\/23414\/"},{"hreflang":"en-au","url":"https:\/\/www.kaspersky.com.au\/blog\/chrome-plugins-alert\/28720\/"},{"hreflang":"en-za","url":"https:\/\/www.kaspersky.co.za\/blog\/chrome-plugins-alert\/28531\/"}],"acf":[],"banners":"","maintag":{"url":"https:\/\/www.kaspersky.com.tr\/blog\/tag\/tarayici-eklentisi\/","name":"taray\u0131c\u0131 eklentisi"},"_links":{"self":[{"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/posts\/9164","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/users\/2581"}],"replies":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/comments?post=9164"}],"version-history":[{"count":4,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/posts\/9164\/revisions"}],"predecessor-version":[{"id":9169,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/posts\/9164\/revisions\/9169"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/media\/9165"}],"wp:attachment":[{"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/media?parent=9164"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/categories?post=9164"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/tags?post=9164"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}