{"id":9515,"date":"2021-04-13T11:29:07","date_gmt":"2021-04-13T08:29:07","guid":{"rendered":"https:\/\/www.kaspersky.com.tr\/blog\/?p=9515"},"modified":"2021-09-17T19:54:33","modified_gmt":"2021-09-17T16:54:33","slug":"infected-apkpure","status":"publish","type":"post","link":"https:\/\/www.kaspersky.com.tr\/blog\/infected-apkpure\/9515\/","title":{"rendered":"K\u00f6t\u00fc ama\u00e7l\u0131 yaz\u0131l\u0131m bula\u015fan Android uygulama ma\u011fazas\u0131"},"content":{"rendered":"

K\u00f6t\u00fc ama\u00e7l\u0131 yaz\u0131l\u0131m y\u00fckleme olas\u0131l\u0131\u011f\u0131n\u0131z\u0131 azaltmak i\u00e7in uygulamalar\u0131 her zaman yaln\u0131zca resmi ma\u011fazalardan indirmenizi \u00f6neriyoruz<\/a>. Bunun yan\u0131nda resmi olmayan ma\u011fazalar yaln\u0131zca k\u00f6t\u00fc ama\u00e7l\u0131 uygulamalar\u0131 bar\u0131nd\u0131rmakla kalmaz, ayn\u0131 zamanda kendileri de hi\u00e7 g\u00fcvenli olmayabilir. Yak\u0131n zamanda yap\u0131lan bir incelemenin<\/a> sonucunda, Android uygulamalar\u0131 i\u00e7in pop\u00fcler bir alternatif kaynak olan APKPure\u2019a Truva At\u0131 bula\u015ft\u0131\u011f\u0131n\u0131 ve ba\u015fka Truva atlar\u0131 da\u011f\u0131tt\u0131\u011f\u0131n\u0131 bildirmekten \u00fcz\u00fcnt\u00fc duyuyoruz.<\/p>\n

APKPure ne i\u015fe yar\u0131yor?<\/h2>\n

T\u00fcm Android uygulama ma\u011fazalar\u0131n\u0131n i\u00e7inde en resmi olan\u0131 elbette Google Play. Ancak yaln\u0131zca Google Mobil Hizmetlerini (GMS) kullanan ve s\u0131k\u0131 \u015fekilde Google\u2019\u0131n altyap\u0131s\u0131na ba\u011fl\u0131 kalan cihazlarda kullan\u0131labilir. Baz\u0131 sa\u011flay\u0131c\u0131lar Google\u2019a ba\u011f\u0131ml\u0131 olmamak i\u00e7in GMS kitapl\u0131klar\u0131n\u0131 kullanmaz ve Android a\u00e7\u0131k bir i\u015fletim sistemi oldu\u011fu i\u00e7in bunu yapmalar\u0131 m\u00fcmk\u00fcnd\u00fcr.<\/p>\n

Kullan\u0131c\u0131lar a\u00e7\u0131s\u0131ndan bunun hem avantajlar\u0131 hem de dezavantajlar\u0131 var. Android kullan\u0131c\u0131lar\u0131n\u0131n normal uygulamalar\u0131 indirebildi\u011fi Google\u2019\u0131n uygulama ma\u011fazas\u0131na eri\u015fimin kaybedilmesi \u00f6nemli bir dezavantajd\u0131r.<\/p>\n

Alternatif ma\u011fazalar\u0131n devreye girdi\u011fi yer buras\u0131d\u0131r ve APKPure da bu ma\u011fazalardan biri. Di\u011fer uygulama ma\u011fazalar\u0131ndan farkl\u0131 olarak, yaln\u0131zca \u00fccretsiz veya payla\u015f\u0131lan yaz\u0131l\u0131m (shareware) \u015feklindeki uygulamalar\u0131 bar\u0131nd\u0131r\u0131yor. Ayr\u0131ca APKPure\u2019un sahipleri, ma\u011fazalar\u0131ndaki t\u00fcm uygulamalar\u0131n Google taraf\u0131ndan tarand\u0131\u011f\u0131na ve tamamen g\u00fcvenli oldu\u011funa vurgu yap\u0131yor;<\/a> uygulamalar\u0131n Google Play\u2019dekilerle tamamen ayn\u0131 oldu\u011funu s\u00f6yl\u00fcyorlar.<\/p>\n

Peki APKPure\u2019da ne oldu?<\/h2>\n

Ma\u011fazadaki uygulamalar t\u00fcm testleri ge\u00e7mi\u015f olabilir, ancak APKPure uygulamas\u0131 bu testlerden ge\u00e7memi\u015f. Bu olay, uygulama geli\u015ftiricilerinin, daha sonra k\u00f6t\u00fc niyetli oldu\u011fu ortaya \u00e7\u0131kan, do\u011frulanmam\u0131\u015f bir kayna\u011fa ait reklam SDK\u2019s\u0131<\/a> kulland\u0131\u011f\u0131 CamScanner olay\u0131n\u0131<\/a> ak\u0131llara getiriyor. APKPure\u2019a da k\u00f6t\u00fc ama\u00e7l\u0131 yaz\u0131l\u0131m bu \u015fekilde girdi.<\/p>\n

G\u00f6r\u00fcn\u00fc\u015fe g\u00f6re APKPure s\u00fcr\u00fcm 3.17.18, Kaspersky \u00e7\u00f6z\u00fcmlerinin HEUR: Trojan-Dropper.AndroidOS.Triada.ap olarak alg\u0131lad\u0131\u011f\u0131, g\u00f6m\u00fcl\u00fc bir Truva at\u0131 dropper\u2019\u0131na<\/a> (dosya y\u00fckleyici) sahip bir reklam SDK\u2019s\u0131 ile donat\u0131lm\u0131\u015ft\u0131. Uygulama ba\u015flat\u0131ld\u0131\u011f\u0131nda, y\u00fckl\u00fc olan Truva at\u0131n\u0131<\/a> a\u00e7ar ve \u00e7al\u0131\u015ft\u0131r\u0131r, ki tehlikeli olan k\u0131s\u0131m da bu. Bu bile\u015fen birka\u00e7 \u015fey yapabilir: kilit ekran\u0131nda reklam g\u00f6sterir; taray\u0131c\u0131 sekmeleri a\u00e7ar; cihaz hakk\u0131nda bilgi toplar; ve en tats\u0131z olan\u0131, di\u011fer k\u00f6t\u00fc ama\u00e7l\u0131 yaz\u0131l\u0131mlar\u0131 indirir.<\/p>\n

APKPure y\u00fckl\u00fc bir cihaz\u0131n ba\u015f\u0131na neler gelebilir?<\/h2>\n

Hangi Truva at\u0131n\u0131n indirilece\u011fi (APKPure\u2019da yerle\u015fik olan\u0131na ek olarak), cihaz\u0131n Android s\u00fcr\u00fcm\u00fcn\u00fcn yan\u0131 s\u0131ra ak\u0131ll\u0131 telefon sa\u011flay\u0131c\u0131s\u0131n\u0131n g\u00fcvenlik g\u00fcncellemelerini ne kadar d\u00fczenli yay\u0131nlad\u0131\u011f\u0131na ve kullan\u0131c\u0131n\u0131n bunlar\u0131 y\u00fckleyip y\u00fcklemedi\u011fine ba\u011fl\u0131d\u0131r.<\/p>\n

Kullan\u0131c\u0131, i\u015fletim sisteminin g\u00f6rece yeni bir s\u00fcr\u00fcm\u00fcne sahipse, yani Android 8 veya \u00fcst\u00fc, ki bu da root (k\u00f6k eri\u015fimi) izinlerini<\/a> rastgele vermez, dropper Triada Truva At\u0131 i\u00e7in ek mod\u00fcller<\/a> y\u00fckler. Bu mod\u00fcller, sayd\u0131\u011f\u0131m\u0131z di\u011fer \u015feylerin yan\u0131 s\u0131ra, \u00fccretli abonelikler sat\u0131n alabilir ve ba\u015fka k\u00f6t\u00fc ama\u00e7l\u0131 yaz\u0131l\u0131mlar\u0131 indirebilir.<\/p>\n

Cihaz daha eskiyse, Android 6 veya 7 \u00e7al\u0131\u015ft\u0131r\u0131yorsa ve g\u00fcvenlik g\u00fcncellemeleri y\u00fcklenmemi\u015fse (veya baz\u0131 durumlarda sa\u011flay\u0131c\u0131 taraf\u0131ndan bile yay\u0131nlanmam\u0131\u015fsa) ve bu nedenle hala root edilebiliyorsa, bu durumda y\u00fcklenecek k\u00f6t\u00fc ama\u00e7l\u0131 yaz\u0131l\u0131m xHelper Truva At\u0131 olabilir<\/a>. Bu canavar\u0131 yok etmek olduk\u00e7a zor; fabrika ayarlar\u0131na d\u00f6nd\u00fcrmek bile bunu ba\u015faramaz. Root eri\u015fimi ile donanm\u0131\u015f xHelper, sald\u0131rganlar\u0131n cihazda neredeyse istedikleri her \u015feyi yapmalar\u0131na izin verir.<\/p>\n

Peki art\u0131k APKPure g\u00fcvenli mi?<\/h2>\n

8 Nisan\u2019da, konu hakk\u0131nda APKPure\u2019u bilgilendirdik. 9 Nisan\u2019da, APKPure temsilcileri sorunu g\u00f6rd\u00fcklerini ve d\u00fczeltme \u00fczerinde \u00e7al\u0131\u015ft\u0131klar\u0131n\u0131 s\u00f6ylediler. Bundan k\u0131sa bir s\u00fcre sonra, APKPure web sitesinde yeni bir s\u00fcr\u00fcm (3.17.19) \u00e7\u0131kt\u0131. G\u00fcncellemede yer alan a\u00e7\u0131klamaya<\/a> g\u00f6re, \u201cAPKPure\u2019u daha g\u00fcvenli bir hale getiren potansiyel bir g\u00fcvenlik sorunu d\u00fczeltildi.\u201d<\/p>\n

Sorunun ger\u00e7ekten \u00e7\u00f6z\u00fcld\u00fc\u011f\u00fcn\u00fc do\u011frulayabiliriz: APKPure 3.17.19, k\u00f6t\u00fc ama\u00e7l\u0131 bile\u015fen i\u00e7ermiyor. G\u00fcvenle kullan\u0131labilir.<\/p>\n

Truva At\u0131na sahip APKPure\u2019a kar\u015f\u0131 kendinizi nas\u0131l korursunuz?<\/h2>\n

APKPure kullanm\u0131yorsan\u0131z endi\u015felenmenize gerek yok \u2014 bug\u00fcn\u00fcn konusu olan sorun sizi ilgilendirmiyor. Ancak gelecekte kar\u015f\u0131la\u015f\u0131labilecek benzer sorunlardan ka\u00e7\u0131nmak i\u00e7in \u015funlar yap\u0131n:<\/p>\n