Cryptolocker ma\u011fduru binlerce ki\u015fi dosyalar\u0131n\u0131 kurtard\u0131
\nESET\u2019in yay\u0131nlad\u0131\u011f\u0131 TeslaCrypt \u015fifre \u00e7\u00f6z\u00fcc\u00fc,
\nd\u00fcnya \u00e7ap\u0131nda binlerce kez bilgisayarlara indirildi<\/p>\n
Cryptolocker ma\u011fduru binlerce ki\u015fi dosyalar\u0131n\u0131 kurtard\u0131<\/p>\n
<\/p>\n
ESET, en yayg\u0131n fidye yaz\u0131l\u0131m\u0131 t\u00fcr\u00fcnden biri olan TeslaCrypt\u2019in g\u00fcncel t\u00fcrevlerine kar\u015f\u0131 k\u0131sa s\u00fcre \u00f6nce bir \u015fifre \u00e7\u00f6z\u00fcc\u00fc (Decryptor) yay\u0131nlam\u0131\u015ft\u0131. B\u00fcy\u00fck ilgi g\u00f6ren bu \u015fifre \u00e7\u00f6z\u00fcc\u00fc iki hafta i\u00e7inde t\u00fcm d\u00fcnyada 32 bin kez indirilerek \u00e7al\u0131\u015ft\u0131r\u0131ld\u0131.<\/p>\n
ESET\u2019in yay\u0131nlad\u0131\u011f\u0131 TeslaCyrpt \u015fifre \u00e7\u00f6z\u00fcc\u00fcs\u00fc \u00f6zellikle ABD, Meksika, Japonya, Almanya, \u0130talya, Fransa ve \u0130spanya\u2019daki bilgisayar kullan\u0131c\u0131lar\u0131 taraf\u0131ndan yo\u011fun olarak indirildi. \u015eifre \u00e7\u00f6z\u00fcc\u00fcy\u00fc (Decryptor) indiren binlerce ki\u015finin \u015fifrelenmi\u015f dosyalar\u0131 yeniden kullan\u0131labilir hale geldi.<\/p>\n
Ancak TeslaCyrpt yaz\u0131l\u0131m\u0131n\u0131n sahay\u0131 terk etmesine ra\u011fmen, k\u00f6t\u00fc ama\u00e7l\u0131 \u015fifre-fidye yaz\u0131l\u0131mlar\u0131 (Cryptolocker) hala siber su\u00e7lar s\u0131ralamas\u0131nda pop\u00fcler yerini koruyor. Sistemleri \u00e7ok yo\u011fun \u015fekilde tehdit eden ve \u201cJS\/TrojanDownloader.Nemucod\u201c ile \u201cJS\/Danger.ScriptAttachment\u201c olarak etiketlenen zararl\u0131 yaz\u0131l\u0131mlar, etkilerini t\u00fcm d\u00fcnyadaki dijital sistemlere bula\u015ft\u0131rmak i\u00e7in s\u00fcrd\u00fcr\u00fcyorlar.<\/p>\n
Siber sald\u0131rganlar, s\u00f6z konusu yaz\u0131l\u0131mlar\u0131 kurbanlar\u0131n\u0131n bilgisayarlar\u0131na indirtebilmek i\u00e7in, bunlar\u0131 s\u00fcrekli kullan\u0131c\u0131lar\u0131n e-postalar\u0131na g\u00f6nderiyor ve zarars\u0131z yasal uygulamalar gibi g\u00f6r\u00fcnmesini sa\u011fl\u0131yor.<\/p>\n
Yeni \u015fifre yaz\u0131l\u0131mlar\u0131 t\u00fcremeye devam ediyor
\nESET\u2019in erken uyar\u0131 sistemi LiveGrid\u00ae istatistiklerine g\u00f6re, \u015fifre yaz\u0131l\u0131mlar\u0131 aras\u0131nda yayg\u0131nl\u0131k seviyesi art\u0131\u015f g\u00f6steren yeni bir oyuncu var. Ad\u0131 da \u201cWin32\/Filecoder.Crysis.\u201c<\/p>\n
Crysis, t\u0131pk\u0131 di\u011fer Cryptolocker tarz\u0131 yaz\u0131l\u0131mlar gibi yine kullan\u0131c\u0131lar\u0131n e-posta kutular\u0131na yasal gibi g\u00f6r\u00fcnen yaz\u0131lar ve ekli dosyalar halinde geliyor. Ancak di\u011fer \u015fifreleme yaz\u0131l\u0131mlar\u0131na g\u00f6re daha \u0131srarc\u0131 olarak tan\u0131mlanabilecek \u015fekilde davranan Crysis, sistemin y\u00f6netimini ele ge\u00e7iriyor. Y\u00f6netime eri\u015ftikten sonra, art\u0131k kullan\u0131lmayan dosya eklentileri dahil her\u015feyi \u015fifreleyerek, geriye sadece y\u00f6netim sistemini ve ula\u015f\u0131lamayan k\u00f6t\u00fc ama\u00e7l\u0131 yaz\u0131l\u0131m\u0131 b\u0131rak\u0131yor.<\/p>\n
\u015eifreleme bittikten sonra, masa\u00fcst\u00fcnde ya \u201cHow to decrypt your files.txt\u201c adl\u0131 bir dosya olu\u015fturuyor ya da \u201cDECRYPT.jpg\u201c ba\u015fl\u0131\u011f\u0131yla bir resim yerle\u015ftiriliyor. Bunlar\u0131n \u00fczerinde de ka\u00e7 para istenildi\u011fine dair fidye mesaj\u0131 yer al\u0131yor. Genellikle 400 ila 900 Euro para talep ediliyor.<\/p>\n
Sald\u0131r\u0131ya u\u011framadan dosyalar\u0131n\u0131z\u0131 yedekleyin!
\nBu tarz sald\u0131r\u0131lar\u0131n kurban\u0131 olmamak i\u00e7in bilgisayar, tablet ve cep telefonu kullan\u0131c\u0131lar\u0131; i\u015fletim sistem ve uygulamalar\u0131n\u0131 s\u00fcrekli olarak g\u00fcncel tutmal\u0131, \u00e7oklu koruma katmanlar\u0131na sahip g\u00fcvenlik \u00e7\u00f6z\u00fcmleri kullanmal\u0131 ve d\u00fczenli olarak \u00f6nemli verilerini \u00e7evrimd\u0131\u015f\u0131 (offline), \u00f6rne\u011fin harici bir sabit diske yedeklemeli. Ayr\u0131ca e-posta ile gelen veya web taray\u0131c\u0131da g\u00f6r\u00fclen linklere veya dosyalara t\u0131klarken dikkatli olunmal\u0131.<\/p>\n
ESET TeslaCrypt \u015eifre \u00c7\u00f6z\u00fcc\u00fc ile ilgili geli\u015fmeler ve Crysis yaz\u0131l\u0131m\u0131 konusuyla ilgili daha detayl\u0131 bilgi i\u00e7in \u015fu linki takip edebilirsiniz:
\nhttp:\/\/www.welivesecurity.com\/2016\/06\/07\/beyond-teslacrypt-crysis-family-lays-claim-parts-territory\/<\/p>\n
ESET TeslaCrypt \u015eifre \u00c7\u00f6z\u00fcc\u00fc\u2019ye ula\u015fmak i\u00e7in:
\nE\u011fer bilgisayar sisteminizdeki dosyalar\u0131n\u0131z k\u00f6t\u00fc \u00fcne sahip TeslaCrypt fidye yaz\u0131l\u0131m\u0131n\u0131n yeni t\u00fcrevleri (V3 veya V4) taraf\u0131ndan \u015fifrelendiyse ve \u015fifrelenmi\u015f dosyalar\u0131n\u0131z .xxx, .ttt, .micro, .mp3 gibi uzant\u0131lar ald\u0131ysa ESET\u2019in yaz\u0131l\u0131m\u0131 size yard\u0131mc\u0131 olabilir.<\/p>\n
Bu zararl\u0131 yaz\u0131l\u0131m ve t\u00fcrevleri taraf\u0131ndan \u015fifrelenmi\u015f t\u00fcm dosyalar\u0131 \u00e7\u00f6zebilen \u00fccretsiz \u015fifre \u00e7\u00f6zme arac\u0131na \u015fu linkten ula\u015fabilirsiniz:
\nhttp:\/\/download.eset.com\/special\/ESETTeslaCryptDecryptor.exe<\/p>\n
Bu arac\u0131 nas\u0131l kullanaca\u011f\u0131n\u0131z\u0131 \u00f6\u011frenmek i\u00e7in ESET\u2019in bu konudaki destek sayfas\u0131n\u0131 ziyaret edebilirsiniz. http:\/\/support.eset.com\/kb6051\/<\/p>\n
Ayr\u0131ca ESET T\u00fcrkiye 7\/24 Destek hatt\u0131 numaras\u0131 0850 221 3738\u2019i arayabilir veya destek@eset.com.tr adresine mesaj atabilirsiniz.<\/p>\n","protected":false},"excerpt":{"rendered":"
Cryptolocker ma\u011fduru binlerce ki\u015fi dosyalar\u0131n\u0131 kurtard\u0131 ESET\u2019in yay\u0131nlad\u0131\u011f\u0131 TeslaCrypt \u015fifre \u00e7\u00f6z\u00fcc\u00fc, d\u00fcnya \u00e7ap\u0131nda binlerce kez bilgisayarlara indirildi Cryptolocker ma\u011fduru binlerce ki\u015fi dosyalar\u0131n\u0131 kurtard\u0131<\/p>\n","protected":false},"author":2,"featured_media":884,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[1],"tags":[],"_links":{"self":[{"href":"https:\/\/burakcaliskan.org\/blog\/wp-json\/wp\/v2\/posts\/858"}],"collection":[{"href":"https:\/\/burakcaliskan.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/burakcaliskan.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/burakcaliskan.org\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/burakcaliskan.org\/blog\/wp-json\/wp\/v2\/comments?post=858"}],"version-history":[{"count":2,"href":"https:\/\/burakcaliskan.org\/blog\/wp-json\/wp\/v2\/posts\/858\/revisions"}],"predecessor-version":[{"id":865,"href":"https:\/\/burakcaliskan.org\/blog\/wp-json\/wp\/v2\/posts\/858\/revisions\/865"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/burakcaliskan.org\/blog\/wp-json\/wp\/v2\/media\/884"}],"wp:attachment":[{"href":"https:\/\/burakcaliskan.org\/blog\/wp-json\/wp\/v2\/media?parent=858"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/burakcaliskan.org\/blog\/wp-json\/wp\/v2\/categories?post=858"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/burakcaliskan.org\/blog\/wp-json\/wp\/v2\/tags?post=858"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}