{"id":4928,"date":"2015-10-07T14:42:08","date_gmt":"2015-10-07T14:42:08","guid":{"rendered":"https:\/\/ihs.com.tr\/blog\/?p=4928"},"modified":"2015-10-07T14:42:08","modified_gmt":"2015-10-07T14:42:08","slug":"yeni-ios-kotu-amacli-yazilimi-yispecter-tum-iphonelari-etkiliyor","status":"publish","type":"post","link":"https:\/\/www.ihs.com.tr\/blog\/yeni-ios-kotu-amacli-yazilimi-yispecter-tum-iphonelari-etkiliyor\/","title":{"rendered":"Yeni iOS K\u00f6t\u00fc Ama\u00e7l\u0131 Yaz\u0131l\u0131m\u0131 YiSpecter T\u00fcm iPhonelar\u0131 Etkiliyor"},"content":{"rendered":"

G\u00fcvenli bir i\u015fletim sistemi oldu\u011fu d\u00fc\u015f\u00fcn\u00fclen Apple\u2019\u0131n bu konudaki itibar\u0131 son birka\u00e7 ayd\u0131r sars\u0131l\u0131yor. Jailbreak edilmi\u015f telefonlara ve iOS uygulamalar\u0131n\u0131n temelini olu\u015fturan XCode\u2019a k\u00f6t\u00fc ama\u00e7l\u0131 yaz\u0131l\u0131m bula\u015fmas\u0131na s\u0131k s\u0131k rastlan\u0131r oldu. Palo Alto Networks\u2019teki g\u00fcvenlik uzmanlar\u0131 \u015fimdi de YiSpecter<\/strong> adl\u0131 yeni bir iOS k\u00f6t\u00fc ama\u00e7l\u0131 yaz\u0131l\u0131m\u0131n\u0131n ortaya \u00e7\u0131kt\u0131\u011f\u0131n\u0131 s\u00f6yl\u00fcyor. Bu yeni k\u00f6t\u00fc niyetli iOS yaz\u0131l\u0131m\u0131 hem jailbreak edilmi\u015f hem de iOS cihazlar\u0131na bula\u015fmas\u0131 anlam\u0131nda \u00e7ok farkl\u0131. Bu da bir iPhone\u2019a sahip olan herkesin risk alt\u0131nda oldu\u011fu anlam\u0131na geliyor. Yaz\u0131l\u0131m iOS\u2019taki \u00f6zel API\u2019lar\u0131 istismar ederek cihaza bula\u015f\u0131yor.<\/span><\/p>\n

An itibar\u0131yla yaln\u0131zca \u00c7in<\/strong> ve Tayvan<\/strong>\u2019daki kullan\u0131c\u0131lar\u0131n bu yaz\u0131l\u0131ma hedef olmu\u015f durumda. Onun d\u0131\u015f\u0131nda ba\u015fka bir yerde ba\u015fka bir k\u00f6t\u00fc ama\u00e7l\u0131 yaz\u0131l\u0131m raporu mevcut de\u011fil. Yaz\u0131l\u0131m \u00fclke \u00e7ap\u0131ndaki ISP trafi\u011fini ele ge\u00e7irmek, Windows\u2019taki bir SNS wormu vas\u0131tas\u0131yla bula\u015fmak ve offline uygulama kurulumu gibi yollarla yay\u0131l\u0131yor. \u0130lgin\u00e7 olansa \u015fu ki, k\u00f6t\u00fc ama\u00e7l\u0131 yaz\u0131l\u0131m 10 ayd\u0131r dola\u015f\u0131mda ve kullan\u0131c\u0131lar bu durumu Apple\u2019a \u00e7oktan rapor etmi\u015fti.<\/span><\/p>\n

YiSpecter d\u00f6rt farkl\u0131 bile\u015fenden olu\u015fuyor. Bu bile\u015fenler \u00f6zel APIlar\u0131 istismar ederek bir komuta ve kontrol (C2) sunucusundan birbirini indirip y\u00fckl\u00fcyor. Bu k\u00f6t\u00fc ama\u00e7l\u0131 bile\u015fenlerin \u00fc\u00e7\u00fc ikonlar\u0131n\u0131 \u00e7e\u015fitli hilelerle iOS\u2019un SpringBoard\u2019undan saklamay\u0131 ba\u015far\u0131yor, b\u00f6ylece kullan\u0131c\u0131 bu bile\u015fenleri bulup silemiyor. Bile\u015fenler ayn\u0131 zamanda ayn\u0131 sistem uygulamas\u0131 ad\u0131n\u0131 ve logosunu kullanarak iOS kullan\u0131c\u0131lar\u0131n\u0131 kand\u0131r\u0131yor.<\/span><\/p>\n

\"yispecter<\/a><\/span><\/p>\n

YiSpecter bula\u015ft\u0131\u011f\u0131 iOS cihazlar\u0131na rastgele iOS uygulamalar\u0131 indirip, kurup, \u00e7al\u0131\u015ft\u0131rabiliyor, mevcut uygulamalar\u0131n yerine indirdi\u011fi uygulamalar\u0131 koyabiliyor, di\u011fer uygulamalar\u0131 ele ge\u00e7irip reklam g\u00f6sterebiliyor, Safari\u2019nin varsay\u0131lan arama motorunu, s\u0131k kullan\u0131lan sayfalar\u0131 ve daha \u00f6nceden a\u00e7\u0131lm\u0131\u015f sayfalar\u0131 de\u011fi\u015ftirebiliyor ve cihaz bilgisini C2 sunucusuna y\u00fckleyebiliyor. YiSpecterzedelerin raporlar\u0131na g\u00f6re son birka\u00e7 ayda g\u00f6r\u00fclen YiSpecter sald\u0131r\u0131lar\u0131n\u0131n hepsinde bu davran\u0131\u015flar g\u00f6r\u00fcl\u00fcyor. Bu k\u00f6t\u00fc ama\u00e7l\u0131 yaz\u0131l\u0131m\u0131n di\u011fer \u00f6zellikleri aras\u0131nda \u015funlar var:<\/span><\/p>\n

– iPhone jailbreak edilmi\u015f olsun ya da olmas\u0131n, k\u00f6t\u00fc ama\u00e7l\u0131 yaz\u0131l\u0131m kolayca indirilebiliyor ve kurulabiliyor<\/span><\/p>\n

– Yaz\u0131l\u0131m\u0131 elle silseniz bile otomatik olarak yeniden ortaya \u00e7\u0131k\u0131yor<\/span><\/p>\n

– Yaz\u0131l\u0131m\u0131n bula\u015ft\u0131\u011f\u0131 telefonlarda \u00fc\u00e7\u00fcnc\u00fc taraf ara\u00e7lar\u0131 kullanarak fazladan baz\u0131 ilgin\u00e7 \u201csistem uygulamalar\u0131\u201d bulabiliyorsunuz<\/span><\/p>\n

– Yaz\u0131l\u0131m\u0131n bula\u015ft\u0131\u011f\u0131 telefonlarda bazen kullan\u0131c\u0131 normal bir uygulamay\u0131 a\u00e7t\u0131\u011f\u0131nda kar\u015f\u0131s\u0131na tam sayfa bir reklam \u00e7\u0131k\u0131yor<\/span><\/p>\n

Palo Alto Networks YiSpecter\u2019\u0131n dola\u015f\u0131m\u0131n\u0131 engellemek i\u00e7in IPS ve DNS imzalar\u0131 yay\u0131nlad\u0131. Buradaki \u00f6nemli soru ise \u015fu: \u00c7in ve Tayvan\u2019daki kullan\u0131c\u0131lar\u0131n bu sorunu online forumlarda tart\u0131\u015f\u0131p konuyu Apple\u2019a rapor etmelerine ra\u011fmen Apple neden hala sorunu gidermedi? Apple normalde g\u00fcvenlik sorunlar\u0131n\u0131 \u00e7ok h\u0131zl\u0131 bir \u015fekilde \u00e7\u00f6zmesiyle bilinir ama bu sorun 10 ayd\u0131r devam ediyor.\u00a0 YiSpecter \u015fu ana kadar ba\u015fka bir yerde tespit edilmi\u015f de\u011fil ama yine de kullan\u0131c\u0131lar hala risk alt\u0131nda.<\/span><\/p>\n

 <\/p>\n","protected":false},"excerpt":{"rendered":"

G\u00fcvenli bir i\u015fletim sistemi oldu\u011fu d\u00fc\u015f\u00fcn\u00fclen Apple\u2019\u0131n bu konudaki itibar\u0131 son birka\u00e7 ayd\u0131r sars\u0131l\u0131yor. Jailbreak edilmi\u015f telefonlara ve iOS uygulamalar\u0131n\u0131n temelini olu\u015fturan…<\/p>\n","protected":false},"author":3,"featured_media":4931,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-4928","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-haberler"],"amp_enabled":true,"_links":{"self":[{"href":"https:\/\/www.ihs.com.tr\/blog\/wp-json\/wp\/v2\/posts\/4928","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.ihs.com.tr\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.ihs.com.tr\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.ihs.com.tr\/blog\/wp-json\/wp\/v2\/users\/3"}],"replies":[{"embeddable":true,"href":"https:\/\/www.ihs.com.tr\/blog\/wp-json\/wp\/v2\/comments?post=4928"}],"version-history":[{"count":4,"href":"https:\/\/www.ihs.com.tr\/blog\/wp-json\/wp\/v2\/posts\/4928\/revisions"}],"predecessor-version":[{"id":4934,"href":"https:\/\/www.ihs.com.tr\/blog\/wp-json\/wp\/v2\/posts\/4928\/revisions\/4934"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.ihs.com.tr\/blog\/wp-json\/wp\/v2\/media\/4931"}],"wp:attachment":[{"href":"https:\/\/www.ihs.com.tr\/blog\/wp-json\/wp\/v2\/media?parent=4928"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.ihs.com.tr\/blog\/wp-json\/wp\/v2\/categories?post=4928"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.ihs.com.tr\/blog\/wp-json\/wp\/v2\/tags?post=4928"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}