{"id":5133,"date":"2015-10-21T10:43:23","date_gmt":"2015-10-21T10:43:23","guid":{"rendered":"https:\/\/ihs.com.tr\/blog\/?p=5133"},"modified":"2015-10-21T10:43:23","modified_gmt":"2015-10-21T10:43:23","slug":"binlerce-magento-sayfasi-malware-yayilimi-icin-kullanildi","status":"publish","type":"post","link":"https:\/\/www.ihs.com.tr\/blog\/binlerce-magento-sayfasi-malware-yayilimi-icin-kullanildi\/","title":{"rendered":"Binlerce Magento sayfas\u0131 malware yay\u0131l\u0131m\u0131 i\u00e7in kullan\u0131ld\u0131"},"content":{"rendered":"<p><span style=\"font-size: 14pt;\">eBay&#8217;in <strong>Magento e-ticaret platformunu<\/strong> kullanan binlerce site ge\u00e7ti\u011fimiz hafta her yere malware sa\u00e7t\u0131.\u00a0<\/span><\/p>\n<p><span style=\"font-size: 14pt;\">Uzmanlara g\u00f6re sald\u0131rganlar Magento platformundaki a\u00e7\u0131ktan faydalanarak <strong>Magento altyap\u0131s\u0131n\u0131 kullanan sitelere<\/strong> s\u0131zd\u0131 ve zararl\u0131 scriptler yard\u0131m\u0131yla \u00e7e\u015fitli iframe&#8217;ler yaratt\u0131. Google Safe Browsing&#8217;e gore <strong>8000&#8217;den fazla domain&#8217;in etkilendi\u011fi<\/strong> bu sald\u0131r\u0131da, bu iframe&#8217;ler yard\u0131m\u0131yla istenen domain&#8217;e y\u00f6nlendirme yap\u0131lmas\u0131yla kullan\u0131c\u0131lar\u0131n bilgisayarlar\u0131na s\u0131z\u0131lm\u0131\u015f oldu.<\/span><\/p>\n<p><span style=\"font-size: 14pt;\">Y\u00f6nlendirilen sayfada <strong>Flash Player a\u00e7\u0131\u011f\u0131ndan<\/strong> faydalan\u0131larak Andromeda\/Gamarue malware&#8217;i kullan\u0131ld\u0131 ve bu \u015fekilde finansal bilgiler bilgisayarlardan \u00e7al\u0131nm\u0131\u015f oldu.<\/span><\/p>\n<p><a href=\"https:\/\/www.ihs.com.tr\/blog\/wp-content\/uploads\/2015\/10\/magento-2.gif\" data-rel=\"penci-gallery-image-content\" ><img decoding=\"async\" class=\"aligncenter size-full wp-image-5138\" src=\"https:\/\/www.ihs.com.tr\/blog\/wp-content\/uploads\/2015\/10\/magento-2.gif\" alt=\"magento-2\" width=\"670\" height=\"175\" \/><\/a><\/p>\n<p><span style=\"font-size: 14pt;\">Magento altyap\u0131s\u0131na sahip sayfa sahipleri &#8220;core_config_data&#8221; tablosu i\u00e7erisindeki\u00a0design\/footer\/absolute_footer giri\u015fini kontrol ederek <strong>etkilenip etkinlenmediklerini anlayabiliyorlar<\/strong>. Ancak inject edilen script bazen farkl\u0131 davranabiliyor, bu sebeple t\u00fcm y\u00f6neticilere veritabanlar\u0131nda\u00a0\u201cguruincsite\u201d ve \u201cfunction LCWEHH(XHFER1){XHFER1=XHFER1\u201d gibi kelimeleri aratmalar\u0131 tavsiye ediliyor.<\/span><\/p>\n<p><span style=\"font-size: 14pt;\">Magento sayfalar\u0131ndaki a\u00e7\u0131\u011f\u0131n <strong>Magmi i\u00e7erisindeki<\/strong> &#8220;zero-day directory traversal flaw&#8221;dan kaynakland\u0131\u011f\u0131 payla\u015f\u0131ld\u0131.<\/span><\/p>\n<p><span style=\"font-size: 14pt;\">Ancak i\u015fin \u00fcz\u00fcc\u00fc k\u0131sm\u0131 ise Magento&#8217;nun bu gibi a\u00e7\u0131klarla ilk defa kar\u015f\u0131la\u015fm\u0131yor olmas\u0131. <strong>Ge\u00e7ti\u011fimiz Nisan ay\u0131nda<\/strong> payla\u015f\u0131lan bir a\u00e7\u0131\u011f\u0131n 24 saat i\u00e7erisinde sald\u0131r\u0131larda kullan\u0131ld\u0131\u011f\u0131 ortaya \u00e7\u0131km\u0131\u015f, yine bir \u00e7ok site sahibi bundan etkilenmi\u015fti.<\/span><\/p>\n","protected":false},"excerpt":{"rendered":"<p>eBay&#8217;in Magento e-ticaret platformunu kullanan binlerce site ge\u00e7ti\u011fimiz hafta her yere malware sa\u00e7t\u0131.\u00a0 Uzmanlara g\u00f6re sald\u0131rganlar Magento platformundaki a\u00e7\u0131ktan faydalanarak Magento altyap\u0131s\u0131n\u0131&hellip;<\/p>\n","protected":false},"author":3,"featured_media":5137,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-5133","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-haberler"],"amp_enabled":true,"_links":{"self":[{"href":"https:\/\/www.ihs.com.tr\/blog\/wp-json\/wp\/v2\/posts\/5133","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.ihs.com.tr\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.ihs.com.tr\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.ihs.com.tr\/blog\/wp-json\/wp\/v2\/users\/3"}],"replies":[{"embeddable":true,"href":"https:\/\/www.ihs.com.tr\/blog\/wp-json\/wp\/v2\/comments?post=5133"}],"version-history":[{"count":4,"href":"https:\/\/www.ihs.com.tr\/blog\/wp-json\/wp\/v2\/posts\/5133\/revisions"}],"predecessor-version":[{"id":5150,"href":"https:\/\/www.ihs.com.tr\/blog\/wp-json\/wp\/v2\/posts\/5133\/revisions\/5150"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.ihs.com.tr\/blog\/wp-json\/wp\/v2\/media\/5137"}],"wp:attachment":[{"href":"https:\/\/www.ihs.com.tr\/blog\/wp-json\/wp\/v2\/media?parent=5133"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.ihs.com.tr\/blog\/wp-json\/wp\/v2\/categories?post=5133"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.ihs.com.tr\/blog\/wp-json\/wp\/v2\/tags?post=5133"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}