{"id":12239,"date":"2023-06-08T11:00:00","date_gmt":"2023-06-08T08:00:00","guid":{"rendered":"https:\/\/rockvell.com\/?p=12239"},"modified":"2023-06-08T14:33:43","modified_gmt":"2023-06-08T11:33:43","slug":"kaspersky-ios-cihazlarina-h%c9%99d%c9%99fli-hucumlarla-bagli-m%c9%99lumat-verir","status":"publish","type":"post","link":"https:\/\/rockvell.com\/?p=12239","title":{"rendered":"Kaspersky iOS cihazlar\u0131na h\u0259d\u0259fli h\u00fccumlarla ba\u011fl\u0131 m\u0259lumat verir"},"content":{"rendered":"\n

Kaspersky iOS cihazlar\u0131na h\u0259d\u0259fli h\u00fccumlarla ba\u011fl\u0131 m\u0259lumat verir<\/strong><\/p>\n\n\n\n

Kaspersky t\u0259dqiqat\u00e7\u0131lar\u0131 iOS cihazlar\u0131na h\u00fccum ed\u0259n, \u0259vv\u0259ll\u0259r m\u0259lum olmayan z\u0259r\u0259rli proqram a\u015fkar edibl\u0259r. Bunlar \u201cTriangulyasiya\u201d \u0259m\u0259liyyat\u0131 (Operation Triangulation) adland\u0131r\u0131lan APT kampaniyas\u0131 \u00e7\u0259r\u00e7iv\u0259sind\u0259 h\u0259yata ke\u00e7iril\u0259n h\u0259d\u0259fli h\u00fccumlard\u0131r. Z\u0259r\u0259rli proqram gizli yolla iMessage mesaj\u0131nda g\u00f6nd\u0259ril\u0259n eksploytdan istifad\u0259 ed\u0259r\u0259k qurbanlar\u0131n cihazlar\u0131na s\u0131z\u0131r, bundan sonra i\u015f\u0259 sal\u0131n\u0131r, n\u0259tic\u0259d\u0259 cihaz v\u0259 istifad\u0259\u00e7i m\u0259lumatlar\u0131na tam n\u0259zar\u0259ti \u0259l\u0259 ke\u00e7irir. T\u0259cav\u00fczkarlar\u0131n bu h\u00fccumu t\u0259\u015fkil etm\u0259kd\u0259 \u0259sas m\u0259qs\u0259di casusluqdur.<\/p>\n\n\n

\n
\"\"<\/figure><\/div>\n\n\n

H\u00fccum Kaspersky m\u00fct\u0259x\u0259ssisl\u0259ri t\u0259r\u0259find\u0259n Kaspersky Unified Monitoring and Analysis Platform (KUMA)-n\u0131n SIEM sistemi say\u0259sind\u0259 \u015f\u0259xsi korporativ Wi-Fi \u015f\u0259b\u0259k\u0259sind\u0259n \u0259ld\u0259 olunan \u015f\u0259b\u0259k\u0259 trafikinin t\u0259hlili zaman\u0131 a\u015fkar edilib. Sonrak\u0131 ara\u015fd\u0131rmalar g\u00f6st\u0259rib ki, t\u0259cav\u00fczkarlar onlarla Kaspersky \u0259m\u0259kda\u015f\u0131n\u0131n h\u0259min \u015f\u0259b\u0259k\u0259y\u0259 qo\u015fulmu\u015f iOS cihazlar\u0131na h\u00fccum edibl\u0259r. Hadis\u0259nin ara\u015fd\u0131r\u0131lmas\u0131 n\u0259tic\u0259sind\u0259 m\u0259lum olub ki, \u015firk\u0259t i\u015f\u00e7il\u0259rinin m\u0259lumatlar\u0131, el\u0259c\u0259 d\u0259 m\u0259hsullar v\u0259 ya h\u0259r hans\u0131 kritik prosesl\u0259r h\u0259r hans\u0131 t\u0259sir\u0259 m\u0259ruz qalmay\u0131b. Hadis\u0259 il\u0259 ba\u011fl\u0131 istintaq davam edir.<\/p>\n\n\n\n

Yoluxdurma \u00fcsulu<\/strong>. Kaspersky m\u00fct\u0259x\u0259ssisl\u0259ri m\u00fc\u0259yy\u0259n edibl\u0259r ki, qurban s\u0131f\u0131r klik (zero-click) eksploytunu ehtiva ed\u0259n \u0259lav\u0259 il\u0259 gizli iMessage mesaj\u0131 al\u0131b. Bu o dem\u0259kdir ki, t\u0259cav\u00fczkarlar z\u0259r\u0259rli proqram\u0131 qura\u015fd\u0131rmaq \u00fc\u00e7\u00fcn istifad\u0259\u00e7id\u0259n he\u00e7 bir t\u0259dbir g\u00f6rm\u0259yi t\u0259l\u0259b etm\u0259yibl\u0259r. Mesajda imtiyazlar\u0131 y\u00fcks\u0259ltm\u0259k \u00fc\u00e7\u00fcn z\u0259r\u0259rli kodun icras\u0131na imkan ver\u0259n eksploytdan istifad\u0259 ed\u0259n istismar olub. Bel\u0259likl\u0259, t\u0259cav\u00fczkarlar yoluxmu\u015f cihaz \u00fcz\u0259rind\u0259 tam n\u0259zar\u0259t v\u0259 b\u00fct\u00fcn m\u0259lumatlara \u00e7\u0131x\u0131\u015f \u0259ld\u0259 etm\u0259y\u0259 nail olublar. Bundan sonra yoluxmaya s\u0259b\u0259b olan iMessage mesaj\u0131 avtomatik olaraq silinib.<\/p>\n\n\n\n

H<\/strong>\u0259<\/strong>d<\/strong>\u0259<\/strong>f<\/strong>.<\/strong> Qura\u015fd\u0131r\u0131lm\u0131\u015f casus proqram m\u0259lumat\u0131 qurban\u0131n cihaz\u0131ndan uzaq serverl\u0259r\u0259 s\u0259ssiz \u015f\u0259kild\u0259 \u00f6t\u00fcrm\u0259y\u0259 nail olub. T\u0259cav\u00fczkarlar\u0131 qurban\u0131n s\u0259syazmalar\u0131, messencerl\u0259rd\u0259ki fotolar\u0131, geolokasiya m\u0259lumatlar\u0131 v\u0259 cihaz sahibinin dig\u0259r f\u0259aliyy\u0259tl\u0259ri maraqland\u0131r\u0131b. H\u0259l\u0259 t\u0259dqiq edilm\u0259li \u00e7ox \u015fey var, lakin \u00e7ox g\u00fcman ki, h\u00fccum t\u0259kc\u0259 Kaspersky i\u015f\u00e7il\u0259rin\u0259 qar\u015f\u0131 y\u00f6n\u0259lm\u0259yib.<\/p>\n\n\n\n

\u201cT\u0259\u0259ss\u00fcf ki, h\u0259tta \u0259n t\u0259hl\u00fck\u0259siz \u0259m\u0259liyyat sisteml\u0259ri d\u0259 t\u0259hl\u00fck\u0259 alt\u0131na d\u00fc\u015f\u0259 bil\u0259r. T\u0259cav\u00fczkarlar daima h\u00fccum \u00fcsullar\u0131n\u0131 t\u0259kmill\u0259\u015fdirdikc\u0259 v\u0259 yeni z\u0259iflikl\u0259r axtard\u0131qca, \u015firk\u0259tl\u0259r \u00f6z sisteml\u0259rinin t\u0259hl\u00fck\u0259sizliyini \u0259n \u00f6n plana qoymal\u0131d\u0131rlar. Buraya i\u015f\u00e7il\u0259rin t\u0259limi v\u0259 \u015firk\u0259t m\u00fct\u0259x\u0259ssisl\u0259rin\u0259 potensial t\u0259hl\u00fck\u0259l\u0259r\u0259 effektiv \u015f\u0259kild\u0259 qar\u015f\u0131 \u00e7\u0131xmaq \u00fc\u00e7\u00fcn t\u0259cav\u00fczkarlar\u0131n metodlar\u0131 v\u0259 al\u0259tl\u0259ri haqq\u0131nda m\u00fcasir m\u0259lumatlar\u0131n verilm\u0259si daxildir. \u201cTrianqulyasiya\u201d \u0259m\u0259liyyat\u0131 il\u0259 ba\u011fl\u0131 ara\u015fd\u0131rmam\u0131z davam edir v\u0259 biz tezlikl\u0259 daha \u00e7ox t\u0259f\u0259rr\u00fcat payla\u015fa bil\u0259c\u0259yimizi g\u00f6zl\u0259yirik, \u00e7\u00fcnki bu casus kampaniyas\u0131 t\u0259kc\u0259 Kaspersky \u0259m\u0259kda\u015flar\u0131n\u0131 h\u0259d\u0259f alm\u0131r\u201d, \u2013 dey\u0259 Kaspersky-nin Rusiya Ara\u015fd\u0131rmlar M\u0259rk\u0259zinin r\u0259hb\u0259ri \u0130qor Kuznetsov qeyd edir.<\/p>\n\n\n\n

 \u201cTrianqulyasiya\u201d \u0259m\u0259liyyat\u0131 v\u0259 iOS cihaz\u0131n\u0131n yoluxub-yoluxmad\u0131\u011f\u0131n\u0131 nec\u0259 yoxlamaq haqq\u0131nda \u0259trafl\u0131 m\u0259lumat\u0131 burada g\u00f6r\u0259 bil\u0259rsiniz: https:\/\/securelist.ru\/operation-triangulation\/107470\/<\/a><\/p>\n\n\n\n

H\u0259d\u0259fli h\u00fccumun qurban\u0131 olmamaq \u00fc\u00e7\u00fcn Kaspersky t\u0259dqiqat\u00e7\u0131lar\u0131 t\u00f6vsiy\u0259 edirl\u0259r:<\/p>\n\n\n\n