{"id":20207,"date":"2024-01-19T07:00:00","date_gmt":"2024-01-19T04:00:00","guid":{"rendered":"https:\/\/rockvell.com\/?p=20207"},"modified":"2024-01-19T09:35:10","modified_gmt":"2024-01-19T06:35:10","slug":"kaspersky-t%c9%99r%c9%99find%c9%99n-pegasus-casus-proqraminin-iphone-cihazlarinda-askarlanmasi","status":"publish","type":"post","link":"https:\/\/rockvell.com\/?p=20207","title":{"rendered":"\u201cKaspersky\u201d t\u0259r\u0259find\u0259n \u201cPegasus\u201d casus proqram\u0131n\u0131n iPhone cihazlar\u0131nda a\u015fkarlanmas\u0131"},"content":{"rendered":"\n

\u201cKaspersky\u201d t\u0259r\u0259find\u0259n \u201cPegasus\u201d casus proqram\u0131n\u0131n iPhone cihazlar\u0131nda a\u015fkarlanmas\u0131n\u0131n yeni \u00fcsulu haz\u0131rlan\u0131b<\/strong>.<\/p>\n\n\n\n

\u201cKaspersky\u201dnin Qlobal T\u0259hdid T\u0259dqiqat\u0131 v\u0259 T\u0259hlili M\u0259rk\u0259zinin (GReAT) m\u00fct\u0259x\u0259ssisl\u0259ri iOS cihazlar\u0131n\u0131n \u201cPegasus<\/a>\u201d, \u201cReign<\/a>\u201d v\u0259 \u201cPredator<\/a>\u201d kimi m\u00fcr\u0259kk\u0259b casus proqramlar\u0131 il\u0259 yoluxma g\u00f6st\u0259ricil\u0259rini a\u015fkar etm\u0259k \u00fc\u00e7\u00fcn yeni \u00fcsul haz\u0131rlay\u0131blar. Yeni sad\u0259 al\u0259t istifad\u0259\u00e7il\u0259rin \u00f6z iPhone cihazlar\u0131n\u0131 m\u00fcst\u0259qil \u015f\u0259kild\u0259 yoxlaya bilm\u0259l\u0259ri \u00fc\u00e7\u00fcn \u201cShutdown.log\u201dda \u0259vv\u0259ll\u0259r m\u0259lum olmayan izl\u0259ri axtarma\u011fa imkan verir.<\/p>\n\n\n

\n
\"\"<\/figure><\/div>\n\n\n

\u201cKaspersky\u201d t\u0259dqiqat\u00e7\u0131lar\u0131 ist\u0259nil\u0259n iOS mobil cihaz\u0131n\u0131n sistem diaqnostikas\u0131 arxivind\u0259 saxlan\u0131lan \u201cShutdown.log\u201d sistem jurnal\u0131nda \u201cPegasus\u201da yoluxman\u0131n yeni \u0259lam\u0259tl\u0259rini a\u015fkar edibl\u0259r. Bu arxiv cihaz\u0131n h\u0259r bir yenid\u0259n ba\u015flad\u0131lma seans\u0131 haqq\u0131nda m\u0259lumatlar\u0131 ehtiva edir. Bu o dem\u0259kdir ki, yoluxmu\u015f cihaz\u0131n sahibi m\u00fct\u0259madi olaraq onu yenid\u0259n i\u015f\u0259 sal\u0131rsa, jurnalda \u201cPegasus\u201d z\u0259r\u0259rli proqram\u0131 il\u0259 \u0259laq\u0259li anomaliyalar meydana \u00e7\u0131x\u0131r.<\/p>\n\n\n\n

A\u015fkar edilmi\u015f anomaliyalar aras\u0131nda yenid\u0259n ba\u015flatmalara mane olan \u201cPegasus\u201dla ba\u011fl\u0131 l\u0259ngimi\u015f prosesl\u0259r haqq\u0131nda qeydl\u0259r, h\u0259m\u00e7inin kibert\u0259hl\u00fck\u0259sizlik c\u0259miyy\u0259tind\u0259 ba\u015fqalar\u0131 t\u0259r\u0259find\u0259n m\u00fc\u0259yy\u0259n edilmi\u015f dig\u0259r yoluxma izl\u0259ri<\/a> var.<\/p>\n\n\n\n

\u201cT\u0259hlil al\u0259ti dem\u0259k olar ki, he\u00e7 bir resurs t\u0259l\u0259b etm\u0259d\u0259n sistem artefaktlar\u0131n\u0131 ara\u015fd\u0131rmaq v\u0259 potensial iPhone infeksiyalar\u0131n\u0131 m\u00fc\u0259yy\u0259n etm\u0259y\u0259 imkan verir. Jurnaldak\u0131 g\u00f6st\u0259ricil\u0259rin t\u0259hlili \u0259sas\u0131nda metodumuzla a\u015fkar edil\u0259n infeksiya \u2018Mobile Verification Toolkit (MVT)’d\u0259n istifad\u0259 ed\u0259r\u0259k dig\u0259r iOS artefaktlar\u0131n\u0131n emal\u0131 il\u0259 t\u0259sdiql\u0259nib. M\u00fcvafiq olaraq, bizim yana\u015fmam\u0131z iOS yoluxmalar\u0131n\u0131n \u00f6yr\u0259nilm\u0259sin\u0259 vahid yana\u015fman\u0131n bir hiss\u0259sin\u0259 \u00e7evrilir. \u00dcst\u0259lik, t\u0259hlil etdiyimiz dig\u0259r \u2018Pegasus’ infeksiyalar\u0131nda bu davran\u0131\u015f\u0131n ard\u0131c\u0131ll\u0131\u011f\u0131n\u0131 t\u0259sdiql\u0259mi\u015fik v\u0259 inan\u0131r\u0131q ki, bu, yoluxma prosesinin sonrak\u0131 t\u0259dqiqi \u00fc\u00e7\u00fcn etibarl\u0131 artefakt rolunu oynayacaq\u201d, – dey\u0259 \u201cKaspersky\u201cnin Qlobal T\u0259hdid T\u0259dqiqat\u0131 v\u0259 T\u0259hlili M\u0259rk\u0259zinin (GReAT) r\u0259hb\u0259ri \u0130qor Kuznetsov qeyd edir. <\/p>\n\n\n\n

Pegasus insidentl\u0259rind\u0259 \u201cShutdown.log\u201du t\u0259hlil etdikd\u0259n sonra \u201cKaspersky\u201d m\u00fct\u0259x\u0259ssisl\u0259ri \u201cReign\u201d v\u0259 \u201cPredator\u201d kimi dig\u0259r z\u0259r\u0259rli proqramlar\u0131n iOS yoluxmalar\u0131nda da m\u00fc\u0259yy\u0259n edilmi\u015f<\/a> b\u0259nz\u0259r standart yoluxma yollar\u0131n\u0131, y\u0259ni \u201c\/private\/var\/db\/\u201d a\u015fkar edibl\u0259r. \u015eirk\u0259t m\u00fct\u0259x\u0259ssisl\u0259ri ehtimal edir ki, h\u0259min jurnal fayl\u0131 bu z\u0259r\u0259rli proqram ail\u0259l\u0259ri il\u0259 \u0259laq\u0259li yoluxmalar\u0131 m\u00fc\u0259yy\u0259n etm\u0259y\u0259 k\u00f6m\u0259k ed\u0259c\u0259k.<\/p>\n\n\n\n

Cihazlarda casus proqram\u0131n\u0131n tap\u0131lmas\u0131n\u0131 asanla\u015fd\u0131rmaq \u00fc\u00e7\u00fcn \u201cKaspersky\u201d m\u00fct\u0259x\u0259ssisl\u0259ri \u201cShutdown.log\u201d artefaktlar\u0131n\u0131 a\u015fkar v\u0259 t\u0259hlil etm\u0259yi asanla\u015fd\u0131ran x\u00fcsusi al\u0259t (utility)<\/a> haz\u0131rlay\u0131blar.<\/p>\n\n\n\n

Pegasus kimi iOS casus proqramlar\u0131 \u00f6z m\u00fcr\u0259kk\u0259bliyi il\u0259 se\u00e7ilir. Cihazlar\u0131 bu c\u00fcr z\u0259r\u0259rli proqramlardan qorumaq \u00fc\u00e7\u00fcn \u201cKaspersky\u201d m\u00fct\u0259x\u0259ssisl\u0259ri t\u00f6vsiy\u0259 edirl\u0259r:<\/p>\n\n\n\n