{"id":29861,"date":"2024-10-25T03:00:00","date_gmt":"2024-10-25T00:00:00","guid":{"rendered":"https:\/\/rockvell.com\/?p=29861"},"modified":"2024-10-25T16:53:31","modified_gmt":"2024-10-25T13:53:31","slug":"google-chrome-brauzerind%c9%99ki-sifir-gun-boslugundan-istifad%c9%99-edilib","status":"publish","type":"post","link":"https:\/\/rockvell.com\/?p=29861","title":{"rendered":"\u201cGoogle Chrome\u201d brauzerind\u0259ki \u201cs\u0131f\u0131r g\u00fcn\u201d bo\u015flu\u011fundan istifad\u0259 edilib"},"content":{"rendered":"\n

\u201cLazarus\u201d qrupu kriptovalyuta o\u011furlu\u011fu \u00fc\u00e7\u00fcn \u201cGoogle Chrome\u201d brauzerind\u0259ki \u201cs\u0131f\u0131r g\u00fcn\u201d bo\u015flu\u011fundan istifad\u0259 edib<\/strong><\/p>\n\n\n\n

Gizl\u0259nm\u0259k \u00fc\u00e7\u00fcn t\u0259cav\u00fczkarlar onlayn tank oyununun z\u0259r\u0259rli sayt\u0131n\u0131 yarad\u0131blar<\/em><\/p>\n\n\n

\n
\"\"<\/figure><\/div>\n\n\n

Kaspersky GReAT (Kaspersky-nin T\u0259hdidl\u0259r \u00fczr\u0259 Qlobal T\u0259dqiqat v\u0259 T\u0259hlil M\u0259rk\u0259zi) m\u00fct\u0259x\u0259ssisl\u0259ri \u201cLazarus\u201d qrupunun m\u00fcr\u0259kk\u0259b h\u00fccum kampaniyas\u0131n\u0131 a\u015fkar edibl\u0259r. Bu bar\u0259d\u0259 Balid\u0259 ke\u00e7iril\u0259n \u201cT\u0259hl\u00fck\u0259sizlik Analitikl\u0259ri Sammiti 2024\u201dd\u0259 m\u0259lumat verilib. D\u00fcnya \u00fczr\u0259 istifad\u0259\u00e7il\u0259r\u0259 h\u00fccum etm\u0259k \u00fc\u00e7\u00fcn t\u0259cav\u00fczkarlar onlayn tank oyunu \u00fc\u00e7\u00fcn z\u0259r\u0259rli veb sayt yarad\u0131b, orada kriptovalyutada m\u00fckafatlar \u0259ld\u0259 etm\u0259k imkan\u0131 t\u0259qdim edibl\u0259r. Bu vasit\u0259 il\u0259 onlar \u201cGoogle Chrome\u201d brauzerind\u0259 cihazlar\u0131 yoluxdurma\u011fa v\u0259 kripto pul kis\u0259sin\u0259 aid m\u0259lumatlar\u0131 o\u011furlama\u011fa imkan ver\u0259n \u201cs\u0131f\u0131r g\u00fcn\u201d bo\u015flu\u011fundan istifad\u0259 edibl\u0259r. Bu bo\u015fluq indi aradan qald\u0131r\u0131l\u0131b v\u0259 oyunun veb sayt\u0131 bloklan\u0131b.<\/p>\n\n\n\n

\u201cLazarus\u201dun \u0259lam\u0259tl\u0259ri hans\u0131lard\u0131r.<\/strong> 2024-c\u00fc ilin may ay\u0131nda Kaspersky m\u00fct\u0259x\u0259ssisl\u0259ri \u201cManuscrypt\u201d arxa qap\u0131s\u0131ndan istifad\u0259 ed\u0259n h\u00fccumu a\u015fkar edibl\u0259r. Bu, 2013-c\u00fc ild\u0259n b\u0259ri \u201cLazarus\u201d qrupuna xas bir vasit\u0259dir. Kaspersky GReAT-\u0131n m\u0259lumat\u0131na g\u00f6r\u0259, o, m\u00fcxt\u0259lif s\u0259nayel\u0259rd\u0259n olan t\u0259\u015fkilatlar\u0131 h\u0259d\u0259f alan 50-d\u0259n \u00e7ox unikal kampaniyada istifad\u0259 edilib. \u018flav\u0259 t\u0259hlill\u0259r g\u00f6st\u0259rib ki, bundan \u0259vv\u0259l bu kampaniya \u201cGoogle Chrome\u201d brauzerind\u0259 istifad\u0259 edilib v\u0259 onun k\u00f6m\u0259yi il\u0259 bu kampaniyalar a\u015fkar edilib. \u201cLazarus\u201d s\u0131f\u0131r g\u00fcn bo\u015flu\u011fundan istifad\u0259 ed\u0259n azsayl\u0131 kiber qruplardan biridir. Bu \u00fcsul t\u0259cav\u00fczkarlar aras\u0131nda geni\u015f yay\u0131lmay\u0131b, \u00e7\u00fcnki vaxt v\u0259 bilik daxil olmaqla, \u00e7oxlu resurs t\u0259l\u0259b edir.<\/p>\n\n\n\n

Oyun n\u0259 olub<\/strong>. Saytda istifad\u0259\u00e7il\u0259r\u0259 oyunun \u201cPlay-To-Earn\u201d (Qazanmaq \u00fc\u00e7\u00fcn oyna) modelin\u0259 \u0259saslanan s\u0131naq versiyas\u0131n\u0131 y\u00fckl\u0259m\u0259k t\u0259klif olunub. Oyunun mahiyy\u0259ti d\u00fcnya \u00fczr\u0259 r\u0259qibl\u0259rl\u0259 guya kriptovalyuta m\u00fckafatlar\u0131 qazanma\u011f\u0131n m\u00fcmk\u00fcn oldu\u011fu virtual NFT tanklarda d\u00f6y\u00fc\u015fm\u0259k olub. Kaspersky m\u00fct\u0259x\u0259ssisl\u0259ri oyunun h\u0259qiq\u0259t\u0259n i\u015f\u0259 sal\u0131na bildiyini m\u00fc\u0259yy\u0259n edibl\u0259r.<\/p>\n\n\n\n

Qurbanlar\u0131 c\u0259lb etm\u0259k v\u0259 onlar\u0131n etimad\u0131n\u0131 qazanmaq \u00fc\u00e7\u00fcn t\u0259cav\u00fczkarlar oyunu t\u0259\u015fviq etm\u0259k m\u0259qs\u0259dil\u0259 d\u00fc\u015f\u00fcn\u00fclm\u00fc\u015f bir kampaniya haz\u0131rlay\u0131blar, m\u0259s\u0259l\u0259n, beyn\u0259lxalq sosial \u015f\u0259b\u0259k\u0259l\u0259rd\u0259 hesablar yarad\u0131b v\u0259 bir ne\u00e7\u0259 ay \u0259rzind\u0259 bunu reklam edibl\u0259r. Bunu ed\u0259rk\u0259n onlar neyron \u015f\u0259b\u0259k\u0259l\u0259rd\u0259n istifad\u0259 ed\u0259r\u0259k \u00f6nc\u0259d\u0259n \u00e7\u0259kilmi\u015f \u015f\u0259kill\u0259rd\u0259n istifad\u0259 edibl\u0259r. T\u0259cav\u00fczkarlar h\u0259m\u00e7inin \u00f6z oyunlar\u0131n\u0131 reklam etm\u0259k \u00fc\u00e7\u00fcn kriptovalyuta s\u0259nayesind\u0259n influenserl\u0259ri c\u0259lb etm\u0259y\u0259 \u00e7al\u0131\u015f\u0131b v\u0259 sonra, iddialara g\u00f6r\u0259, onlar\u0131n hesablar\u0131na da h\u00fccum etm\u0259y\u0259 c\u0259hd edibl\u0259r.<\/p>\n\n\n\n

Kaspersky GReAT m\u00fct\u0259x\u0259ssisl\u0259ri t\u0259cav\u00fczkarlar t\u0259r\u0259find\u0259n yarad\u0131lm\u0131\u015f versiya \u00fc\u00e7\u00fcn prototip rolunu oynayan real oyun a\u015fkarlay\u0131blar. Dizayn dem\u0259k olar ki, tamamil\u0259 eynidir: f\u0259rql\u0259r yaln\u0131z loqonun yerl\u0259\u015fm\u0259si v\u0259 vizual dizayn\u0131n keyfiyy\u0259tinin a\u015fa\u011f\u0131 olmas\u0131d\u0131r. Bu, ehtimal ki, o\u011furlanm\u0131\u015f m\u0259nb\u0259 koduna \u0259saslan\u0131b. T\u0259cav\u00fczkarlar z\u0259r\u0259rli oyunu tan\u0131tmaq \u00fc\u00e7\u00fcn kampaniya ba\u015flatd\u0131qdan q\u0131sa m\u00fcdd\u0259t sonra prototip t\u0259rtibat\u00e7\u0131lar\u0131 onlar\u0131n pul kis\u0259sind\u0259n 20.000 dollar kriptovalyuta o\u011furland\u0131\u011f\u0131n\u0131 bildiribl\u0259r<\/a>.<\/p>\n\n\n\n

Oyun n\u0259 \u00fc\u00e7\u00fcn laz\u0131md\u0131r.<\/strong> Oyun h\u00fccum\u00e7ular \u00fc\u00e7\u00fcn sad\u0259c\u0259 bir maskalanma vasit\u0259si olub. Saytda istifad\u0259\u00e7iy\u0259 \u201cGoogle Chrome\u201d brauzeri \u00fc\u00e7\u00fcn eksployt y\u00fckl\u0259m\u0259y\u0259 v\u0259 icra etm\u0259y\u0259 imkan ver\u0259n ki\u00e7ik bir kod fraqmenti yer al\u0131b. Bunun \u00fc\u00e7\u00fcn iki bo\u015fluqdan istifad\u0259 edilib. Onlardan biri \u0259vv\u0259ll\u0259r m\u0259lum olmay\u0131b – bu, \u201cJavaScript\u201d v\u0259 \u201cWebAssembly\u201d a\u00e7\u0131q m\u0259nb\u0259 kodlar\u0131 \u0259sas\u0131nda Google-un V8 m\u00fch\u0259rrikind\u0259 istifad\u0259 edil\u0259n m\u0259lumat n\u00f6vl\u0259ri aras\u0131nda uy\u011funsuzluq x\u0259tas\u0131d\u0131r. Bu, qurban\u0131n cihaz\u0131na n\u0259zar\u0259ti \u0259ld\u0259 etm\u0259y\u0259 imkan verib: ixtiyari kodu icra etm\u0259k, t\u0259hl\u00fck\u0259sizlik funksiyalar\u0131ndan yan ke\u00e7m\u0259k v\u0259 m\u00fcxt\u0259lif z\u0259r\u0259rli f\u0259aliyy\u0259tl\u0259r h\u0259yata ke\u00e7irm\u0259k \u00fc\u00e7\u00fcn imkanlar yaran\u0131b. Cihaz\u0131 yoluxdurmaq \u00fc\u00e7\u00fcn vebsayta daxil olmaq kifay\u0259t edib, h\u0259tta oyunu ba\u015flama\u011fa bel\u0259 ehtiyac olmay\u0131b. Kaspersky bo\u015fluq bar\u0259d\u0259 Google-a m\u0259lumat verib, bundan sonra \u015firk\u0259t onu aradan qald\u0131r\u0131b. O, CVE-2024-4947 identifikatorunu \u0259ld\u0259 edib. T\u0259cav\u00fczkarlar \u201cGoogle Chrome\u201dun m\u00fchafiz\u0259sind\u0259n yan ke\u00e7m\u0259k \u00fc\u00e7\u00fcn \u201cV8 qum qutusu\u201d adlanan daha bir bo\u015fluqdan istifad\u0259 edibl\u0259r.<\/p>\n\n\n\n

\u201cBiz maliyy\u0259 qazanc\u0131 \u0259ld\u0259 etm\u0259y\u0259 y\u00f6n\u0259lmi\u015f \u00e7oxlu kampaniyalar g\u00f6rm\u00fc\u015f\u00fck, lakin bu hal unikald\u0131r. T\u0259cav\u00fczkarlar adi \u00fcsullardan k\u0259nara \u00e7\u0131x\u0131blar: onlar \u201cGoogle Chrome\u201dda \u201cs\u0131f\u0131r g\u00fcn\u201d bo\u015flu\u011fundan istifad\u0259 ed\u0259r\u0259k cihazlar\u0131 yoluxdurmaq \u00fc\u00e7\u00fcn \u00f6rt\u00fck kimi tam funksiyal\u0131 oyundan istifad\u0259 edibl\u0259r. S\u00f6hb\u0259t \u201cLazarus\u201d kimi kiberqrupun h\u00fccumundan gedirs\u0259, h\u0259tta sosial \u015f\u0259b\u0259k\u0259d\u0259 v\u0259 ya e-po\u00e7tda link\u0259 klikl\u0259m\u0259k kimi z\u0259r\u0259rsiz g\u00f6r\u00fcn\u0259n h\u0259r\u0259k\u0259tl\u0259r d\u0259 komp\u00fcterin v\u0259 ya b\u00fct\u00fcn korporativ \u015f\u0259b\u0259k\u0259nin tam kompromisin\u0259 g\u0259tirib \u00e7\u0131xara bil\u0259r. H\u00fccum ed\u0259nl\u0259r bu kampaniyan\u0131 inki\u015faf etdirm\u0259k \u00fc\u00e7\u00fcn \u00e7ox s\u0259y g\u00f6st\u0259ribl\u0259r ki, bu da onlar\u0131n planlar\u0131n\u0131n n\u0259 q\u0259d\u0259r iddial\u0131 oldu\u011funu g\u00f6st\u0259rir. Potensial olaraq, h\u00fccumlar d\u00fcnya \u00fczr\u0259 istifad\u0259\u00e7il\u0259r\u0259 v\u0259 t\u0259\u015fkilatlara t\u0259sir ed\u0259 bil\u0259r\u201d, \u2013 dey\u0259 Kaspersky GReAT-\u0131n apar\u0131c\u0131 eksperti Boris Larin bildirir.<\/p>\n\n\n\n

Yeni Lazarus kampaniyas\u0131 haqq\u0131nda daha \u0259trafl\u0131 m\u0259lumat\u0131 burada oxuya bil\u0259rsiniz:  https:\/\/securelist.ru\/lazarus-apt-steals-crypto-with-a-tank-game\/110837\/<\/a><\/p>\n\n\n\n

Kaspersky GReAT haqq\u0131nda<\/strong> Kaspersky-nin T\u0259hdidl\u0259r \u00fczr\u0259 Qlobal T\u0259dqiqat v\u0259 T\u0259hlil M\u0259rk\u0259zi GReAT 2008-ci ild\u0259 yarad\u0131l\u0131b. Onun v\u0259zif\u0259l\u0259rin\u0259 \u0259n m\u00fcr\u0259kk\u0259b h\u00fccumlar\u0131n, kibercasusluq kampaniyalar\u0131n\u0131n, yeni yoluxma \u00fcsullar\u0131n\u0131n v\u0259 \u201cs\u0131f\u0131r g\u00fcn\u201d bo\u015fluqlar\u0131ndan istifad\u0259 ed\u0259n eksploytun axtar\u0131\u015f\u0131 v\u0259 t\u0259dqiqi daxildir. Bu g\u00fcn m\u0259rk\u0259zin komandas\u0131na d\u00fcnya \u00fczr\u0259 – Avropa, Rusiya, \u015eimali v\u0259 C\u0259nubi Amerika, Asiya v\u0259 Yax\u0131n \u015e\u0259rqd\u0259 i\u015fl\u0259y\u0259n 40-dan \u00e7ox m\u00fct\u0259x\u0259ssis daxildir. Onlar kibercasusluq v\u0259 kibert\u0259xribat kampaniyalar\u0131 da daxil olmaqla \u0259n m\u00fcr\u0259kk\u0259b h\u00fccumlar\u0131n ara\u015fd\u0131r\u0131lmas\u0131nda \u00f6z t\u0259cr\u00fcb\u0259l\u0259ri il\u0259 tan\u0131n\u0131rlar.<\/p>\n","protected":false},"excerpt":{"rendered":"

\u201cLazarus\u201d qrupu kriptovalyuta o\u011furlu\u011fu \u00fc\u00e7\u00fcn \u201cGoogle Chrome\u201d brauzerind\u0259ki \u201cs\u0131f\u0131r g\u00fcn\u201d bo\u015flu\u011fundan istifad\u0259 edib Gizl\u0259nm\u0259k \u00fc\u00e7\u00fcn t\u0259cav\u00fczkarlar onlayn tank oyununun z\u0259r\u0259rli sayt\u0131n\u0131 yarad\u0131blar Kaspersky GReAT (Kaspersky-nin T\u0259hdidl\u0259r \u00fczr\u0259 Qlobal T\u0259dqiqat v\u0259 T\u0259hlil M\u0259rk\u0259zi) m\u00fct\u0259x\u0259ssisl\u0259ri \u201cLazarus\u201d qrupunun…<\/p>\n","protected":false},"author":2,"featured_media":8743,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[10],"tags":[],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/rockvell.com\/index.php?rest_route=\/wp\/v2\/posts\/29861"}],"collection":[{"href":"https:\/\/rockvell.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/rockvell.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/rockvell.com\/index.php?rest_route=\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/rockvell.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=29861"}],"version-history":[{"count":1,"href":"https:\/\/rockvell.com\/index.php?rest_route=\/wp\/v2\/posts\/29861\/revisions"}],"predecessor-version":[{"id":29862,"href":"https:\/\/rockvell.com\/index.php?rest_route=\/wp\/v2\/posts\/29861\/revisions\/29862"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/rockvell.com\/index.php?rest_route=\/wp\/v2\/media\/8743"}],"wp:attachment":[{"href":"https:\/\/rockvell.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=29861"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/rockvell.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=29861"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/rockvell.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=29861"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}