{"id":2179,"date":"2025-03-06T07:41:54","date_gmt":"2025-03-06T07:41:54","guid":{"rendered":"https:\/\/dijitalturk.com\/veysel\/?p=2179"},"modified":"2025-03-06T07:41:54","modified_gmt":"2025-03-06T07:41:54","slug":"gitvenom-sahte-github-projeleri-kullanarak-456-bin-dolarlik-bitcoin-caldi","status":"publish","type":"post","link":"https:\/\/dijitalturk.com\/veysel\/gitvenom-sahte-github-projeleri-kullanarak-456-bin-dolarlik-bitcoin-caldi\/","title":{"rendered":"GitVenom Sahte GitHub Projeleri Kullanarak 456 Bin Dolarl\u0131k Bitcoin \u00c7ald\u0131"},"content":{"rendered":"<article>\n<h1>Oyun Severler ve Kripto Yat\u0131r\u0131mc\u0131lar\u0131 Dikkat! GitHub&#8217;da Kol Gezen Yeni Tehdit: GitVenom<\/h1>\n<p>Siber alemde tehlike \u00e7anlar\u0131 \u00e7al\u0131yor! G\u00fcvenlik ara\u015ft\u0131rmac\u0131lar\u0131, \u00f6zellikle oyun severleri ve kripto para yat\u0131r\u0131mc\u0131lar\u0131n\u0131 hedef alan sinsi bir sald\u0131r\u0131 dalgas\u0131na kar\u015f\u0131 uyar\u0131yor. Bu sald\u0131r\u0131, pop\u00fcler kod payla\u015f\u0131m platformu GitHub&#8217;daki a\u00e7\u0131k kaynak projeleri k\u0131l\u0131\u011f\u0131na girerek kullan\u0131c\u0131lar\u0131 tuza\u011fa d\u00fc\u015f\u00fcrmeyi ama\u00e7l\u0131yor. Kaspersky Lab uzmanlar\u0131 taraf\u0131ndan <strong>GitVenom<\/strong> olarak adland\u0131r\u0131lan bu tehlikeli kampanya hakk\u0131nda bilmeniz gereken her \u015fey bu yaz\u0131da!<\/p>\n<h2>GitVenom Nedir? Kime Y\u00f6nelik Bir Tehdit?<\/h2>\n<p>GitVenom, y\u00fczlerce sahte GitHub deposu arac\u0131l\u0131\u011f\u0131yla yay\u0131lan, karma\u015f\u0131k ve \u00e7ok a\u015famal\u0131 bir zararl\u0131 yaz\u0131l\u0131m kampanyas\u0131d\u0131r. Sald\u0131rganlar, me\u015fru ve kullan\u0131\u015fl\u0131 yaz\u0131l\u0131m ara\u00e7lar\u0131 sunarak kurbanlar\u0131n g\u00fcvenini kazanmaya \u00e7al\u0131\u015f\u0131yor. Bu ara\u00e7lar aras\u0131nda Instagram hesaplar\u0131yla etkile\u015fim i\u00e7in otomasyon ara\u00e7lar\u0131, Telegram botlar\u0131 ve hatta kripto para c\u00fczdanlar\u0131n\u0131 y\u00f6netmeye yard\u0131mc\u0131 olan uygulamalar bile bulunuyor.<\/p>\n<p>Bu kampanya \u00f6zellikle \u015fu gruplara kar\u015f\u0131 b\u00fcy\u00fck bir tehdit olu\u015fturuyor:<\/p>\n<ul>\n<li>Oyun geli\u015ftiriciler ve oyuncular<\/li>\n<li>Kripto para yat\u0131r\u0131mc\u0131lar\u0131 ve trader&#8217;lar<\/li>\n<li>A\u00e7\u0131k kaynak koduna g\u00fcvenen geli\u015ftiriciler<\/li>\n<\/ul>\n<h3>Neden \u00d6zellikle GitHub?<\/h3>\n<p>GitHub, geli\u015ftiricilerin projelerini payla\u015ft\u0131\u011f\u0131 ve i\u015fbirli\u011fi yapt\u0131\u011f\u0131 pop\u00fcler bir platformdur. Bu nedenle sald\u0131rganlar i\u00e7in ideal bir zemin olu\u015fturur. A\u00e7\u0131k kaynak projelerinin do\u011fas\u0131 gere\u011fi, kod kolayca incelenebilir ve de\u011fi\u015ftirilebilir. Sald\u0131rganlar bu durumu kendi \u00e7\u0131karlar\u0131 i\u00e7in kullanarak zararl\u0131 kodlar\u0131 me\u015fru projelerin i\u00e7ine gizleyebilirler.<\/p>\n<h2>GitVenom Nas\u0131l \u00c7al\u0131\u015f\u0131yor? Nelere Dikkat Etmeli?<\/h2>\n<p>Kurban, zararl\u0131 GitHub deposundan bir projeyi indirdi\u011finde ve \u00e7al\u0131\u015ft\u0131rd\u0131\u011f\u0131nda, farkl\u0131 t\u00fcrde zararl\u0131 yaz\u0131l\u0131mlar sisteme enjekte ediliyor. Bu yaz\u0131l\u0131mlar aras\u0131nda bilgi h\u0131rs\u0131zlar\u0131, panoya m\u00fcdahale edenler ve uzaktan eri\u015fim trojanlar\u0131 (RAT) bulunuyor.<\/p>\n<h3>Panoya M\u00fcdahale (Clipboard Hijacking): Sinsi Bir Kripto Para Tuza\u011f\u0131<\/h3>\n<p>GitVenom&#8217;un en tehlikeli \u00f6zelliklerinden biri, panoya m\u00fcdahale etme yetene\u011fi. Bu \u00f6zellik sayesinde, kurban bir kripto para c\u00fczdan adresini kopyalad\u0131\u011f\u0131nda, zararl\u0131 yaz\u0131l\u0131m bu adresi sald\u0131rgan\u0131n kontrol\u00fcndeki bir adresle de\u011fi\u015ftiriyor. B\u00f6ylece kurban, fark\u0131nda olmadan kripto paralar\u0131n\u0131 sald\u0131rgana g\u00f6nderiyor.<\/p>\n<h3>Finansal Etki: Tek Bir Kurbandan Yar\u0131m Milyon Dolardan Fazla Kay\u0131p!<\/h3>\n<p>Kaspersky&#8217;nin raporlar\u0131na g\u00f6re, bu sald\u0131r\u0131lar\u0131n finansal etkileri olduk\u00e7a b\u00fcy\u00fck. Kas\u0131m 2024&#8217;te tek bir kurban\u0131n yakla\u015f\u0131k 5 BTC (yakla\u015f\u0131k 485.000 dolar) kaybetti\u011fi bildirildi. Bu, GitVenom&#8217;un ne kadar ciddi bir tehdit olu\u015fturdu\u011funu a\u00e7\u0131k\u00e7a g\u00f6steriyor.<\/p>\n<h2>GitVenom&#8217;dan Nas\u0131l Korunabiliriz? G\u00fcvenli\u011finizi Art\u0131rman\u0131n Yollar\u0131<\/h2>\n<p>Bu t\u00fcr sald\u0131r\u0131lardan korunmak i\u00e7in alabilece\u011finiz baz\u0131 \u00f6nlemler \u015funlard\u0131r:<\/p>\n<ul>\n<li><strong>GitHub&#8217;daki depolar\u0131n me\u015fruiyetini do\u011frulay\u0131n:<\/strong> Proje sahiplerini, commit ge\u00e7mi\u015flerini ve kod kalitesini dikkatlice inceleyin. \u015e\u00fcpheli g\u00f6rd\u00fc\u011f\u00fcn\u00fcz depolardan uzak durun.<\/li>\n<li><strong>Kodlar\u0131 \u00e7al\u0131\u015ft\u0131rmadan \u00f6nce analiz edin:<\/strong> \u0130ndirdi\u011finiz kodlar\u0131 \u00e7al\u0131\u015ft\u0131rmadan \u00f6nce bir g\u00fcvenlik uzman\u0131na dan\u0131\u015f\u0131n veya g\u00fcvenilir bir antivir\u00fcs program\u0131 ile taray\u0131n.<\/li>\n<li><strong>Bilinmeyen kaynaklardan indirme yapmay\u0131n:<\/strong> Sadece g\u00fcvenilir ve bilinen kaynaklardan yaz\u0131l\u0131m indirin.<\/li>\n<li><strong>Kripto para i\u015flemlerinizi dikkatlice kontrol edin:<\/strong> C\u00fczdan adreslerini her zaman iki kez kontrol edin ve panoya kopyalad\u0131\u011f\u0131n\u0131z adreslerin do\u011frulu\u011fundan emin olun.<\/li>\n<li><strong>G\u00fcvenlik yaz\u0131l\u0131mlar\u0131n\u0131z\u0131 g\u00fcncel tutun:<\/strong> Antivir\u00fcs ve g\u00fcvenlik yaz\u0131l\u0131mlar\u0131n\u0131z\u0131n her zaman en son s\u00fcr\u00fcmlerini kullan\u0131n ve d\u00fczenli olarak tarama yap\u0131n.<\/li>\n<\/ul>\n<h2>Kaspersky: Siber G\u00fcvenlik Uzmanlar\u0131ndan Bir Uyar\u0131<\/h2>\n<p>Bu kampanyay\u0131 ortaya \u00e7\u0131karan ve GitVenom ad\u0131n\u0131 veren <a href=\"https:\/\/www.kaspersky.com.tr\/\" target=\"_blank\" rel=\"noopener noreferrer\">Kaspersky<\/a>, siber g\u00fcvenlik alan\u0131nda d\u00fcnya lideri bir \u015firkettir. Y\u0131llard\u0131r kullan\u0131c\u0131lar\u0131 siber tehditlere kar\u015f\u0131 korumak i\u00e7in \u00e7\u00f6z\u00fcmler geli\u015ftirmektedir.<\/p>\n<aside>\n<h3>Kaspersky Hakk\u0131nda<\/h3>\n<p>Kaspersky, 1997 y\u0131l\u0131nda kurulan ve merkezi Moskova&#8217;da bulunan \u00e7ok uluslu bir siber g\u00fcvenlik \u015firketidir. \u015eirket, antivir\u00fcs, g\u00fcvenlik duvar\u0131, \u015fifre y\u00f6neticisi ve di\u011fer siber g\u00fcvenlik \u00fcr\u00fcnleri sunmaktad\u0131r. Kaspersky, d\u00fcnya genelinde hem bireysel kullan\u0131c\u0131lara hem de kurumsal m\u00fc\u015fterilere hizmet vermektedir.<\/p>\n<\/aside>\n<h2>Sonu\u00e7: Tetikte Olun, Verilerinizi Koruyun!<\/h2>\n<p>GitVenom, siber sald\u0131rganlar\u0131n s\u00fcrekli olarak yeni ve karma\u015f\u0131k y\u00f6ntemler geli\u015ftirdi\u011fini g\u00f6steren bir \u00f6rnek. \u00d6zellikle kripto para yat\u0131r\u0131mc\u0131lar\u0131 ve oyun severler, bu t\u00fcr tehditlere kar\u015f\u0131 daha dikkatli olmal\u0131 ve yukar\u0131da belirtilen g\u00fcvenlik \u00f6nlemlerini alarak verilerini korumal\u0131d\u0131r. Unutmay\u0131n, siber g\u00fcvenlik sadece bir yaz\u0131l\u0131m meselesi de\u011fil, ayn\u0131 zamanda bilin\u00e7li ve dikkatli bir kullan\u0131c\u0131 olman\u0131n da bir gere\u011fidir!<\/p>\n<p><em>Kaynak: <a href=\"https:\/\/thehackernews.com\/\" target=\"_blank\" rel=\"noopener noreferrer\">The Hacker News<\/a> (Orijinal makaleye buradan ula\u015fabilirsiniz)<\/em><\/p>\n<\/article>\n<p>&nbsp;<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Oyun Severler ve Kripto Yat\u0131r\u0131mc\u0131lar\u0131 Dikkat! GitHub&#8217;da Kol Gezen Yeni Tehdit: GitVenom Siber alemde tehlike \u00e7anlar\u0131 \u00e7al\u0131yor! G\u00fcvenlik ara\u015ft\u0131rmac\u0131lar\u0131, \u00f6zellikle [&hellip;]<\/p>\n","protected":false},"author":512,"featured_media":2183,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_uag_custom_page_level_css":"","site-sidebar-layout":"default","site-content-layout":"","ast-site-content-layout":"default","site-content-style":"default","site-sidebar-style":"default","ast-global-header-display":"","ast-banner-title-visibility":"","ast-main-header-display":"","ast-hfb-above-header-display":"","ast-hfb-below-header-display":"","ast-hfb-mobile-header-display":"","site-post-title":"","ast-breadcrumbs-content":"","ast-featured-img":"","footer-sml-layout":"","ast-disable-related-posts":"","theme-transparent-header-meta":"default","adv-header-id-meta":"","stick-header-meta":"","header-above-stick-meta":"","header-main-stick-meta":"","header-below-stick-meta":"","astra-migrate-meta-layouts":"set","ast-page-background-enabled":"default","ast-page-background-meta":{"desktop":{"background-color":"var(--ast-global-color-4)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"ast-content-background-meta":{"desktop":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"footnotes":""},"categories":[36],"tags":[87,155,370],"class_list":["post-2179","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-haber","tag-guvenlik","tag-hack","tag-security"],"uagb_featured_image_src":{"full":["https:\/\/dijitalturk.com\/veysel\/wp-content\/uploads\/2025\/03\/pexels-photo-17302202-17302202-scaled.jpg",2560,1703,false],"thumbnail":["https:\/\/dijitalturk.com\/veysel\/wp-content\/uploads\/2025\/03\/pexels-photo-17302202-17302202-150x150.jpg",150,150,true],"medium":["https:\/\/dijitalturk.com\/veysel\/wp-content\/uploads\/2025\/03\/pexels-photo-17302202-17302202-286x190.jpg",286,190,true],"medium_large":["https:\/\/dijitalturk.com\/veysel\/wp-content\/uploads\/2025\/03\/pexels-photo-17302202-17302202-768x511.jpg",768,511,true],"large":["https:\/\/dijitalturk.com\/veysel\/wp-content\/uploads\/2025\/03\/pexels-photo-17302202-17302202-571x380.jpg",571,380,true],"1536x1536":["https:\/\/dijitalturk.com\/veysel\/wp-content\/uploads\/2025\/03\/pexels-photo-17302202-17302202-1536x1022.jpg",1536,1022,true],"2048x2048":["https:\/\/dijitalturk.com\/veysel\/wp-content\/uploads\/2025\/03\/pexels-photo-17302202-17302202-2048x1363.jpg",2048,1363,true]},"uagb_author_info":{"display_name":"Dragon DT","author_link":"https:\/\/dijitalturk.com\/veysel\/author\/dragon\/"},"uagb_comment_info":0,"uagb_excerpt":"Oyun Severler ve Kripto Yat\u0131r\u0131mc\u0131lar\u0131 Dikkat! GitHub&#8217;da Kol Gezen Yeni Tehdit: GitVenom Siber alemde tehlike \u00e7anlar\u0131 \u00e7al\u0131yor! G\u00fcvenlik ara\u015ft\u0131rmac\u0131lar\u0131, \u00f6zellikle [&hellip;]","_links":{"self":[{"href":"https:\/\/dijitalturk.com\/veysel\/wp-json\/wp\/v2\/posts\/2179","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/dijitalturk.com\/veysel\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/dijitalturk.com\/veysel\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/dijitalturk.com\/veysel\/wp-json\/wp\/v2\/users\/512"}],"replies":[{"embeddable":true,"href":"https:\/\/dijitalturk.com\/veysel\/wp-json\/wp\/v2\/comments?post=2179"}],"version-history":[{"count":0,"href":"https:\/\/dijitalturk.com\/veysel\/wp-json\/wp\/v2\/posts\/2179\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/dijitalturk.com\/veysel\/wp-json\/wp\/v2\/media\/2183"}],"wp:attachment":[{"href":"https:\/\/dijitalturk.com\/veysel\/wp-json\/wp\/v2\/media?parent=2179"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/dijitalturk.com\/veysel\/wp-json\/wp\/v2\/categories?post=2179"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/dijitalturk.com\/veysel\/wp-json\/wp\/v2\/tags?post=2179"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}