{"id":76117,"date":"2025-05-22T17:37:49","date_gmt":"2025-05-22T14:37:49","guid":{"rendered":"https:\/\/www.indir.com\/haber\/?p=76117"},"modified":"2025-05-22T17:37:51","modified_gmt":"2025-05-22T14:37:51","slug":"microsofttan-darbe-lumma-stealeri-hedef-aldi","status":"publish","type":"post","link":"https:\/\/www.indir.com\/haber\/microsofttan-darbe-lumma-stealeri-hedef-aldi\/","title":{"rendered":"Microsoft’tan Darbe: Lumma Stealer\u2019\u0131 Hedef Ald\u0131"},"content":{"rendered":"\n

Microsoft (Dijital Su\u00e7larla M\u00fccadele Birimi – DCU), DOJ, Europol ve ABD Adalet Bakanl\u0131\u011f\u0131 i\u015f birli\u011fi sa\u011flayarak k\u00f6t\u00fc ama\u00e7l\u0131 yaz\u0131l\u0131m hizmeti (MaaS) platformu olan Lumma Stealer a\u011f\u0131n\u0131 sekteye u\u011fratt\u0131. 13 May\u0131s Sal\u0131 g\u00fcn\u00fc, Microsoft\u2019un DCU birimi, y\u00fczlerce siber tehdit akt\u00f6r\u00fc taraf\u0131ndan tercih edilen bilgi \u00e7alma k\u00f6t\u00fc ama\u00e7l\u0131 yaz\u0131l\u0131m\u0131 Lumma Stealer (\u201cLumma\u201d) hakk\u0131nda yasal i\u015flem ba\u015flatt\u0131.<\/p>\n\n\n\n

Microsoft taraf\u0131ndan yap\u0131lan bir a\u00e7\u0131klamaya g\u00f6re son bir y\u0131l i\u00e7inde 394.000\u2019den fazla cihaza bula\u015ft\u0131.  Bu k\u00f6t\u00fc ama\u00e7l\u0131 yaz\u0131l\u0131m, siber su\u00e7lular\u0131n oturum a\u00e7ma bilgileri ve kripto para c\u00fczdanlar\u0131 da dahil olmak \u00fczere hassas finansal verileri \u00e7almak i\u00e7in tercih etti\u011fi ara\u00e7lardan biriydi. Okullara, hastanelere ve altyap\u0131 sa\u011flay\u0131c\u0131lar\u0131na kar\u015f\u0131 yap\u0131lan \u015fantaj kampanyalar\u0131nda da kullan\u0131ld\u0131. DOJ\u2019un internet sitesine g\u00f6re, \u201cFBI, LummaC2\u2019nin bu t\u00fcr bilgileri \u00e7almak i\u00e7in kullan\u0131ld\u0131\u011f\u0131 en az 1,7 milyon vaka tespit etti.\u201d<\/p>\n\n\n\n

ABD Georgia Kuzey B\u00f6lge Mahkemesi\u2019nden al\u0131nan bir mahkeme karar\u0131yla Microsoft, Lumma\u2019n\u0131n altyap\u0131s\u0131yla ili\u015fkili yakla\u015f\u0131k 2.300 k\u00f6t\u00fc ama\u00e7l\u0131 alan ad\u0131n\u0131 devre d\u0131\u015f\u0131 b\u0131rakt\u0131. <\/p>\n\n\n\n

\"Lumma
Lumma Stealer Yaz\u0131l\u0131m\u0131 Nedir?\u00a0<\/figcaption><\/figure>\n\n\n\n

Lumma Stealer Yaz\u0131l\u0131m\u0131 Nedir? <\/h2>\n\n\n\n

Lumma; \u015fifreleri, kredi kartlar\u0131n\u0131, banka hesaplar\u0131n\u0131 ve kripto para c\u00fczdanlar\u0131n\u0131 \u00e7al\u0131yor ve su\u00e7lular\u0131n okullar\u0131 fidye i\u00e7in hedef almas\u0131na, banka hesaplar\u0131n\u0131 bo\u015faltmas\u0131na ve kritik hizmetleri aksatmas\u0131na olanak tan\u0131yor.<\/p>\n\n\n\n

Kullan\u0131m\u0131 kolay bir \u015fekilde tasarlanan bu yaz\u0131l\u0131m, \u00e7o\u011funlukla antivir\u00fcs yaz\u0131l\u0131mlar\u0131n\u0131 atlat\u0131lmas\u0131n\u0131 sa\u011flayan gizleme (obfuscation) ara\u00e7lar\u0131yla birlikte sunuluyor. Yay\u0131lma y\u00f6ntemleri aras\u0131nda hedefli oltalama (spear-phishing) e-postalar\u0131, sahte markal\u0131 web siteleri ve \u201cmalvertising\u201d olarak bilinen zararl\u0131 reklamlar yer al\u0131yor.<\/p>\n\n\n\n

Siber g\u00fcvenlik ara\u015ft\u0131rmac\u0131lar\u0131na g\u00f6re Lumma, su\u00e7lular\u0131n sald\u0131r\u0131lar\u0131 \u00e7ok h\u0131zl\u0131 bir \u015fekilde \u00f6l\u00e7eklendirmesine imk\u00e2n tan\u0131d\u0131\u011f\u0131 i\u00e7in \u00f6zellikle tehlikeli. Yaz\u0131l\u0131m\u0131 sat\u0131n alan ki\u015filer, y\u00fckleri \u00f6zelle\u015ftirebiliyor, \u00e7al\u0131nan verileri takip edebiliyor ve hatta kendilerine \u00f6zel bir kullan\u0131c\u0131 paneli \u00fczerinden \u201cm\u00fc\u015fteri hizmetleri\u201d deste\u011fi bile alabiliyor. Microsoft Threat Intelligence, Lumma\u2019n\u0131n k\u00f6t\u00fc \u015f\u00f6hretli Octo Tempest \u00e7etesi (di\u011fer ad\u0131yla \u201cScattered Spider\u201d) ile ba\u011flant\u0131l\u0131 oldu\u011funu daha \u00f6nce kamuoyuyla payla\u015fm\u0131\u015ft\u0131. Y\u0131l\u0131n ba\u015f\u0131nda d\u00fczenlenen bir oltalama sald\u0131r\u0131s\u0131nda, siber su\u00e7lular Booking.com\u2019u taklit ederek Lumma arac\u0131l\u0131\u011f\u0131yla kurbanlar\u0131n finansal bilgilerini ele ge\u00e7irmeyi ba\u015fard\u0131.<\/p>\n\n\n\n

Lumme Stealer Kim Taraf\u0131ndan Y\u00f6netiliyor ?<\/h2>\n\n\n\n

Lumma (LummaC2 olarak da bilinir), en az 2022 y\u0131l\u0131ndan bu yana aktif olan, bilgi h\u0131rs\u0131zl\u0131\u011f\u0131na odakl\u0131 bir k\u00f6t\u00fc ama\u00e7l\u0131 yaz\u0131l\u0131m olarak dikkat \u00e7ekiyor. Yaz\u0131l\u0131m, genellikle Telegram gruplar\u0131 ve kapal\u0131 forumlar \u00fczerinden sat\u0131\u015fa sunuluyor.<\/p>\n\n\n\n

Lumma’n\u0131n ba\u015fl\u0131ca geli\u015ftiricisi Rusya’da bulunmakta olup internet takma ad\u0131 \u201cShamel\u201d olarak biliniyor. Shamel, Lumma i\u00e7in farkl\u0131 hizmet seviyelerini Telegram ve di\u011fer Rus\u00e7a sohbet forumlar\u0131 \u00fczerinden pazarl\u0131yor. <\/p>\n\n\n\n

Kas\u0131m 2023\u2019te siber g\u00fcvenlik ara\u015ft\u0131rmac\u0131s\u0131 \u201cg0njxa\u201d ile yap\u0131lan bir r\u00f6portajda, Shamel \u201cyakla\u015f\u0131k 400 aktif m\u00fc\u015fterim var\u201d dedi. Siber su\u00e7un kurumsal i\u015f uygulamalar\u0131n\u0131 benimsemesinin bir g\u00f6stergesi olarak, Lumma markas\u0131n\u0131 etkili bir \u015fekilde olu\u015fturdu; \u00fcr\u00fcn\u00fcn\u00fc pazarlamak i\u00e7in \u00f6zg\u00fcn bir ku\u015f logosu kulland\u0131 ve bunu \u201cbar\u0131\u015f, hafiflik ve huzurun\u201d sembol\u00fc olarak tan\u0131mlad\u0131, ayr\u0131ca \u201cbizimle para kazanmak da ayn\u0131 derecede kolay\u201d slogan\u0131n\u0131 ekledi.<\/p>\n\n\n\n

\"Operasyon
Operasyon Sonucu Ne Oldu Yaz\u0131l\u0131m Ortadan Kald\u0131r\u0131ld\u0131 M\u0131?<\/figcaption><\/figure>\n\n\n\n

Operasyon Sonucu Ne Oldu Yaz\u0131l\u0131m Ortadan Kald\u0131r\u0131ld\u0131 M\u0131?<\/h2>\n\n\n\n

Bu operasyon \u00f6nemli bir darbe olsa da, uzmanlar Lumma gibi ara\u00e7lar\u0131n nadiren tamamen yok edildi\u011fini belirtiyor. <\/strong>Yine de Microsoft ve Adalet Bakanl\u0131\u011f\u0131, bu t\u00fcr m\u00fcdahalelerin su\u00e7 \u015febekelerini ciddi \u015fekilde sekteye u\u011fratt\u0131\u011f\u0131n\u0131 ve altyap\u0131 ile gelir kaynaklar\u0131n\u0131 keserek faaliyetlerini zorla\u015ft\u0131rd\u0131\u011f\u0131n\u0131 vurguluyor. <\/p>\n\n\n\n

Bu durum, siber su\u00e7larla m\u00fccadelede uluslararas\u0131 i\u015f birli\u011finin ne kadar hayati oldu\u011funu bir kez daha g\u00f6zler \u00f6n\u00fcne seriyor. Adalet Bakanl\u0131\u011f\u0131 yetkilileri, kamu-\u00f6zel sekt\u00f6r ortakl\u0131klar\u0131n\u0131n \u00f6nemine dikkat \u00e7ekerken, FBI yetkilileri de mahkeme onayl\u0131 m\u00fcdahalelerin h\u00fck\u00fcmetin siber g\u00fcvenlik stratejisinde kritik bir ara\u00e7 olmaya devam etti\u011fini belirtti.<\/p>\n\n\n\n

Microsoft\u2019un Dijital Su\u00e7larla M\u00fccadele Birimi\u2019nin s\u00fcrd\u00fcrd\u00fc\u011f\u00fc \u00e7al\u0131\u015fmalar, Lumma\u2019ya kar\u015f\u0131 y\u00fcr\u00fct\u00fclen operasyonla birlikte, kamu ve \u00f6zel sekt\u00f6r\u00fcn i\u015f birli\u011fi halinde siber tehditlere kar\u015f\u0131 nas\u0131l somut ve etkili sonu\u00e7lar elde edebilece\u011fini net bir bi\u00e7imde ortaya koyuyor. Bu t\u00fcr k\u00f6t\u00fc niyetli yap\u0131lar\u0131n birer birer ortaya \u00e7\u0131kar\u0131l\u0131p etkisiz hale getirilmesiyle birlikte, bireylerin de kendilerini korumak ad\u0131na \u015fifrelerini s\u0131k s\u0131k de\u011fi\u015ftirmesi ve tan\u0131mad\u0131klar\u0131 ki\u015filerden gelen ba\u011flant\u0131lara t\u0131klamaktan ka\u00e7\u0131nmas\u0131 b\u00fcy\u00fck \u00f6nem ta\u015f\u0131yor.<\/p>\n","protected":false},"excerpt":{"rendered":"

Microsoft (Dijital Su\u00e7larla M\u00fccadele Birimi – DCU), DOJ, Europol ve ABD Adalet Bakanl\u0131\u011f\u0131 i\u015f birli\u011fi sa\u011flayarak k\u00f6t\u00fc ama\u00e7l\u0131 yaz\u0131l\u0131m hizmeti (MaaS) platformu olan Lumma Stealer a\u011f\u0131n\u0131 sekteye u\u011fratt\u0131. 13 May\u0131s Sal\u0131 g\u00fcn\u00fc, Microsoft\u2019un DCU birimi, y\u00fczlerce siber tehdit akt\u00f6r\u00fc taraf\u0131ndan tercih edilen bilgi \u00e7alma k\u00f6t\u00fc ama\u00e7l\u0131 yaz\u0131l\u0131m\u0131 Lumma Stealer (\u201cLumma\u201d) hakk\u0131nda yasal i\u015flem ba\u015flatt\u0131. Microsoft […]<\/p>\n","protected":false},"author":87,"featured_media":76124,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[54,1,48],"tags":[11273,1327,128],"class_list":["post-76117","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-internet","category-teknoloji","category-yazilim","tag-lumma-stealer","tag-malware","tag-microsoft"],"_links":{"self":[{"href":"https:\/\/www.indir.com\/haber\/wp-json\/wp\/v2\/posts\/76117","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.indir.com\/haber\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.indir.com\/haber\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.indir.com\/haber\/wp-json\/wp\/v2\/users\/87"}],"replies":[{"embeddable":true,"href":"https:\/\/www.indir.com\/haber\/wp-json\/wp\/v2\/comments?post=76117"}],"version-history":[{"count":2,"href":"https:\/\/www.indir.com\/haber\/wp-json\/wp\/v2\/posts\/76117\/revisions"}],"predecessor-version":[{"id":76155,"href":"https:\/\/www.indir.com\/haber\/wp-json\/wp\/v2\/posts\/76117\/revisions\/76155"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.indir.com\/haber\/wp-json\/wp\/v2\/media\/76124"}],"wp:attachment":[{"href":"https:\/\/www.indir.com\/haber\/wp-json\/wp\/v2\/media?parent=76117"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.indir.com\/haber\/wp-json\/wp\/v2\/categories?post=76117"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.indir.com\/haber\/wp-json\/wp\/v2\/tags?post=76117"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}