{"id":84154,"date":"2026-02-05T16:39:26","date_gmt":"2026-02-05T13:39:26","guid":{"rendered":"https:\/\/www.indir.com\/haber\/?p=84154"},"modified":"2026-02-05T16:39:26","modified_gmt":"2026-02-05T13:39:26","slug":"openclawda-buyuk-guvenlik-alarmi-yuzlerce-zararli-eklenti-ortaya-cikti","status":"publish","type":"post","link":"https:\/\/www.indir.com\/haber\/openclawda-buyuk-guvenlik-alarmi-yuzlerce-zararli-eklenti-ortaya-cikti\/","title":{"rendered":"OpenClaw\u2019da B\u00fcy\u00fck G\u00fcvenlik Alarm\u0131: Y\u00fczlerce Zararl\u0131 Eklenti Ortaya \u00c7\u0131kt\u0131"},"content":{"rendered":"\n<p>Son d\u00f6nemin h\u0131zla y\u00fckselen yapay zeka ajanlar\u0131ndan OpenClaw, bu kez ciddi g\u00fcvenlik sorunlar\u0131yla g\u00fcndemde. G\u00fcvenlik ara\u015ft\u0131rmac\u0131lar\u0131, platformun eklenti ma\u011fazas\u0131nda yer alan y\u00fczlerce uzant\u0131n\u0131n k\u00f6t\u00fc ama\u00e7l\u0131 yaz\u0131l\u0131m bar\u0131nd\u0131rd\u0131\u011f\u0131n\u0131 tespit etti. Uzmanlara g\u00f6re OpenClaw ekosistemi, siber sald\u0131rganlar i\u00e7in yeni ve cazip bir hedef haline gelmi\u015f durumda.<\/p>\n\n\n\n<p>Takvim planlamas\u0131ndan u\u00e7u\u015f i\u015flemlerine, e-posta d\u00fczenlemeden dosya y\u00f6netimine kadar pek \u00e7ok g\u00f6revi otonom \u015fekilde yerine getirebilen OpenClaw, kullan\u0131c\u0131 cihazlar\u0131nda yerel olarak \u00e7al\u0131\u015f\u0131yor. Ayr\u0131ca WhatsApp, Telegram ve iMessage gibi mesajla\u015fma uygulamalar\u0131 \u00fczerinden kontrol edilebilmesi, eri\u015fim kolayl\u0131\u011f\u0131 sa\u011flarken g\u00fcvenlik risklerini de beraberinde getiriyor. \u00d6zellikle baz\u0131 kullan\u0131c\u0131lar\u0131n asistana dosya okuma-yazma, komut \u00e7al\u0131\u015ft\u0131rma ve script y\u00fcr\u00fctme gibi geni\u015f yetkiler vermesi, potansiyel tehlikeyi b\u00fcy\u00fct\u00fcyor.<\/p>\n\n\n\n<figure class=\"wp-block-image size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"1344\" height=\"768\" src=\"http:\/\/www.indir.com\/haber\/wp-content\/uploads\/2026\/02\/Gemini_Generated_Image_fkok0lfkok0lfkok.png\" alt=\"OpenClaw\u2019da B\u00fcy\u00fck G\u00fcvenlik Alarm\u0131: Y\u00fczlerce Zararl\u0131 Eklenti Ortaya \u00c7\u0131kt\u0131\" class=\"wp-image-84157\" title=\"\"><figcaption class=\"wp-element-caption\">OpenClaw\u2019da B\u00fcy\u00fck G\u00fcvenlik Alarm\u0131: Y\u00fczlerce Zararl\u0131 Eklenti Ortaya \u00c7\u0131kt\u0131<\/figcaption><\/figure>\n\n\n\n<h3 class=\"wp-block-heading\">400\u2019den Fazla Zararl\u0131 \u201cSkill\u201d Tespit Edildi<\/h3>\n\n\n\n<p>OpenSourceMalware taraf\u0131ndan yay\u0131mlanan rapora g\u00f6re, yaln\u0131zca birka\u00e7 g\u00fcn i\u00e7inde OpenClaw\u2019\u0131n ClawHub adl\u0131 eklenti ma\u011fazas\u0131na 400\u2019\u00fcn \u00fczerinde zararl\u0131 uzant\u0131 y\u00fcklendi. Bu eklentiler genellikle kripto para al-sat otomasyonu gibi zarars\u0131z ara\u00e7lar gibi sunuluyor. Ancak arka planda kripto c\u00fczdan anahtarlar\u0131, borsa API eri\u015fimleri, SSH bilgileri ve taray\u0131c\u0131da kay\u0131tl\u0131 parolalar\u0131 ele ge\u00e7iren kodlar \u00e7al\u0131\u015ft\u0131r\u0131yor.<\/p>\n\n\n\n<p>1Password \u00dcr\u00fcn Ba\u015fkan Yard\u0131mc\u0131s\u0131 Jason Meller, OpenClaw\u2019\u0131n eklenti mimarisini \u201cdo\u011frudan bir sald\u0131r\u0131 y\u00fczeyi\u201d olarak tan\u0131ml\u0131yor. Meller\u2019a g\u00f6re, pop\u00fcler eklentilerden biri bile kullan\u0131c\u0131y\u0131 k\u00f6t\u00fc ama\u00e7l\u0131 bir ba\u011flant\u0131ya y\u00f6nlendirerek yapay zekaya zararl\u0131 komutlar \u00e7al\u0131\u015ft\u0131rabiliyor. \u00dcstelik bir\u00e7ok eklentinin Markdown dosyalar\u0131 \u00fczerinden da\u011f\u0131t\u0131lmas\u0131, hem kullan\u0131c\u0131lar\u0131 hem de yapay zekay\u0131 gizli talimatlarla manip\u00fcle etmeyi m\u00fcmk\u00fcn k\u0131l\u0131yor.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">OpenClaw\u2019dan \u0130lk \u00d6nlemler Geldi<\/h3>\n\n\n\n<p>OpenClaw\u2019\u0131n geli\u015ftiricisi Peter Steinberger, ya\u015fananlar\u0131n ard\u0131ndan baz\u0131 g\u00fcvenlik \u00f6nlemlerini devreye ald\u0131klar\u0131n\u0131 a\u00e7\u0131klad\u0131. Buna g\u00f6re art\u0131k eklenti yay\u0131nlamak isteyen geli\u015ftiricilerin en az bir haftal\u0131k aktif bir GitHub hesab\u0131na sahip olmas\u0131 gerekiyor. Ancak uzmanlar, bu ad\u0131m\u0131n tek ba\u015f\u0131na yeterli olmad\u0131\u011f\u0131n\u0131 ve daha s\u0131k\u0131 denetim mekanizmalar\u0131na ihtiya\u00e7 duyuldu\u011funu belirtiyor.<\/p>\n\n\n\n<p>Ya\u015fanan bu geli\u015fmeler, yapay zeka ajanlar\u0131n\u0131n sundu\u011fu kolayl\u0131klar\u0131n yan\u0131nda kontrols\u00fcz yetkilendirme ve \u00fc\u00e7\u00fcnc\u00fc taraf eklentilerin ne kadar b\u00fcy\u00fck riskler bar\u0131nd\u0131rabilece\u011fini bir kez daha g\u00f6zler \u00f6n\u00fcne seriyor.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Son d\u00f6nemin h\u0131zla y\u00fckselen yapay zeka ajanlar\u0131ndan OpenClaw, bu kez ciddi g\u00fcvenlik sorunlar\u0131yla g\u00fcndemde. G\u00fcvenlik ara\u015ft\u0131rmac\u0131lar\u0131, platformun eklenti ma\u011fazas\u0131nda yer alan y\u00fczlerce uzant\u0131n\u0131n k\u00f6t\u00fc ama\u00e7l\u0131 yaz\u0131l\u0131m bar\u0131nd\u0131rd\u0131\u011f\u0131n\u0131 tespit etti. Uzmanlara g\u00f6re OpenClaw ekosistemi, siber sald\u0131rganlar i\u00e7in yeni ve cazip bir hedef haline gelmi\u015f durumda. Takvim planlamas\u0131ndan u\u00e7u\u015f i\u015flemlerine, e-posta d\u00fczenlemeden dosya y\u00f6netimine kadar pek \u00e7ok [&hellip;]<\/p>\n","protected":false},"author":8,"featured_media":84155,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1,12053],"tags":[],"class_list":["post-84154","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-teknoloji","category-yapay-zeka"],"_links":{"self":[{"href":"https:\/\/www.indir.com\/haber\/wp-json\/wp\/v2\/posts\/84154","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.indir.com\/haber\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.indir.com\/haber\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.indir.com\/haber\/wp-json\/wp\/v2\/users\/8"}],"replies":[{"embeddable":true,"href":"https:\/\/www.indir.com\/haber\/wp-json\/wp\/v2\/comments?post=84154"}],"version-history":[{"count":1,"href":"https:\/\/www.indir.com\/haber\/wp-json\/wp\/v2\/posts\/84154\/revisions"}],"predecessor-version":[{"id":84158,"href":"https:\/\/www.indir.com\/haber\/wp-json\/wp\/v2\/posts\/84154\/revisions\/84158"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.indir.com\/haber\/wp-json\/wp\/v2\/media\/84155"}],"wp:attachment":[{"href":"https:\/\/www.indir.com\/haber\/wp-json\/wp\/v2\/media?parent=84154"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.indir.com\/haber\/wp-json\/wp\/v2\/categories?post=84154"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.indir.com\/haber\/wp-json\/wp\/v2\/tags?post=84154"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}