{"id":39186,"date":"2026-02-21T02:48:04","date_gmt":"2026-02-21T02:48:04","guid":{"rendered":"https:\/\/bihavadis.com\/?p=39186"},"modified":"2026-02-21T02:48:04","modified_gmt":"2026-02-21T02:48:04","slug":"kaspersky-yeni-android-zararli-yazilimi-keenadunun-tedarik-zinciri-yoluyla-yayilabildigini-tespit-etti","status":"publish","type":"post","link":"https:\/\/bihavadis.com\/index.php\/2026\/02\/21\/kaspersky-yeni-android-zararli-yazilimi-keenadunun-tedarik-zinciri-yoluyla-yayilabildigini-tespit-etti\/","title":{"rendered":"Kaspersky, Yeni Android Zararl\u0131 Yaz\u0131l\u0131m\u0131 Keenadu&#8217;nun Tedarik Zinciri Yoluyla Yay\u0131labildi\u011fini Tespit Etti"},"content":{"rendered":"<p>Kaspersky, Android cihazlar\u0131 hedef alan ve Keenadu olarak adland\u0131rd\u0131\u011f\u0131 yeni bir zararl\u0131 yaz\u0131l\u0131m tespit etti. \u00c7ok katmanl\u0131 bir da\u011f\u0131t\u0131m stratejisine sahip olan bu yaz\u0131l\u0131m; do\u011frudan cihazlar\u0131n ayg\u0131t yaz\u0131l\u0131m\u0131na (firmware) entegre edilebiliyor, sistem uygulamalar\u0131n\u0131n i\u00e7ine g\u00f6m\u00fclebiliyor ve hatta Google Play gibi resmi uygulama ma\u011fazalar\u0131 \u00fczerinden yay\u0131labiliyor. Mevcut bulgulara g\u00f6re Keenadu, halihaz\u0131rda enfekte etti\u011fi cihazlar\u0131 birer &#8220;bot&#8221; gibi kullanarak reklam t\u0131klama trafi\u011fi olu\u015fturmak (reklam doland\u0131r\u0131c\u0131l\u0131\u011f\u0131) amac\u0131yla kullan\u0131l\u0131yor. Ancak yaz\u0131l\u0131m\u0131n baz\u0131 varyantlar\u0131, sald\u0131rganlara kurban\u0131n cihaz\u0131 \u00fczerinde tam kontrol yetkisi tan\u0131yacak kadar ileri seviye k\u00f6t\u00fc ama\u00e7l\u0131 \u00f6zellikler bar\u0131nd\u0131r\u0131yor.<\/p>\n<p>\u015eubat 2026 itibar\u0131yla Kaspersky mobil g\u00fcvenlik \u00e7\u00f6z\u00fcmleri, Keenadu bula\u015fm\u0131\u015f 13.000&#8217;den fazla cihaz tespit etti. \u00a0En fazla etkilenen \u00fclkeler aras\u0131nda Rusya, Japonya, Almanya, Brezilya, Hollanda ve T\u00fcrkiye yer al\u0131yor. Bununla birlikte bir\u00e7ok farkl\u0131 \u00fclke de bu durumdan etkilenmi\u015f durumda.<\/p>\n<p><strong>Do\u011frudan Ayg\u0131t Yaz\u0131l\u0131m\u0131na (Firmware) Entegre Ediliyor<\/strong><\/p>\n<p>Kaspersky&#8217;nin 2025 y\u0131l\u0131nda tespit etti\u011fi\u00a0Triada arka kap\u0131s\u0131na (backdoor)\u00a0benzer \u015fekilde, Keenadu&#8217;nun baz\u0131 s\u00fcr\u00fcmlerinin tedarik zinciri a\u015famas\u0131nda \u00e7e\u015fitli Android tablet modellerinin ayg\u0131t yaz\u0131l\u0131m\u0131na s\u0131zd\u0131r\u0131ld\u0131\u011f\u0131 anla\u015f\u0131ld\u0131. Bu varyantta Keenadu, sald\u0131rganlara cihaz \u00fczerinde s\u0131n\u0131rs\u0131z kontrol imkan\u0131 sunan tam i\u015flevli bir arka kap\u0131 olarak faaliyet g\u00f6steriyor. Cihazda y\u00fckl\u00fc olan her uygulamaya bula\u015fabilen yaz\u0131l\u0131m, APK dosyalar\u0131 \u00fczerinden istenilen uygulamay\u0131 y\u00fckleyebiliyor ve bunlara t\u00fcm sistem izinlerini tan\u0131mlayabiliyor. Sonu\u00e7 olarak; medya dosyalar\u0131, mesajlar, bankac\u0131l\u0131k bilgileri ve konum verileri dahil olmak \u00fczere cihazdaki t\u00fcm hassas bilgiler tehlikeye giriyor. Yaz\u0131l\u0131m\u0131n, kullan\u0131c\u0131n\u0131n Chrome taray\u0131c\u0131s\u0131 \u00fczerinden gizli sekmede (incognito) yapt\u0131\u011f\u0131 aramalar\u0131 bile takip etti\u011fi saptand\u0131.<\/p>\n<p>Ayg\u0131t yaz\u0131l\u0131m\u0131na entegre edilen bu zararl\u0131, belirli ko\u015fullara g\u00f6re farkl\u0131 davran\u0131\u015flar sergiliyor: Cihaz dili \u00c7ince leh\u00e7elerinden birine ayarl\u0131ysa veya saat dilimi \u00c7in olarak se\u00e7ilmi\u015fse yaz\u0131l\u0131m aktifle\u015fmiyor. Ayr\u0131ca, cihazda Google Play Store ve Google Play Hizmetleri y\u00fckl\u00fc de\u011filse yine \u00e7al\u0131\u015fm\u0131yor.<\/p>\n<p><strong>Sistem Uygulamalar\u0131na S\u0131z\u0131yor<\/strong><\/p>\n<p>Bu varyantta Keenadu&#8217;nun i\u015flevselli\u011fi nispeten daha k\u0131s\u0131tl\u0131 olsa da, normal uygulamalara k\u0131yasla y\u00fcksek yetkilere sahip bir sistem uygulamas\u0131n\u0131n i\u00e7inde bar\u0131nd\u0131\u011f\u0131 i\u00e7in kullan\u0131c\u0131dan habersiz uygulama y\u00fcklemeye devam edebiliyor. Kaspersky uzmanlar\u0131, Keenadu\u2019nun cihaz\u0131n y\u00fcz tan\u0131ma kilidinden sorumlu bir sistem uygulamas\u0131na g\u00f6m\u00fcld\u00fc\u011f\u00fcn\u00fc ke\u015ffetti; bu durum sald\u0131rganlar\u0131n potansiyel olarak kullan\u0131c\u0131lar\u0131n biyometrik y\u00fcz verilerine eri\u015febilece\u011fi anlam\u0131na geliyor. Baz\u0131 vakalarda ise yaz\u0131l\u0131m\u0131n, ana ekran aray\u00fcz\u00fcn\u00fc y\u00f6neten &#8220;launcher&#8221; uygulamas\u0131na s\u0131zd\u0131\u011f\u0131 g\u00f6r\u00fcld\u00fc.<\/p>\n<p><strong>Android Uygulama Ma\u011fazalar\u0131 \u00dczerinden Da\u011f\u0131t\u0131lan Uygulamalara G\u00f6m\u00fcl\u00fc Varyant<\/strong><\/p>\n<p>Kaspersky uzmanlar\u0131, Google Play&#8217;de yer alan baz\u0131 uygulamalar\u0131n da Keenadu ile enfekte oldu\u011funu ortaya \u00e7\u0131kard\u0131. \u00d6zellikle ak\u0131ll\u0131 ev kameralar\u0131 i\u00e7in geli\u015ftirilen ve 300.000&#8217;den fazla indirilen bu uygulamalar, raporun yay\u0131nland\u0131\u011f\u0131 tarih itibar\u0131yla Google Play&#8217;den kald\u0131r\u0131ld\u0131. Bu uygulamalar \u00e7al\u0131\u015ft\u0131r\u0131ld\u0131\u011f\u0131nda, sald\u0131rganlar arka planda kullan\u0131c\u0131ya g\u00f6r\u00fcnmeyen taray\u0131c\u0131 sekmeleri a\u00e7arak \u00e7e\u015fitli web sitelerinde gizlice gezinebiliyor. Daha \u00f6nce farkl\u0131 siber g\u00fcvenlik ara\u015ft\u0131rmac\u0131lar\u0131 taraf\u0131ndan yap\u0131lan\u00a0\u00e7al\u0131\u015fmalar\u00a0da benzer enfekte uygulamalar\u0131n ba\u011f\u0131ms\u0131z APK dosyalar\u0131 veya farkl\u0131 uygulama ma\u011fazalar\u0131 \u00fczerinden da\u011f\u0131t\u0131ld\u0131\u011f\u0131n\u0131 do\u011frulam\u0131\u015ft\u0131.<\/p>\n<p><strong>Kaspersky G\u00fcvenlik Ara\u015ft\u0131rmac\u0131s\u0131 Dmitry Kalinin<\/strong>\u00a0konuya ili\u015fkin \u015funlar\u0131 s\u00f6yledi: &#8220;<em>Son ara\u015ft\u0131rmam\u0131z, \u00f6n y\u00fckl\u00fc zararl\u0131 yaz\u0131l\u0131mlar\u0131n Android ekosisteminde ne kadar ciddi bir tehdit haline geldi\u011fini g\u00f6steriyor. Kullan\u0131c\u0131 hi\u00e7bir hatal\u0131 i\u015flem yapmasa dahi cihaz kutusundan vir\u00fcsl\u00fc \u00e7\u0131kabiliyor. Bu riskin bilincinde olmak ve bu t\u00fcr tehditleri engelleyebilecek g\u00fcvenlik \u00e7\u00f6z\u00fcmleri kullanmak kritik \u00f6nem ta\u015f\u0131yor. Yaz\u0131l\u0131m kendini yasal bir sistem bile\u015feni gibi kamufle etti\u011fi i\u00e7in muhtemelen \u00fcreticiler de tedarik zincirindeki bu s\u0131zman\u0131n fark\u0131nda de\u011fildi. Cihaz yaz\u0131l\u0131mlar\u0131n\u0131n enfekte olmad\u0131\u011f\u0131ndan emin olmak i\u00e7in \u00fcretim s\u00fcrecinin her a\u015famas\u0131n\u0131n titizlikle denetlenmesi \u015fart.&#8221;<\/em><\/p>\n<p>Daha fazla bilgi i\u00e7in Securelist\u2019te yay\u0131mlanan\u00a0blog\u00a0yaz\u0131s\u0131na g\u00f6z atabilirsiniz.<\/p>\n<p>Kullan\u0131c\u0131lara Y\u00f6nelik \u00d6neriler:<\/p>\n<ul>\n<li>Cihaz\u0131n\u0131zdaki tehditlerden an\u0131nda haberdar olmak i\u00e7in\u00a0etkin bir g\u00fcvenlik \u00e7\u00f6z\u00fcm\u00fc\u00a0kullan\u0131n.<\/li>\n<li>E\u011fer cihaz\u0131n\u0131zda enfekte bir ayg\u0131t yaz\u0131l\u0131m\u0131 (firmware) varsa, \u00fcreticinin sundu\u011fu g\u00fcncellemeleri kontrol edin. G\u00fcncelleme sonras\u0131 cihaz\u0131n\u0131z\u0131 mutlaka tam kapsaml\u0131 bir g\u00fcvenlik taramas\u0131ndan ge\u00e7irin.<\/li>\n<li>Bir sistem\u00a0uygulamas\u0131n\u0131n enfekte olmas\u0131 durumunda, uygulamay\u0131 kullanmay\u0131 b\u0131rak\u0131n ve devre d\u0131\u015f\u0131 b\u0131rak\u0131n. Varsay\u0131lan ba\u015flat\u0131c\u0131 (launcher) uygulamas\u0131 enfekteyse, devre d\u0131\u015f\u0131 b\u0131rakarak \u00fc\u00e7\u00fcnc\u00fc taraf bir ba\u015flat\u0131c\u0131 kullan\u0131n.<\/li>\n<\/ul>\n<p>\u00a0<\/p>\n<p>\u00a0<\/p>\n<p>Kaynak: (BYZHA) Beyaz Haber Ajans\u0131<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Kaspersky, Android cihazlar\u0131 hedef alan ve Keenadu olarak adland\u0131rd\u0131\u011f\u0131 yeni bir zararl\u0131 yaz\u0131l\u0131m tespit etti.<\/p>\n","protected":false},"author":1,"featured_media":39187,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[16],"tags":[2606,5519,737,2388,1217],"class_list":["post-39186","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-teknoloji","tag-cihaz","tag-enfekte","tag-guvenlik","tag-uygulama","tag-yazilim"],"_links":{"self":[{"href":"https:\/\/bihavadis.com\/index.php\/wp-json\/wp\/v2\/posts\/39186","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/bihavadis.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/bihavadis.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/bihavadis.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/bihavadis.com\/index.php\/wp-json\/wp\/v2\/comments?post=39186"}],"version-history":[{"count":1,"href":"https:\/\/bihavadis.com\/index.php\/wp-json\/wp\/v2\/posts\/39186\/revisions"}],"predecessor-version":[{"id":39188,"href":"https:\/\/bihavadis.com\/index.php\/wp-json\/wp\/v2\/posts\/39186\/revisions\/39188"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/bihavadis.com\/index.php\/wp-json\/wp\/v2\/media\/39187"}],"wp:attachment":[{"href":"https:\/\/bihavadis.com\/index.php\/wp-json\/wp\/v2\/media?parent=39186"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/bihavadis.com\/index.php\/wp-json\/wp\/v2\/categories?post=39186"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/bihavadis.com\/index.php\/wp-json\/wp\/v2\/tags?post=39186"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}