{"id":45685,"date":"2026-02-24T17:45:04","date_gmt":"2026-02-24T17:45:04","guid":{"rendered":"https:\/\/bihavadis.com\/?p=45685"},"modified":"2026-02-24T17:45:04","modified_gmt":"2026-02-24T17:45:04","slug":"uretken-yapay-zeka-kullanan-android-tehditleri-cagi-basladi","status":"publish","type":"post","link":"https:\/\/bihavadis.com\/index.php\/2026\/02\/24\/uretken-yapay-zeka-kullanan-android-tehditleri-cagi-basladi\/","title":{"rendered":"\u00dcretken yapay zek\u00e2 kullanan Android tehditleri \u00e7a\u011f\u0131 ba\u015flad\u0131"},"content":{"rendered":"

Siber g\u00fcvenlik \u015firketi ESET, kal\u0131c\u0131l\u0131k sa\u011flamak i\u00e7in y\u00fcr\u00fctme ak\u0131\u015f\u0131nda \u00fcretken yapay zek\u00e2y\u0131 k\u00f6t\u00fcye kullanan bilinen ilk Android k\u00f6t\u00fc ama\u00e7l\u0131 yaz\u0131l\u0131m\u0131 olan PromptSpy’\u0131 ke\u015ffetti. Sald\u0131rganlar, k\u00f6t\u00fc ama\u00e7l\u0131 kullan\u0131c\u0131 aray\u00fcz\u00fc manip\u00fclasyonunu y\u00f6nlendirmek i\u00e7in bir yapay zek\u00e2 modelini (\u00f6zellikle Google’\u0131n Gemini modelini) kullanmaya dayand\u0131klar\u0131 i\u00e7in ESET, bu aileye PromptSpy ad\u0131n\u0131 verdi.<\/strong><\/p>\n

K\u00f6t\u00fc ama\u00e7l\u0131 yaz\u0131l\u0131m kilit ekran\u0131 verilerini yakalayabiliyor. Kald\u0131rma giri\u015fimlerini engelleyebiliyor, cihaz bilgilerini toplayabiliyor, ekran g\u00f6r\u00fcnt\u00fcs\u00fc alabiliyor ve ekran etkinli\u011fini video olarak kaydedebiliyor. ESET ara\u015ft\u0131rmac\u0131lar\u0131 bilinen ilk yapay zek\u00e2 destekli fidye yaz\u0131l\u0131m\u0131 olan PromptLock\u2019u, A\u011fustos 2025’te ke\u015ffetmi\u015flerdi. \u00a0PromptSpy ESET Research’\u00fcn ke\u015ffetti\u011fi ikinci yapay zek\u00e2 destekli k\u00f6t\u00fc ama\u00e7l\u0131 yaz\u0131l\u0131m oldu. \u00a0<\/p>\n

Dil yerelle\u015ftirme ipu\u00e7lar\u0131 ve analiz s\u0131ras\u0131nda g\u00f6zlemlenen da\u011f\u0131t\u0131m vekt\u00f6rlerine dayanarak, bu kampanyan\u0131n finansal ama\u00e7l\u0131 oldu\u011fu ve \u00f6ncelikle Arjantin’deki kullan\u0131c\u0131lar\u0131 hedefledi\u011fi g\u00f6r\u00fcl\u00fcyor. Ancak PromptSpy hen\u00fcz ESET telemetrisinde g\u00f6zlemlenmedi, bu da muhtemelen bir kavram kan\u0131t\u0131 niteli\u011finde oldu\u011funu g\u00f6steriyor. \u00dcretken yapay zek\u00e2, PromptSpy’\u0131n kodunun nispeten k\u00fc\u00e7\u00fck bir b\u00f6l\u00fcm\u00fcnde (kal\u0131c\u0131l\u0131k sa\u011flamaktan sorumlu olan b\u00f6l\u00fcm) kullan\u0131lmas\u0131na ra\u011fmen k\u00f6t\u00fc ama\u00e7l\u0131 yaz\u0131l\u0131m\u0131n uyarlanabilirli\u011fi \u00fczerinde \u00f6nemli bir etkiye sahip. \u00d6zellikle, Gemini, PromptSpy’a k\u00f6t\u00fc ama\u00e7l\u0131 uygulaman\u0131n son uygulamalar listesinde (\u00e7o\u011fu Android ba\u015flat\u0131c\u0131n\u0131n \u00e7oklu g\u00f6rev g\u00f6r\u00fcn\u00fcm\u00fcnde genellikle bir asma kilit simgesiyle temsil edilir) “kilitli”, yani sabitlenmi\u015f h\u00e2le getirilmesi i\u00e7in ad\u0131m ad\u0131m talimatlar sa\u011flamak amac\u0131yla kullan\u0131l\u0131r. B\u00f6ylece uygulaman\u0131n sistem taraf\u0131ndan kolayca silinmesini veya kapat\u0131lmas\u0131n\u0131 \u00f6nler. Yapay zek\u00e2 modeli ve komut istemi kodda \u00f6nceden tan\u0131mlanm\u0131\u015ft\u0131r ve de\u011fi\u015ftirilemez.\u00a0<\/p>\n

PromptSpy’\u0131 ke\u015ffeden ESET ara\u015ft\u0131rmac\u0131s\u0131 Luk\u00e1\u0161 \u0160tefanko<\/strong>\u00a0\u015fu a\u00e7\u0131klamay\u0131 yapt\u0131: “Android k\u00f6t\u00fc ama\u00e7l\u0131 yaz\u0131l\u0131mlar\u0131 genellikle UI tabanl\u0131 navigasyona dayand\u0131\u011f\u0131ndan \u00fcretken yapay zek\u00e2y\u0131 kullanmak, tehdit akt\u00f6rlerinin hemen hemen her cihaza, d\u00fczene veya i\u015fletim sistemi s\u00fcr\u00fcm\u00fcne uyum sa\u011flamas\u0131na olanak tan\u0131r ve bu da potansiyel kurban havuzunu b\u00fcy\u00fck \u00f6l\u00e7\u00fcde art\u0131rabilir. PromptSpy’\u0131n temel amac\u0131, operat\u00f6rlere kurban\u0131n cihaz\u0131na uzaktan eri\u015fim sa\u011flayan yerle\u015fik bir VNC mod\u00fcl\u00fc da\u011f\u0131tmakt\u0131r. Bu Android k\u00f6t\u00fc ama\u00e7l\u0131 yaz\u0131l\u0131m\u0131 ayr\u0131ca Eri\u015filebilirlik Hizmetlerini k\u00f6t\u00fcye kullanarak g\u00f6r\u00fcnmez kaplamalarla kald\u0131r\u0131lmas\u0131n\u0131 engeller, kilit ekran\u0131 verilerini yakalar ve ekran etkinli\u011fini video olarak kaydeder. AES \u015fifreleme yoluyla Komuta ve Kontrol sunucusuyla ileti\u015fim kurar.”\u00a0<\/p>\n

PromptSpy, \u00f6zel bir web sitesi arac\u0131l\u0131\u011f\u0131yla da\u011f\u0131t\u0131l\u0131yor ve Google Play’de hi\u00e7 bulunmam\u0131\u015ft\u0131. Bununla birlikte, App Defense Alliance orta\u011f\u0131 olan ESET, bulgular\u0131n\u0131 Google ile payla\u015fm\u0131\u015ft\u0131. Android kullan\u0131c\u0131lar\u0131, Google Play Hizmetleri’ne sahip Android cihazlarda varsay\u0131lan olarak etkinle\u015ftirilen Google Play Protect taraf\u0131ndan bu k\u00f6t\u00fc ama\u00e7l\u0131 yaz\u0131l\u0131m\u0131n bilinen s\u00fcr\u00fcmlerine kar\u015f\u0131 otomatik olarak korunuyor.<\/p>\n

Luk\u00e1\u0161 \u0160tefanko, PromptSpy Gemini’yi yaln\u0131zca bir \u00f6zelli\u011finde kullan\u0131yor olsa da bu ara\u00e7lar\u0131n uygulanmas\u0131n\u0131n k\u00f6t\u00fc ama\u00e7l\u0131 yaz\u0131l\u0131mlar\u0131 nas\u0131l daha dinamik h\u00e2le getirebilece\u011fini ve tehdit akt\u00f6rlerine geleneksel komut dosyas\u0131 yaz\u0131m\u0131yla normalde daha zor olan eylemleri otomatikle\u015ftirme yollar\u0131 sundu\u011funu g\u00f6sterdi\u011fini s\u00f6yledi.<\/p>\n

Uygulaman\u0131n ad\u0131 MorganArg ve simgesi Morgan Chase’den esinlenmi\u015f gibi g\u00f6r\u00fcnd\u00fc\u011f\u00fcnden bu k\u00f6t\u00fc ama\u00e7l\u0131 yaz\u0131l\u0131m muhtemelen Morgan Chase bankas\u0131n\u0131 taklit ediyor. MorganArg, muhtemelen “Morgan Argentina”n\u0131n k\u0131saltmas\u0131 ve \u00f6nbelle\u011fe al\u0131nm\u0131\u015f web sitesinin ad\u0131 olarak da g\u00f6r\u00fcn\u00fcr, bu da b\u00f6lgesel bir hedefleme oda\u011f\u0131 oldu\u011funu d\u00fc\u015f\u00fcnd\u00fcr\u00fcyor.<\/p>\n

PromptSpy, ekrana g\u00f6r\u00fcnmez \u00f6\u011feler yerle\u015ftirerek kald\u0131r\u0131lmas\u0131n\u0131 engelledi\u011finden kurban\u0131n bunu kald\u0131rmas\u0131n\u0131n tek yolu, cihaz\u0131 G\u00fcvenli Modda yeniden ba\u015flatmak. G\u00fcvenli Modda, \u00fc\u00e7\u00fcnc\u00fc taraf uygulamalar devre d\u0131\u015f\u0131 b\u0131rak\u0131l\u0131r ve normal \u015fekilde kald\u0131r\u0131labilir. G\u00fcvenli Mod’a girmek i\u00e7in kullan\u0131c\u0131lar genellikle g\u00fc\u00e7 d\u00fc\u011fmesini bas\u0131l\u0131 tutmal\u0131, G\u00fc\u00e7 kapat’a uzun basmal\u0131 ve G\u00fcvenli Mod’da Yeniden Ba\u015flat komutunu onaylamal\u0131d\u0131r (ancak kesin y\u00f6ntem cihaza ve \u00fcreticiye g\u00f6re farkl\u0131l\u0131k g\u00f6sterebilir). Telefon G\u00fcvenli Modda yeniden ba\u015flat\u0131ld\u0131\u011f\u0131nda, kullan\u0131c\u0131 Ayarlar \u2192 Uygulamalar \u2192 MorganArg’a gidip engellenmeden kald\u0131rma i\u015flemini ger\u00e7ekle\u015ftirebilir.<\/p>\n

\u00a0<\/p>\n

Kaynak: (BYZHA) Beyaz Haber Ajans\u0131<\/p>\n","protected":false},"excerpt":{"rendered":"

Siber g\u00fcvenlik \u015firketi ESET, kal\u0131c\u0131l\u0131k sa\u011flamak i\u00e7in y\u00fcr\u00fctme ak\u0131\u015f\u0131nda \u00fcretken yapay zek\u00e2y\u0131 k\u00f6t\u00fcye kullanan bilinen ilk Android k\u00f6t\u00fc ama\u00e7l\u0131 yaz\u0131l\u0131m\u0131 olan PromptSpy’\u0131 ke\u015ffetti.<\/p>\n","protected":false},"author":1,"featured_media":45686,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[16],"tags":[3533,1271,1218,6093,213],"class_list":["post-45685","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-teknoloji","tag-eset","tag-guvenli","tag-kotu-amacli-yazilim","tag-morgan","tag-yapay-zeka"],"_links":{"self":[{"href":"https:\/\/bihavadis.com\/index.php\/wp-json\/wp\/v2\/posts\/45685","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/bihavadis.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/bihavadis.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/bihavadis.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/bihavadis.com\/index.php\/wp-json\/wp\/v2\/comments?post=45685"}],"version-history":[{"count":1,"href":"https:\/\/bihavadis.com\/index.php\/wp-json\/wp\/v2\/posts\/45685\/revisions"}],"predecessor-version":[{"id":45687,"href":"https:\/\/bihavadis.com\/index.php\/wp-json\/wp\/v2\/posts\/45685\/revisions\/45687"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/bihavadis.com\/index.php\/wp-json\/wp\/v2\/media\/45686"}],"wp:attachment":[{"href":"https:\/\/bihavadis.com\/index.php\/wp-json\/wp\/v2\/media?parent=45685"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/bihavadis.com\/index.php\/wp-json\/wp\/v2\/categories?post=45685"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/bihavadis.com\/index.php\/wp-json\/wp\/v2\/tags?post=45685"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}