{"id":477029,"date":"2023-08-09T09:06:26","date_gmt":"2023-08-09T09:06:26","guid":{"rendered":""},"modified":"2023-09-05T11:13:53","modified_gmt":"2023-09-05T11:13:53","slug":"dyreza","status":"publish","type":"wiki","link":"https:\/\/oneproxy.pro\/tr\/wiki\/dyreza\/","title":{"rendered":"Dyreza"},"content":{"rendered":"<p>Dyre olarak da bilinen Dyreza, hassas finansal bilgileri \u00e7almak i\u00e7in \u00e7evrimi\u00e7i bankac\u0131l\u0131k i\u015flemlerini hedef alan k\u00f6t\u00fc \u015f\u00f6hretli bir k\u00f6t\u00fc ama\u00e7l\u0131 yaz\u0131l\u0131m t\u00fcr\u00fcd\u00fcr, \u00f6zellikle de bir bankac\u0131l\u0131k Truva at\u0131d\u0131r. Dyreza&#039;n\u0131n geli\u015fmi\u015fli\u011fi, SSL \u015fifrelemesini a\u015farak hassas verilere d\u00fcz metin olarak eri\u015fmesine olanak sa\u011flamas\u0131nda yatmaktad\u0131r.<\/p>\n<h2>Dyreza&#039;n\u0131n K\u00f6keni ve \u0130lk S\u00f6z\u00fc<\/h2>\n<p>Dyreza bankac\u0131l\u0131k Truva at\u0131 ilk olarak 2014 y\u0131l\u0131nda bir siber g\u00fcvenlik \u015firketi olan PhishMe&#039;deki ara\u015ft\u0131rmac\u0131lar taraf\u0131ndan ke\u015ffedildi\u011finde ortaya \u00e7\u0131kt\u0131. K\u00f6t\u00fc ama\u00e7l\u0131 yaz\u0131l\u0131m\u0131n bir ZIP dosyas\u0131na eklendi\u011fi bir &#039;banka havalesi raporu&#039; ile \u015f\u00fcphelenmeyen kurbanlar\u0131 hedef alan karma\u015f\u0131k bir kimlik av\u0131 kampanyas\u0131nda tespit edildi. &quot;Dyreza&quot; ad\u0131, Truva at\u0131n\u0131n ikili dosyas\u0131nda bulunan &quot;dyre&quot; dizesinden t\u00fcretilmi\u015ftir ve &quot;za&quot;, k\u00f6t\u00fc \u015f\u00f6hretli Zeus Truva At\u0131 ile benzerliklerine g\u00f6nderme yapan &quot;Zeus alternatifinin&quot; k\u0131saltmas\u0131d\u0131r.<\/p>\n<h2>Dyreza&#039;y\u0131 detayland\u0131r\u0131yoruz<\/h2>\n<p>Dyreza, \u00f6zellikle bankac\u0131l\u0131k web sitelerini hedef alan vir\u00fcsl\u00fc sistemlerden kimlik bilgilerini ve di\u011fer hassas bilgileri yakalamak i\u00e7in tasarland\u0131. Web trafi\u011fini engellemek ve de\u011fi\u015ftirmek i\u00e7in &quot;taray\u0131c\u0131 kancas\u0131&quot; olarak bilinen bir teknik kullan\u0131r. Bu Truva At\u0131, SSL (G\u00fcvenli Soket Katman\u0131) \u015fifrelemesini atlama ve \u015fifrelenmi\u015f web trafi\u011fini okuma ve de\u011fi\u015ftirme olana\u011f\u0131 sa\u011flamas\u0131 nedeniyle di\u011fer bankac\u0131l\u0131k Truva Atlar\u0131ndan farkl\u0131d\u0131r.<\/p>\n<p>Dyreza&#039;n\u0131n birincil da\u011f\u0131t\u0131m y\u00f6ntemi, genellikle zarars\u0131z bir belge veya zip dosyas\u0131 olarak gizlenen, kurbanlar\u0131 Truva at\u0131n\u0131 indirmeleri ve \u00e7al\u0131\u015ft\u0131rmalar\u0131 i\u00e7in kand\u0131ran kimlik av\u0131 e-postalar\u0131d\u0131r. Dyreza kurulduktan sonra kullan\u0131c\u0131n\u0131n ilgi duydu\u011fu bir web sitesine (genellikle bir bankac\u0131l\u0131k web sitesi) gitmesini bekler, bu noktada etkinle\u015ftirilir ve veri toplamaya ba\u015flar.<\/p>\n<h2>Dyreza\u2019n\u0131n \u0130\u00e7 Yap\u0131s\u0131 ve \u0130\u015fleyi\u015fi<\/h2>\n<p>Bir kurban\u0131n makinesine y\u00fcklendikten sonra Dyreza, web trafi\u011fini izlemek i\u00e7in &#039;taray\u0131c\u0131daki adam&#039; sald\u0131r\u0131s\u0131n\u0131 kullan\u0131yor. Bu, k\u00f6t\u00fc ama\u00e7l\u0131 yaz\u0131l\u0131m\u0131n web formlar\u0131na ek alanlar eklemesine ve kullan\u0131c\u0131lar\u0131 PIN numaralar\u0131 ve TAN&#039;lar gibi ek bilgiler sa\u011flamalar\u0131 i\u00e7in kand\u0131rmas\u0131na olanak tan\u0131r. Dyreza ayr\u0131ca bir web sayfas\u0131n\u0131n i\u00e7eri\u011fini de\u011fi\u015ftirmek i\u00e7in &quot;webinjects&quot; ad\u0131 verilen bir teknik kullan\u0131yor ve genellikle daha fazla veri toplamak i\u00e7in formlara alanlar ekliyor.<\/p>\n<p>Dyreza&#039;n\u0131n SSL&#039;yi atlamas\u0131, taray\u0131c\u0131 s\u00fcrecine ba\u011flanarak ve trafi\u011fi SSL ile \u015fifrelenmeden \u00f6nce veya \u015fifresi \u00e7\u00f6z\u00fcld\u00fckten sonra ele ge\u00e7irerek elde ediliyor. Bu, Dyreza&#039;n\u0131n SSL taraf\u0131ndan sunulan korumalar\u0131 tamamen atlayarak verileri d\u00fcz metin olarak yakalamas\u0131na olanak tan\u0131r.<\/p>\n<h2>Dyreza&#039;n\u0131n Temel \u00d6zellikleri<\/h2>\n<ul>\n<li>SSL \u015fifrelemesini atlamak: Dyreza, web trafi\u011fini \u015fifrelenmeden \u00f6nce veya \u015fifresi \u00e7\u00f6z\u00fcld\u00fckten sonra engelleyebilir ve verileri d\u00fcz metin olarak yakalayabilir.<\/li>\n<li>Taray\u0131c\u0131daki Adam Sald\u0131r\u0131s\u0131: Dyreza, web trafi\u011fini izleyerek, kullan\u0131c\u0131lar\u0131 ek hassas bilgiler sa\u011flamalar\u0131 i\u00e7in kand\u0131rmak amac\u0131yla web formlar\u0131n\u0131 manip\u00fcle edebilir.<\/li>\n<li>Webinjects: Bu \u00f6zellik, Dyreza&#039;n\u0131n daha fazla veri toplamak i\u00e7in web sayfalar\u0131n\u0131n i\u00e7eri\u011fini de\u011fi\u015ftirmesine olanak tan\u0131r.<\/li>\n<li>\u00c7oklu Vekt\u00f6r Yakla\u015f\u0131m\u0131: Dyreza, sistemlere s\u0131zmak i\u00e7in kimlik av\u0131 e-postalar\u0131 ve yararlanma kitleri dahil olmak \u00fczere \u00e7e\u015fitli y\u00f6ntemler kullan\u0131r.<\/li>\n<\/ul>\n<h2>Dyreza T\u00fcrleri<\/h2>\n<p>Dyreza&#039;n\u0131n farkl\u0131 t\u00fcrleri olmasa da vah\u015fi do\u011fada g\u00f6zlemlenen farkl\u0131 versiyonlar\u0131 vard\u0131r. Bu s\u00fcr\u00fcmler sald\u0131r\u0131 vekt\u00f6rleri, hedefleri ve \u00f6zel teknikleri a\u00e7\u0131s\u0131ndan farkl\u0131l\u0131k g\u00f6sterir ancak hepsi ayn\u0131 temel i\u015flevselli\u011fi payla\u015f\u0131r. Bu varyasyonlara genellikle farkl\u0131 t\u00fcrlerden ziyade farkl\u0131 kampanyalar ad\u0131 verilir.<\/p>\n<h2>Dyreza ile \u0130lgili Kullan\u0131m, Sorunlar ve \u00c7\u00f6z\u00fcmler<\/h2>\n<p>Dyreza, hassas bankac\u0131l\u0131k bilgilerini \u00e7alma yetene\u011fi nedeniyle hem bireysel kullan\u0131c\u0131lar hem de kurulu\u015flar i\u00e7in \u00f6nemli tehditler olu\u015fturmaktad\u0131r. Dyreza ve benzeri Truva atlar\u0131n\u0131n riskini azaltman\u0131n birincil yolu, g\u00fc\u00e7l\u00fc siber g\u00fcvenlik uygulamalar\u0131ndan ge\u00e7er. Bunlar aras\u0131nda g\u00fcncel antivir\u00fcs yaz\u0131l\u0131m\u0131n\u0131n s\u00fcrd\u00fcr\u00fclmesi, kullan\u0131c\u0131lar\u0131n kimlik av\u0131n\u0131n tehlikeleri konusunda e\u011fitilmesi ve izinsiz giri\u015f tespit sistemlerinin kullan\u0131lmas\u0131 yer al\u0131yor.<\/p>\n<p>Dyreza enfeksiyonundan \u015f\u00fcpheleniliyorsa, daha fazla veri kayb\u0131n\u0131 \u00f6nlemek ve sistemi g\u00fcvenilir bir antivir\u00fcs arac\u0131 kullanarak temizlemek i\u00e7in vir\u00fcsl\u00fc makinenin a\u011f ba\u011flant\u0131s\u0131n\u0131n kesilmesi \u00e7ok \u00f6nemlidir. Kurulu\u015flar i\u00e7in m\u00fc\u015fterileri bilgilendirmek ve t\u00fcm \u00e7evrimi\u00e7i bankac\u0131l\u0131k \u015fifrelerini de\u011fi\u015ftirmek gerekli olabilir.<\/p>\n<h2>Benzer K\u00f6t\u00fc Ama\u00e7l\u0131 Yaz\u0131l\u0131mlarla Kar\u015f\u0131la\u015ft\u0131rmalar<\/h2>\n<p>Dyreza, Zeus ve Bebloh gibi di\u011fer bankac\u0131l\u0131k Truva atlar\u0131yla bir\u00e7ok \u00f6zelli\u011fi payla\u015f\u0131yor. Hepsi taray\u0131c\u0131daki adam sald\u0131r\u0131lar\u0131n\u0131 kullan\u0131yor, web i\u00e7eri\u011fini de\u011fi\u015ftirmek i\u00e7in web enjeksiyonlar\u0131n\u0131 kullan\u0131yor ve esas olarak kimlik av\u0131 kampanyalar\u0131 yoluyla da\u011f\u0131t\u0131l\u0131yor. Ancak Dyreza, bankac\u0131l\u0131k Truva atlar\u0131 aras\u0131nda yayg\u0131n bir \u00f6zellik olmayan SSL \u015fifrelemesini atlama yetene\u011fiyle \u00f6ne \u00e7\u0131k\u0131yor.<\/p>\n<table>\n<thead>\n<tr>\n<th style=\"text-align: center;\">K\u00f6t\u00fc ama\u00e7l\u0131 yaz\u0131l\u0131m<\/th>\n<th style=\"text-align: center;\">Taray\u0131c\u0131daki Adam<\/th>\n<th style=\"text-align: center;\">Web enjeksiyonlar\u0131<\/th>\n<th style=\"text-align: center;\">SSL Atlamas\u0131<\/th>\n<\/tr>\n<\/thead>\n<tbody>\n<tr>\n<td style=\"text-align: center;\">Dyreza<\/td>\n<td style=\"text-align: center;\">Evet<\/td>\n<td style=\"text-align: center;\">Evet<\/td>\n<td style=\"text-align: center;\">Evet<\/td>\n<\/tr>\n<tr>\n<td style=\"text-align: center;\">Zeus<\/td>\n<td style=\"text-align: center;\">Evet<\/td>\n<td style=\"text-align: center;\">Evet<\/td>\n<td style=\"text-align: center;\">HAYIR<\/td>\n<\/tr>\n<tr>\n<td style=\"text-align: center;\">Bebloh<\/td>\n<td style=\"text-align: center;\">Evet<\/td>\n<td style=\"text-align: center;\">Evet<\/td>\n<td style=\"text-align: center;\">HAYIR<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<h2>Dyreza ile \u0130lgili Gelecek Perspektifleri ve Teknolojiler<\/h2>\n<p>Siber su\u00e7lular daha karma\u015f\u0131k hale geldik\u00e7e Dyreza gibi bankac\u0131l\u0131k Truva Atlar\u0131 tehdidi de geli\u015fmeye devam ediyor. Gelecekteki siber g\u00fcvenlik teknolojisi muhtemelen bu tehditlerin erken tespitini geli\u015ftirmeye ve kimlik av\u0131 e-postalar\u0131n\u0131 ve di\u011fer sald\u0131r\u0131 vekt\u00f6rlerini tan\u0131mlamaya y\u00f6nelik teknikleri geli\u015ftirmeye odaklanacak.<\/p>\n<p>Makine \u00f6\u011frenimi ve yapay zeka, bir tehdide i\u015faret edebilecek kal\u0131plar\u0131 ve anormallikleri tan\u0131mlama yetenekleri nedeniyle siber g\u00fcvenlikte giderek daha fazla kullan\u0131l\u0131yor. Bu teknolojiler, Dyreza gibi tehditlerin gelecekteki evrimiyle m\u00fccadelede hayati \u00f6nem ta\u015f\u0131yabilir.<\/p>\n<h2>Dyreza ile Proxy Sunucular\u0131 Birli\u011fi<\/h2>\n<p>Proxy sunucular\u0131 genellikle Dyreza gibi k\u00f6t\u00fc ama\u00e7l\u0131 yaz\u0131l\u0131mlar taraf\u0131ndan komuta ve kontrol sunucular\u0131yla ileti\u015fimlerini gizlemek i\u00e7in kullan\u0131l\u0131r. Siber su\u00e7lular, trafi\u011fi birden fazla proxy \u00fczerinden y\u00f6nlendirerek konumlar\u0131n\u0131 gizleyebilir ve trafiklerinin izlenmesini zorla\u015ft\u0131rabilir.<\/p>\n<p>Di\u011fer taraftan proxy sunucular da \u00e7\u00f6z\u00fcm\u00fcn bir par\u00e7as\u0131 olabilir. \u00d6rne\u011fin, bilinen k\u00f6t\u00fc ama\u00e7l\u0131 IP adreslerini engelleyecek veya \u015f\u00fcpheli trafik d\u00fczenlerini tespit edip engelleyecek \u015fekilde yap\u0131land\u0131r\u0131labilirler; bu da onlar\u0131 g\u00fc\u00e7l\u00fc bir siber g\u00fcvenlik stratejisinin de\u011ferli bir par\u00e7as\u0131 haline getirir.<\/p>\n<h2>\u0130lgili Ba\u011flant\u0131lar<\/h2>\n<p>Dyreza ve buna kar\u015f\u0131 nas\u0131l korunaca\u011f\u0131n\u0131z hakk\u0131nda daha fazla bilgi i\u00e7in a\u015fa\u011f\u0131daki kaynaklar\u0131 ziyaret edebilirsiniz:<\/p>\n<ul>\n<li><a href=\"https:\/\/cofense.com\/dyre-banking-trojan-not-zeus-or-really-close-relative\/\" target=\"_new\" rel=\"noopener nofollow\">PhishMe&#039;nin Dyreza hakk\u0131ndaki orijinal analizi<\/a><\/li>\n<li><a href=\"https:\/\/www.symantec.com\/security-center\/writeup\/2014-061923-2821-99\" target=\"_new\" rel=\"noopener nofollow\">Symantec&#039;in Dyreza hakk\u0131ndaki yaz\u0131s\u0131<\/a><\/li>\n<li><a href=\"https:\/\/malware.dontneedcoffee.com\/2014\/06\/dyre-za.html\" target=\"_new\" rel=\"noopener nofollow\">Dyreza&#039;n\u0131n i\u015flevselli\u011finin ayr\u0131nt\u0131l\u0131 bir d\u00f6k\u00fcm\u00fc<\/a><\/li>\n<li><a href=\"https:\/\/www.accenture.com\/us-en\/blogs\/cyber-defense\/banking-trojan-dyre-or-dyreza\" target=\"_new\" rel=\"noopener nofollow\">Bankac\u0131l\u0131k Truva Atlar\u0131na kar\u015f\u0131 koruma rehberi<\/a><\/li>\n<\/ul>","protected":false},"featured_media":477030,"menu_order":0,"template":"","meta":{"_acf_changed":false,"content-type":"","inline_featured_image":false,"footnotes":""},"class_list":["post-477029","wiki","type-wiki","status-publish","has-post-thumbnail","hentry"],"acf":{"faq_title":"Frequently Asked Questions about <mark>Dyreza: A Deep Dive into the Banking Trojan<\/mark>","faq_items":[{"question":"What is Dyreza?","answer":"<p>Dyreza, also known as Dyre, is a type of malware, specifically a banking Trojan, that targets online banking transactions to steal sensitive financial information. This Trojan is known for its ability to bypass SSL encryption.<\/p>"},{"question":"When was Dyreza first mentioned?","answer":"<p>Dyreza first came to light in 2014 when it was discovered by cybersecurity researchers at PhishMe. The Trojan was found in a sophisticated phishing campaign that tricked victims into downloading and running the malware.<\/p>"},{"question":"How does Dyreza work?","answer":"<p>Dyreza works by infiltrating a user's computer, typically through a phishing email. Once installed, it waits until the user navigates to a banking website and activates to start capturing sensitive data. It can also bypass SSL encryption, allowing it to read and manipulate encrypted web traffic.<\/p>"},{"question":"What are some key features of Dyreza?","answer":"<p>Key features of Dyreza include the ability to bypass SSL encryption, carry out man-in-the-browser attacks, use webinjects to alter the content of web pages, and employ a multi-vector approach for infiltration.<\/p>"},{"question":"Are there different types of Dyreza?","answer":"<p>There aren't different types of Dyreza per se, but different versions or campaigns have been observed, which differ in their attack vectors, targets, and specific techniques.<\/p>"},{"question":"How can one protect themselves from Dyreza?","answer":"<p>Protection against Dyreza involves robust cybersecurity practices such as maintaining up-to-date antivirus software, educating users about the dangers of phishing, and employing intrusion detection systems. If infection is suspected, it's crucial to disconnect the machine from the network and clean the system using a reliable antivirus tool.<\/p>"},{"question":"How does Dyreza compare to other similar malware like Zeus and Bebloh?","answer":"<p>Dyreza, Zeus, and Bebloh all use man-in-the-browser attacks and webinjects, and are primarily spread through phishing campaigns. However, Dyreza distinguishes itself with its ability to bypass SSL encryption, a feature not common among other banking Trojans.<\/p>"},{"question":"How are proxy servers associated with Dyreza?","answer":"<p>Proxy servers can be used by malware like Dyreza to hide their communication with command-and-control servers. However, they can also be part of the solution, as they can be configured to block known malicious IP addresses or to detect and block suspicious traffic patterns.<\/p>"},{"question":"What are some future perspectives and technologies related to Dyreza?","answer":"<p>The threat of banking Trojans like Dyreza continues to evolve as cybercriminals become more sophisticated. Future technologies in cybersecurity, like machine learning and AI, may prove crucial in combating threats like Dyreza by improving early detection and refining techniques for identifying phishing emails and other attack vectors.<\/p>"}]},"_links":{"self":[{"href":"https:\/\/oneproxy.pro\/tr\/wp-json\/wp\/v2\/wiki\/477029","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/oneproxy.pro\/tr\/wp-json\/wp\/v2\/wiki"}],"about":[{"href":"https:\/\/oneproxy.pro\/tr\/wp-json\/wp\/v2\/types\/wiki"}],"version-history":[{"count":0,"href":"https:\/\/oneproxy.pro\/tr\/wp-json\/wp\/v2\/wiki\/477029\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/oneproxy.pro\/tr\/wp-json\/wp\/v2\/media\/477030"}],"wp:attachment":[{"href":"https:\/\/oneproxy.pro\/tr\/wp-json\/wp\/v2\/media?parent=477029"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}