{"id":107,"date":"2026-05-19T20:28:39","date_gmt":"2026-05-19T20:28:39","guid":{"rendered":"https:\/\/zehirteknoloji.com.tr\/blog\/?p=107"},"modified":"2026-05-19T20:28:42","modified_gmt":"2026-05-19T20:28:42","slug":"antivirusleri-cildirtan-hayalet-virusler-ve-akilalmaz-gizlenme-taktikleri","status":"publish","type":"post","link":"https:\/\/zehirteknoloji.com.tr\/blog\/antivirusleri-cildirtan-hayalet-virusler-ve-akilalmaz-gizlenme-taktikleri\/","title":{"rendered":"Antivir\u00fcsleri \u00c7\u0131ld\u0131rtan Hayalet Vir\u00fcsler ve Ak\u0131lalmaz Gizlenme Taktikleri"},"content":{"rendered":"\n

En Me\u015fhur Bilgisayar Vir\u00fcs\u00fc ve Antivir\u00fcsleri \u00c7\u0131ld\u0131rtan Gizlenme Taktikleri<\/h1>\n\n\n\n

Siber g\u00fcvenlik d\u00fcnyas\u0131nda \u00f6yle bir vir\u00fcs var ki, ad\u0131n\u0131 duydu\u011funuzda filmlerdeki o dahi su\u00e7lular akla gelir. Bug\u00fcn tek bir vir\u00fcs\u00fcn koca bir n\u00fckleer tesisi nas\u0131l fiziksel olarak patlatma noktas\u0131na getirdi\u011fini konu\u015faca\u011f\u0131z. Ama as\u0131l bomba konumuz ba\u015fka: Milyon dolarl\u0131k antivir\u00fcs yaz\u0131l\u0131mlar\u0131 bu vir\u00fcsleri neden bazen ruhu bile duymadan sistem i\u00e7eri al\u0131yor?<\/strong> Bu dijital hayaletler koruma kalkanlar\u0131ndan nas\u0131l saklan\u0131yor? Gelin, g\u00f6r\u00fcnmezlik pelerinini kald\u0131r\u0131p arkadaki deh\u015fet verici zekaya yak\u0131ndan bakal\u0131m.<\/p>\n\n\n\n

D\u00fcnyan\u0131n En Me\u015fhur Vir\u00fcs\u00fc: Stuxnet<\/h2>\n\n\n\n
\"\"<\/figure>\n\n\n\n

S\u00f6z konusu en me\u015fhur, en tehlikeli ve en ak\u0131ll\u0131 vir\u00fcs oldu\u011funda siber g\u00fcvenlik uzmanlar\u0131n\u0131n \u00f6n\u00fcnde sayg\u0131yla (!) e\u011fildi\u011fi tek bir isim var: Stuxnet<\/strong>.<\/p>\n\n\n\n

2010 y\u0131l\u0131nda ke\u015ffedilen Stuxnet, s\u0131radan bir hacker\u0131n evinde yazd\u0131\u011f\u0131 cinsten bir yaz\u0131l\u0131m de\u011fildi. Do\u011frudan devlet destekli (ABD ve \u0130srail ortakl\u0131\u011f\u0131 oldu\u011fu biliniyor) siber bir silaht\u0131. Hedefi ise \u00e7ok spesifikti: \u0130ran\u2019\u0131n Natanz n\u00fckleer tesisindeki uranyum zenginle\u015ftirme santrif\u00fcjleri.<\/p>\n\n\n\n

Verdi\u011fi Zarar: Yaz\u0131l\u0131mla Gelen Fiziksel Y\u0131k\u0131m<\/h3>\n\n\n\n

Stuxnet, internete ba\u011fl\u0131 olmayan, d\u0131\u015f d\u00fcnyaya tamamen kapal\u0131 bu tesise bir \u00e7al\u0131\u015fan\u0131n flash belle\u011fi (USB) \u00fczerinden s\u0131zd\u0131. \u0130\u00e7eri girdikten sonra aylarca sessizce bekledi. Santrif\u00fcjleri kontrol eden end\u00fcstriyel cihazlar\u0131n (PLC) yaz\u0131l\u0131m\u0131n\u0131 de\u011fi\u015ftirdi. Cihazlar\u0131 o kadar h\u0131zl\u0131 ve dengesiz d\u00f6nd\u00fcrd\u00fc ki, motorlar fiziksel olarak par\u00e7aland\u0131. \u0130\u015fin en korkun\u00e7 yan\u0131 neydi biliyor musunuz? Tesisin ana kumanda ekran\u0131ndaki m\u00fchendislere her \u015feyin “normal” oldu\u011funu g\u00f6steren sahte raporlar yolluyordu. M\u00fchendisler \u00e7aylar\u0131n\u0131 yudumlarken, arkadaki odada milyon dolarl\u0131k n\u00fckleer cihazlar kendi kendini yok ediyordu.<\/p>\n\n\n\n

\u0130\u015fte bu vir\u00fcs, dijital bir kodun ger\u00e7ek d\u00fcnyada fiziksel bir y\u0131k\u0131ma yol a\u00e7abilece\u011fini kan\u0131tlayan ilk me\u015fhur \u00f6rnektir.<\/p>\n\n\n\n

Antivir\u00fcsler Bu Vir\u00fcsleri Neden Fark Edemez?<\/h2>\n\n\n\n

“Yahu biz bu antivir\u00fcslere d\u00fcnya para \u00f6d\u00fcyoruz, nas\u0131l oluyor da bu zararl\u0131lar i\u00e7eri s\u0131z\u0131yor?” dedi\u011finizi duyar gibiyim. Hakl\u0131s\u0131n\u0131z. Ama antivir\u00fcslerin \u00e7al\u0131\u015fma mant\u0131\u011f\u0131 ile vir\u00fcs yazanlar\u0131n dehas\u0131 aras\u0131nda bitmek bilmeyen bir kedi-fare oyunu var.<\/p>\n\n\n\n

Antivir\u00fcsler temel olarak iki \u015fekilde \u00e7al\u0131\u015f\u0131r:<\/p>\n\n\n\n

    \n
  1. \u0130mza Tabanl\u0131 Tan\u0131ma:<\/strong> Vir\u00fcs\u00fcn “dijital parmak izini” veri taban\u0131ndaki sab\u0131kal\u0131lar listesiyle kar\u015f\u0131la\u015ft\u0131r\u0131r. E\u015fle\u015firse yakalar.<\/li>\n\n\n\n
  2. Sezgisel (Heuristic) Analiz:<\/strong> Program\u0131n hareketlerini inceler. \u015e\u00fcpheli davran\u0131yorsa (\u00f6rne\u011fin durup dururken sistem dosyalar\u0131n\u0131 de\u011fi\u015ftirmeye \u00e7al\u0131\u015f\u0131yorsa) engeller.<\/li>\n<\/ol>\n\n\n\n

    Peki, geli\u015fmi\u015f vir\u00fcsler bu iki baraj\u0131 nas\u0131l a\u015f\u0131yor? \u0130\u015fte kulland\u0131klar\u0131 o sinsi taktikler:<\/p>\n\n\n\n

    1. S\u0131f\u0131r\u0131nc\u0131 G\u00fcn (Zero-Day) A\u00e7\u0131klar\u0131<\/h3>\n\n\n\n

    Antivir\u00fcslerin veri taban\u0131nda sadece bilinen<\/em> vir\u00fcslerin imzalar\u0131 vard\u0131r. E\u011fer bir vir\u00fcs, i\u015fletim sisteminin (Windows gibi) \u00fcreticisi taraf\u0131ndan bile hen\u00fcz ke\u015ffedilmemi\u015f gizli bir a\u00e7\u0131\u011f\u0131 (Zero-Day) kullan\u0131yorsa, antivir\u00fcs ona bak\u0131p “Bu g\u00fcvenli bir program, sab\u0131kas\u0131 yok”<\/em> der ve kap\u0131y\u0131 a\u00e7ar. Stuxnet tam 4 tane s\u0131f\u0131r\u0131nc\u0131 g\u00fcn a\u00e7\u0131\u011f\u0131n\u0131 birden kullanm\u0131\u015ft\u0131!<\/p>\n\n\n\n

    2. \u015eekil De\u011fi\u015ftiren Kodlar (Polimorfizm)<\/h3>\n\n\n\n

    Vir\u00fcsler de evrim ge\u00e7iriyor. Polimorfik<\/strong> vir\u00fcsler, bir bilgisayardan di\u011ferine bula\u015f\u0131rken kendi kod yap\u0131s\u0131n\u0131 ve \u015fifrelemesini otomatik olarak de\u011fi\u015ftirir. Amac\u0131 ayn\u0131d\u0131r ama dijital parmak izi (imzas\u0131) her saniye de\u011fi\u015fti\u011fi i\u00e7in antivir\u00fcs\u00fcn sab\u0131ka kayd\u0131 taramas\u0131na tak\u0131lmaz. T\u0131pk\u0131 her banka soygunundan sonra y\u00fcz ameliyat\u0131 olan bir h\u0131rs\u0131z gibi!<\/p>\n\n\n\n

    3. “Faydal\u0131 Eleman” Maskesi (Truva At\u0131)<\/h3>\n\n\n\n

    Vir\u00fcs sisteme do\u011frudan “Ben vir\u00fcs\u00fcm” diye girmez. \u00c7ok pop\u00fcler bir oyunun crack dosyas\u0131, masum bir PDF faturas\u0131 veya hile program\u0131 gibi maskelenir. Kullan\u0131c\u0131 kendi eliyle o dosyaya “Y\u00f6netici \u0130zni” verdi\u011finde, antivir\u00fcs “Kullan\u0131c\u0131 buna izin verdi, demek ki bir bildi\u011fi var”<\/em> diyerek aradan \u00e7ekilir.<\/p>\n\n\n\n

    4. Bellekte Ya\u015fayan Hayaletler (Fileless Malware)<\/h3>\n\n\n\n

    Eski nesil vir\u00fcsler bilgisayar\u0131n sabit diskine bir dosya (\u00f6rne\u011fin virus.exe<\/code>) b\u0131rak\u0131rd\u0131. Antivir\u00fcs de diski taray\u0131p onu bulurdu. Modern vir\u00fcsler art\u0131k diske hi\u00e7 dokunmuyor. Do\u011frudan bilgisayar\u0131n ge\u00e7ici belle\u011fine (RAM) yerle\u015fiyorlar ve Windows’un kendi g\u00fcvenli ara\u00e7lar\u0131n\u0131n (PowerShell gibi) i\u00e7ine s\u0131z\u0131p oradan \u00e7al\u0131\u015f\u0131yorlar. Ortada taranacak bir “dosya” olmad\u0131\u011f\u0131 i\u00e7in antivir\u00fcsler bo\u015fa k\u00fcrek sall\u0131yor.<\/p>\n\n\n\n

    Bu G\u00f6r\u00fcnmez Tehlikelerden Nas\u0131l Korunaca\u011f\u0131z?<\/h2>\n\n\n\n

    Antivir\u00fcsler her zaman %100 koruma sa\u011flam\u0131yorsa yand\u0131k m\u0131? Hay\u0131r. Siber g\u00fcvenlikte savunma tek bir kaleyle yap\u0131lmaz, katmanl\u0131 yap\u0131l\u0131r.<\/p>\n\n\n\n

      \n
    • S\u0131f\u0131r G\u00fcven (Zero Trust) \u0130lkesi:<\/strong> Bilgisayar\u0131n\u0131za takaca\u011f\u0131n\u0131z hi\u00e7bir USB’ye, internetten indirdi\u011finiz hi\u00e7bir “\u00fccretsiz” yaz\u0131l\u0131ma g\u00fcvenmeyin. \u00d6zellikle i\u015f yerlerinde, kayna\u011f\u0131 belirsiz bellekleri bilgisayara do\u011frudan takmak dijital intihard\u0131r.<\/li>\n\n\n\n
    • Davran\u0131\u015fsal \u0130zleme \u00d6zelli\u011fi:<\/strong> Antivir\u00fcs se\u00e7erken sadece statik tarama yapanlar\u0131 de\u011fil; yapay zeka destekli, arka plandaki \u015f\u00fcpheli hareketleri (aniden binlerce dosyan\u0131n \u015fifrelenmeye ba\u015flanmas\u0131 gibi) anl\u0131k analiz eden EDR (Endpoint Detection and Response)<\/strong> \u00f6zellikli geli\u015fmi\u015f yaz\u0131l\u0131mlar\u0131 tercih edin.<\/li>\n\n\n\n
    • Yaz\u0131l\u0131mlar\u0131 G\u00fcncel Tutun:<\/strong> S\u0131f\u0131r\u0131nc\u0131 g\u00fcn a\u00e7\u0131klar\u0131 ke\u015ffedildi\u011fi an \u00fcreticiler yamalar yay\u0131nlar. Windows’u ve kulland\u0131\u011f\u0131n\u0131z taray\u0131c\u0131lar\u0131 g\u00fcncel tutmak, vir\u00fcslerin elindeki en b\u00fcy\u00fck kozu (a\u00e7\u0131klar\u0131) ellerinden almak demektir.<\/li>\n<\/ul>\n\n\n\n
      \n

      \u00d6zetle:<\/strong> En g\u00fc\u00e7l\u00fc antivir\u00fcs program\u0131 bile, ekran\u0131n ba\u015f\u0131nda oturan kullan\u0131c\u0131n\u0131n dikkati kadar g\u00fc\u00e7l\u00fcd\u00fcr. Dijital d\u00fcnyada \u015f\u00fcpheci olmak, sizi milyar dolarl\u0131k siber sald\u0131r\u0131lardan bile koruyabilir.<\/p>\n<\/blockquote>\n","protected":false},"excerpt":{"rendered":"

      En Me\u015fhur Bilgisayar Vir\u00fcs\u00fc ve Antivir\u00fcsleri \u00c7\u0131ld\u0131rtan Gizlenme Taktikleri Siber g\u00fcvenlik d\u00fcnyas\u0131nda \u00f6yle bir vir\u00fcs var ki, ad\u0131n\u0131 duydu\u011funuzda filmlerdeki...<\/p>\n","protected":false},"author":1,"featured_media":108,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[275,266,274,265,271,273,276,268,270,277,267,264,263,272,269],"class_list":["post-107","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-teknoloji-genel","tag-antivirus-atlatma-teknikleri","tag-antiviruslerden-saklanan-virusler","tag-bellek-virusleri","tag-dunyanin-en-tehlikeli-virusu","tag-edr-guvenlik","tag-fileless-malware","tag-nukleer-tesis-siber-saldiri","tag-polimorfik-virus-nedir","tag-siber-guvenlik-tehditleri","tag-siber-savunma","tag-sifirinci-gun-acigi","tag-stuxnet-virusu","tag-teknoloji-blogu","tag-truva-ati-virusu","tag-zero-day-saldirisi"],"_links":{"self":[{"href":"https:\/\/zehirteknoloji.com.tr\/blog\/wp-json\/wp\/v2\/posts\/107","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/zehirteknoloji.com.tr\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/zehirteknoloji.com.tr\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/zehirteknoloji.com.tr\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/zehirteknoloji.com.tr\/blog\/wp-json\/wp\/v2\/comments?post=107"}],"version-history":[{"count":1,"href":"https:\/\/zehirteknoloji.com.tr\/blog\/wp-json\/wp\/v2\/posts\/107\/revisions"}],"predecessor-version":[{"id":110,"href":"https:\/\/zehirteknoloji.com.tr\/blog\/wp-json\/wp\/v2\/posts\/107\/revisions\/110"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/zehirteknoloji.com.tr\/blog\/wp-json\/wp\/v2\/media\/108"}],"wp:attachment":[{"href":"https:\/\/zehirteknoloji.com.tr\/blog\/wp-json\/wp\/v2\/media?parent=107"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/zehirteknoloji.com.tr\/blog\/wp-json\/wp\/v2\/categories?post=107"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/zehirteknoloji.com.tr\/blog\/wp-json\/wp\/v2\/tags?post=107"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}