{"id":15064,"date":"2026-02-07T09:04:49","date_gmt":"2026-02-07T06:04:49","guid":{"rendered":"https:\/\/www.inetmar.com\/blog\/?p=15064"},"modified":"2026-02-07T10:38:13","modified_gmt":"2026-02-07T07:38:13","slug":"notepad-hacklendi","status":"publish","type":"post","link":"https:\/\/www.inetmar.com\/blog\/notepad-hacklendi\/","title":{"rendered":"Notepad++ Hacklendi!"},"content":{"rendered":"<p>Yaz\u0131l\u0131m d\u00fcnyas\u0131n\u0131n en g\u00fcvenilir kalelerinden biri olan <strong>Notepad++<\/strong>\u00a02025 y\u0131l\u0131na yay\u0131lan ve son derece sofistike y\u00f6ntemlerle y\u00fcr\u00fct\u00fclen bir siber casusluk operasyonunun hedefi oldu. Projenin mimar\u0131 <strong>Don Ho<\/strong>, pop\u00fcler metin edit\u00f6r\u00fcn\u00fcn g\u00fcncelleme altyap\u0131s\u0131n\u0131n k\u00f6t\u00fc niyetli yaz\u0131l\u0131mlar da\u011f\u0131tmak amac\u0131yla manip\u00fcle edildi\u011fini resmen do\u011frulad\u0131.<\/p>\n<h2>Sald\u0131r\u0131 Nas\u0131l Ger\u00e7ekle\u015fti?<\/h2>\n<p>Yap\u0131lan teknik incelemeler, sald\u0131r\u0131n\u0131n rastgele bir hacker giri\u015fimi de\u011fil, cerrahi bir titizlikle y\u00fcr\u00fct\u00fclen bir <strong>tedarik zinciri sald\u0131r\u0131s\u0131<\/strong> oldu\u011funu g\u00f6steriyor.<\/p>\n<ul>\n<li><strong>Zaman Aral\u0131\u011f\u0131:<\/strong> Haziran &#8211; Aral\u0131k 2025.<\/li>\n<li><strong>Y\u00f6ntem:<\/strong> Notepad++ web sitesindeki bir g\u00fcvenlik a\u00e7\u0131\u011f\u0131ndan yararlanan sald\u0131rganlar, g\u00fcncelleme talebi g\u00f6nderen kullan\u0131c\u0131lar\u0131n bir k\u0131sm\u0131n\u0131 kendi zararl\u0131 sunucular\u0131na y\u00f6nlendirdi.<\/li>\n<li><strong>Hedef Kitle:<\/strong> Sald\u0131r\u0131 t\u00fcm kullan\u0131c\u0131lar\u0131 de\u011fil; \u00f6zellikle <strong>Do\u011fu Asya<\/strong> odakl\u0131 \u00e7al\u0131\u015fan stratejik kurumlar\u0131 hedef ald\u0131.<\/li>\n<\/ul>\n<h2>Failin Kimli\u011fi: &#8220;Lotus Blossom&#8221;<\/h2>\n<p>G\u00fcvenlik devi <strong>Rapid7<\/strong> taraf\u0131ndan yap\u0131lan analizler, oklar\u0131 \u00c7in h\u00fck\u00fcmetiyle ba\u011flant\u0131l\u0131 oldu\u011fu iddia edilen <strong>Lotus Blossom<\/strong> grubuna \u00e7eviriyor. Ge\u00e7mi\u015fte havac\u0131l\u0131k, telekom ve kritik devlet altyap\u0131lar\u0131na y\u00f6nelik operasyonlar\u0131yla tan\u0131nan bu grubun, Notepad++ \u00fczerinden elde etti\u011fi eri\u015fimle uzun s\u00fcreli bir istihbarat faaliyeti y\u00fcr\u00fctt\u00fc\u011f\u00fc tahmin ediliyor.<\/p>\n<blockquote><p><strong>Kritik Not:<\/strong> G\u00fcvenlik ara\u015ft\u0131rmac\u0131s\u0131 Kevin Beaumont, enfekte olan s\u00fcr\u00fcmlerin sald\u0131rganlara do\u011frudan sistem kontrol\u00fc sa\u011flad\u0131\u011f\u0131n\u0131 ve bu durumun kurumsal a\u011flar i\u00e7in &#8220;arka kap\u0131&#8221; anlam\u0131na geldi\u011fini belirtti.<\/p><\/blockquote>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"wp-image-15067 aligncenter\" src=\"https:\/\/www.inetmar.com\/blog\/wp-content\/uploads\/2026\/02\/notepad.png\" alt=\"\" width=\"772\" height=\"422\" srcset=\"https:\/\/www.inetmar.com\/blog\/wp-content\/uploads\/2026\/02\/notepad.png 1625w, https:\/\/www.inetmar.com\/blog\/wp-content\/uploads\/2026\/02\/notepad-300x164.png 300w, https:\/\/www.inetmar.com\/blog\/wp-content\/uploads\/2026\/02\/notepad-1024x560.png 1024w, https:\/\/www.inetmar.com\/blog\/wp-content\/uploads\/2026\/02\/notepad-768x420.png 768w, https:\/\/www.inetmar.com\/blog\/wp-content\/uploads\/2026\/02\/notepad-1536x839.png 1536w\" sizes=\"auto, (max-width: 772px) 100vw, 772px\" \/><\/p>\n<h2>SolarWinds Vakas\u0131 Tekerr\u00fcr m\u00fc Ediyor?<\/h2>\n<p>Uzmanlar bu olay\u0131, 2020&#8217;de ABD devlet kurumlar\u0131n\u0131 sarsan <strong>SolarWinds<\/strong> felaketine benzetiyor. Her iki vakada da sald\u0131rganlar, yaz\u0131l\u0131m\u0131n kendisine sald\u0131rmak yerine, yaz\u0131l\u0131m\u0131n kullan\u0131c\u0131ya ula\u015ft\u0131\u011f\u0131 &#8220;g\u00fcvenli kanal\u0131&#8221; (g\u00fcncelleme mekanizmas\u0131n\u0131) zehirlemeyi tercih etti.<\/p>\n<table border=\"1\">\n<thead>\n<tr>\n<th>Detay<\/th>\n<th>Durum<\/th>\n<\/tr>\n<\/thead>\n<tbody>\n<tr>\n<td><strong>G\u00fcvenlik A\u00e7\u0131\u011f\u0131<\/strong><\/td>\n<td>Kas\u0131m 2025&#8217;te kapat\u0131ld\u0131.<\/td>\n<\/tr>\n<tr>\n<td><strong>Eri\u015fim Engeli<\/strong><\/td>\n<td>Aral\u0131k ba\u015f\u0131nda sald\u0131rganlar sistemden at\u0131ld\u0131.<\/td>\n<\/tr>\n<tr>\n<td><strong>Geli\u015ftirici Yan\u0131t\u0131<\/strong><\/td>\n<td>Don Ho \u00f6z\u00fcr dileyerek yaln\u0131zca resmi ve g\u00fcncel s\u00fcr\u00fcmlerin kullan\u0131lmas\u0131n\u0131 \u00f6nerdi.<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<h2>Kullan\u0131c\u0131lar Ne Yapmal\u0131?<\/h2>\n<p>E\u011fer sisteminizde Notepad++ y\u00fckl\u00fcyse, yaz\u0131l\u0131m\u0131n <strong>en g\u00fcncel s\u00fcr\u00fcm\u00fcne<\/strong> sahip oldu\u011funuzdan emin olun. Geli\u015ftirici ekip, eski a\u00e7\u0131\u011f\u0131n kapat\u0131ld\u0131\u011f\u0131n\u0131 ve yeni giri\u015fimlerin engellendi\u011fini belirtse de, kurumsal cihazlarda tam bir g\u00fcvenlik taramas\u0131 yap\u0131lmas\u0131 tavsiye ediliyor.<\/p>\n<p><strong>Kaynak:<\/strong> notepad-plus-plus.org<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Yaz\u0131l\u0131m d\u00fcnyas\u0131n\u0131n en g\u00fcvenilir kalelerinden biri olan Notepad++\u00a02025 y\u0131l\u0131na yay\u0131lan ve son derece sofistike y\u00f6ntemlerle y\u00fcr\u00fct\u00fclen bir siber casusluk operasyonunun hedefi oldu. Projenin mimar\u0131 Don Ho, pop\u00fcler metin edit\u00f6r\u00fcn\u00fcn g\u00fcncelleme altyap\u0131s\u0131n\u0131n k\u00f6t\u00fc niyetli yaz\u0131l\u0131mlar da\u011f\u0131tmak&#46;&#46;&#46;<\/p>\n","protected":false},"author":2,"featured_media":15065,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[52],"tags":[],"class_list":["post-15064","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-guvenlik"],"_links":{"self":[{"href":"https:\/\/www.inetmar.com\/blog\/wp-json\/wp\/v2\/posts\/15064","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.inetmar.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.inetmar.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.inetmar.com\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.inetmar.com\/blog\/wp-json\/wp\/v2\/comments?post=15064"}],"version-history":[{"count":2,"href":"https:\/\/www.inetmar.com\/blog\/wp-json\/wp\/v2\/posts\/15064\/revisions"}],"predecessor-version":[{"id":15068,"href":"https:\/\/www.inetmar.com\/blog\/wp-json\/wp\/v2\/posts\/15064\/revisions\/15068"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.inetmar.com\/blog\/wp-json\/wp\/v2\/media\/15065"}],"wp:attachment":[{"href":"https:\/\/www.inetmar.com\/blog\/wp-json\/wp\/v2\/media?parent=15064"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.inetmar.com\/blog\/wp-json\/wp\/v2\/categories?post=15064"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.inetmar.com\/blog\/wp-json\/wp\/v2\/tags?post=15064"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}