{"id":11208,"date":"2026-06-22T07:43:01","date_gmt":"2026-06-22T07:43:01","guid":{"rendered":"https:\/\/bitep.net\/blog\/2026\/06\/22\/microsoft-crypto-clipper-usb-drive-kriptovalyuta-backdoor-2026\/"},"modified":"2026-06-22T07:43:01","modified_gmt":"2026-06-22T07:43:01","slug":"microsoft-crypto-clipper-usb-drive-kriptovalyuta-backdoor-2026","status":"publish","type":"post","link":"https:\/\/bitep.net\/blog\/2026\/06\/22\/microsoft-crypto-clipper-usb-drive-kriptovalyuta-backdoor-2026\/","title":{"rendered":"Microsoft Crypto Clipper: USB Drive-lardan Yay\u0131lan Yeni Kriptovalyuta O\u011furlayan Backdoor (2026)"},"content":{"rendered":"<p>Microsoft-un T\u0259hl\u00fck\u0259sizlik T\u0259dqiqatlar\u0131 Komandas\u0131 yeni v\u0259 t\u0259hl\u00fck\u0259li self-propagating malware a\u015fkar edib. &#8220;Crypto Clipper&#8221; adlanan bu worm, USB drive-lar \u00fcz\u0259rind\u0259n yay\u0131l\u0131r, istifad\u0259\u00e7il\u0259rin clipboard m\u0259lumatlar\u0131n\u0131 izl\u0259yir v\u0259 kriptovalyuta wallet addressl\u0259rini o\u011furlay\u0131b onlar\u0131 attacker-in wallet-l\u0259ri il\u0259 \u0259v\u0259z edir. Bu, sad\u0259 bir clipboard o\u011furlu\u015fu deyil \u2014Tor \u015f\u0259b\u0259k\u0259si \u00fcz\u0259rind\u0259n i\u015fl\u0259y\u0259n tam funksional backdoor-dur.<\/p>\n<p>X\u0259b\u0259r 18 \u0130yun 2026 tarixind\u0259 Ars Technica t\u0259r\u0259find\u0259n Microsoft-un r\u0259smi a\u00e7\u0131qlamas\u0131na \u0259sas\u0259n yay\u0131mland\u0131. Microsoft malware-\u0131 &#8220;Crypto Clipper&#8221; adland\u0131rd\u0131 v\u0259 onu &#8220;lightweight, script-based stealer&#8221; kimi t\u0259svir etdi, amma onun funksional \u043f\u0440\u0435\u0434\u044a\u044f\u0432l\u0259ri \u2014 Tor, SOCKS5 proxy, USB yay\u0131lma v\u0259 address swapping \u2014 onu adi clipboard stealer-d\u0259n xeyli daha t\u0259hl\u00fck\u0259li edir. Bu malware-\u0131n k\u0259\u015ffi, USB vasit\u0259sil\u0259 yay\u0131lan threat-l\u0259rin h\u0259l\u0259 d\u0259 aktual oldu\u011funu v\u0259 daha inki\u015faf etmi\u015f anti-detection texnikalar\u0131 istifad\u0259 etdikl\u0259rini g\u00f6st\u0259rir.<\/p>\n<h2>Bu x\u0259b\u0259r\/m\u00f6vzu n\u0259dir?<\/h2>\n<p>Crypto Clipper, Microsoft-un Thursday a\u00e7\u0131qlamas\u0131na g\u00f6r\u0259, yeni k\u0259\u015ff edilmi\u015f self-propagating malware-d\u0131r. Bu worm USB drive-lar vasit\u0259sil\u0259 yay\u0131l\u0131r \u2014 yolUXmu\u015f bir USB drive kompyuter\u0259 qo\u015fulduqda, .lnk fayllar\u0131 adlanan q\u0131sa yollar vasit\u0259sil\u0259 \u00f6z\u00fcn\u00fc yeni kompyuter\u0259 install edir. .lnk fayllar\u0131 executable kod saxlay\u0131r v\u0259 istifad\u0259\u00e7i onlara klik etdikd\u0259\u6076\u610f kod i\u015f\u0259 d\u00fc\u015f\u00fcr.<\/p>\n<p>Malware i\u015f\u0259 d\u00fc\u015fd\u00fckd\u0259n sonra bir ne\u00e7\u0259 \u015fey edir. Birincisi, Clipboard-u izl\u0259yir \u2014 istifad\u0259\u00e7i kopyalad\u0131\u011f\u0131 h\u0259r \u015feyi yoxlay\u0131r. 12 v\u0259 ya 24 s\u00f6zl\u00fc seed phrase (kriptovalyuta wallet-l\u0259rin b\u0259rpa a\u00e7ar\u0131) v\u0259 ya wallet address tap\u0131rsa, d\u0259rhal 10 saniy\u0259 \u0259rzind\u0259 5 screenshot \u00e7\u0259kir. Sonra seed phrase v\u0259 ya wallet address-i, el\u0259c\u0259 d\u0259 screenshot-lar\u0131 Tor \u015f\u0259b\u0259k\u0259si \u00fcz\u0259rind\u0259n attacker-in serverin\u0259 g\u00f6nd\u0259rir. Tor,anonymous routing t\u0259min ed\u0259n protokoldur \u2014 traffic bird\u0259n \u00e7ox node-dan ke\u00e7ir v\u0259 he\u00e7 bir log h\u0259m g\u00f6nd\u0259r\u0259n, h\u0259m d\u0259 q\u0259bul ed\u0259n IP-ni eyni anda tutmur.<\/p>\n<p>Daha t\u0259hl\u00fck\u0259li olan is\u0259 budur: Crypto Clipper clipboard-da tapd\u0131\u011f\u0131 wallet address-l\u0259ri avtomatik olaraq attacker-in wallet address-l\u0259ri il\u0259 \u0259v\u0259z edir. Bu o dem\u0259kdirdir ki, istifad\u0259\u00e7i \u00f6z payment g\u00f6nd\u0259rm\u0259k ist\u0259y\u0259nd\u0259, \u0259slInd\u0259 pulu attacker-in wallet-in\u0259 g\u00f6nd\u0259rir. Bel\u0259likl\u0259, istifad\u0259\u00e7i payment-nin u\u011fursuz oldu\u011fundan x\u0259b\u0259rsiz olur, \u00e7\u00fcnki transaction u\u011furla tamamlan\u0131r \u2014 sad\u0259c\u0259 yanl\u0131\u015f \u00fcnvana. Microsoft bu malware-\u0131 &#8220;lightweight backdoor&#8221; adland\u0131r\u0131r, \u00e7\u00fcnki o, h\u0259m data o\u011furlu\u011fu, h\u0259m d\u0259 remote code execution bacar\u0131qlar\u0131na malikdir.<\/p>\n<h2>Niy\u0259 vacibdir?<\/h2>\n<p>Bu malware bir ne\u00e7\u0259 s\u0259b\u0259bd\u0259n vacibdir. Birincisi, o, USB drive vasit\u0259sil\u0259 yay\u0131l\u0131r \u2014 bu, 20 ild\u0259n b\u0259ri azald\u0131\u011f\u0131 d\u00fc\u015f\u00fcn\u00fcl\u0259n, amma h\u0259l\u0259 d\u0259 aktiv olan bir yay\u0131lma vektorudur. Bir ne\u00e7\u0259 ay \u0259rzind\u0259 h\u0259r hans\u0131 bir USB drive-un bir ne\u00e7\u0259 kompyuter\u0259 qo\u015fuldu\u011fu ist\u0259nil\u0259n biznes m\u00fchitind\u0259 bu t\u0259hl\u00fck\u0259 ciddi yay\u0131lma potensial\u0131na malikdir. \u0130ki kompyuter aras\u0131nda payla\u015fPhysicskan bir flash drive kifay\u0259tdir ki, h\u0259r ikisin\u0259 yoluxsun.<\/p>\n<p>\u0130kincisi, malware-\u0131n Tor istifad\u0259 etm\u0259si onu izl\u0259m\u0259k dem\u0259k olar ki, qeyri-m\u00fcmk\u00fcn edir. \u018fn\u0259n\u0259vi C2 (Command and Control) serverl\u0259ri IP \u00fcnvan\u0131 il\u0259 m\u00fc\u0259yy\u0259n edilir v\u0259 firewall t\u0259r\u0259find\u0259n bloklana bil\u0259r. Lakin Crypto Clipper portable Tor client istifad\u0259 edir v\u0259 traffic-i local SOCKS5 proxy-dan ke\u00e7irir. Bu o dem\u0259kdir ki, security team-l\u0259ri traffic-in malicious server\u0259 getdiyini g\u00f6r\u0259 bilm\u0259z, \u00e7\u00fcnki h\u0259r connection random Tor node-lar\u0131 vasit\u0259sil\u0259 ba\u015f verir.<\/p>\n<p>\u00dc\u00e7\u00fcnc\u00fcs\u00fc, clipboard \u0259v\u0259zetm\u0259 taktiki (address swapping) x\u00fcsusil\u0259 hiyl\u0259g\u0259rdi\u0131r. Kriptovalyuta transferl\u0259rind\u0259 address-l\u0259r uzun v\u0259 oxunaqs\u0131z oldu\u011fundan, istifad\u0259\u00e7il\u0259r ad\u0259t\u0259n address-i kopyalay\u0131b yap\u0131\u015fd\u0131r\u0131rlar. Malware clipboard-da address-i avtomatik \u0259v\u0259z edir v\u0259 istifad\u0259\u00e7i f\u0259rqin\u0259 varmadan pulu attacker-\u0259 g\u00f6nd\u0259rir. Kripto transferl\u0259ri geriqaytar\u0131la bilm\u0259z \u2014 blockchain transaction-lar\u0131 d\u0259yi\u015fdiril\u0259 bilm\u0259z. Bu o dem\u0259kdirdir ki, pulun bir d\u0259f\u0259 getdiyi yer\u0259 qay\u0131tmaz. V\u0259 seed phrase o\u011furlu\u011fu daha da bet\u0259rdir \u2014 attacker b\u00fct\u00fcn wallet-\u0259 tam n\u0259zar\u0259t \u0259ld\u0259 edir.<\/p>\n<h2>BITEP\/auditoriya \u00fc\u00e7\u00fcn n\u0259 dem\u0259kdir?<\/h2>\n<p>BITEP auditoriyas\u0131 \u0259sas\u0259n hosting v\u0259 VPS xidm\u0259tl\u0259ri il\u0259 maraqlanan IT m\u00fct\u0259x\u0259ssisl\u0259ri v\u0259 biznes sahibl\u0259ridir. Bu malware onlar \u00fc\u00e7\u00fcn iki c\u0259h\u0259td\u0259n t\u0259hl\u00fck\u0259lidir. Birincisi, server administratorlar\u0131 v\u0259 developer-l\u0259r tez-tez USB drive-lardan istifad\u0259 edirl\u0259r \u2014 config fayllar\u0131, installasiya paketl\u0259ri, backup-lar v\u0259 dig\u0259r m\u0259lumatlar \u00fc\u00e7\u00fcn. Bir yoluxmu\u015f USB drive, data center-in v\u0259 ya VPS administrator kompyuterinin yoluxmas\u0131na s\u0259b\u0259b ola bil\u0259r.<\/p>\n<p>\u0130kincisi, kriptovalyuta il\u0259 i\u015fl\u0259y\u0259n biznesl\u0259r \u2014 m\u0259s\u0259l\u0259n, crypto payment q\u0259bul ed\u0259n e-ticar\u0259t saytlar\u0131 v\u0259 ya crypto exchange operasiyalar\u0131 \u2014 clipboard \u0259v\u0259zetm\u0259 h\u00fccumlar\u0131na x\u00fcsusil\u0259 h\u0259ssasd\u0131rlar. Administrator bir wallet-d\u0259n dig\u0259rin\u0259 transfer ed\u0259rk\u0259n, clipboard-dak\u0131 address avtomatik \u0259v\u0259z olunarsa, minl\u0259rl\u0259 v\u0259 ya million dollar itiril\u0259 bil\u0259r. Bu, h\u0259r hans\u0131 bir kripto il\u0259 i\u015fl\u0259y\u0259n biznes \u00fc\u00e7\u00fcn real riskdir.<\/p>\n<p>\u00dc\u00e7\u00fcnc\u00fcs\u00fc, VPS v\u0259 server m\u00fchitind\u0259 clipboard o\u011furlu\u011fu birba\u015fa t\u0259sir etm\u0259s\u0259 d\u0259, USB drive vasit\u0259sil\u0259 yay\u0131lma qabiliyy\u0259ti office m\u00fchitind\u0259 ciddi t\u0259hl\u00fck\u0259 yarad\u0131r. Administrator \u00f6z laptop-undan server-\u0259 SSH vasit\u0259sil\u0259 qo\u015fulduqda, \u0259g\u0259r laptop-da Crypto Clipper varsa, SSH key-l\u0259ri v\u0259 ya server credential-l\u0259ri clipboard-dan o\u011furlana bil\u0259r.<\/p>\n<h2>Praktik t\u0259siri n\u0259dir?<\/h2>\n<p>Praktik t\u0259siri real v\u0259 \u00f6l\u00e7\u00fcl\u0259 bil\u0259ndir. 2025-ci ild\u0259 Microsoft-un m\u0259lumat\u0131na g\u00f6r\u0259, ox\u015far clipboard-stealing malware-l\u0259r millionlarca dollar kriptovalyuta o\u011furlay\u0131b. Crypto Clipper x\u00fcsusil\u0259 t\u0259hl\u00fck\u0259lidir, \u00e7\u00fcnki o, yaln\u0131z address o\u011furlam\u0131r, h\u0259m d\u0259 address-i \u0259v\u0259z edir, bu da istifad\u0259\u00e7il\u0259rin transaction-\u0131n u\u011furlu oldu\u011funu d\u00fc\u015f\u00fcnm\u0259sin\u0259 s\u0259b\u0259b olur. Bir ne\u00e7\u0259 h\u0259ft\u0259 \u0259rzind\u0259 istifad\u0259\u00e7i onlarca transaction ed\u0259 bil\u0259r v\u0259 he\u00e7 birind\u0259n \u015f\u00fcbh\u0259l\u0259nm\u0259y\u0259 bil\u0259r.<\/p>\n<p>Real d\u00fcnya ssenarisind\u0259, t\u0259siri bel\u0259 olur: Bir kompyuzer m\u00fchitind\u0259 bir yoluxmu\u015f USB drive, bir h\u0259ft\u0259 \u0259rzind\u0259 10-15 kompyuter\u0259 yay\u0131la bil\u0259r. H\u0259r kompyuterd\u0259 bir ne\u00e7\u0259 istifad\u0259\u00e7i kripto wallet address-l\u0259ri il\u0259 i\u015fl\u0259yirs\u0259, attacker q\u0131sa m\u00fcdd\u0259td\u0259 onlarca wallet-\u0259 access \u0259ld\u0259 ed\u0259 bil\u0259r. Seed phrase o\u011furlu\u011fu is\u0259 bir wallet-d\u0259 olan b\u00fct\u00fcn fondlar\u0131n itirilm\u0259sin\u0259 s\u0259b\u0259b olur \u2014 v\u0259 bunu geri qaytarmaq m\u00fcmk\u00fcn deyil.<\/p>\n<p>Bundan \u0259lav\u0259, SOCKS5 proxy + Tor kombinasiyas\u0131 malware-\u0131n m\u00fc\u0259yy\u0259n edilm\u0259sini \u00e7\u0259tinl\u0259\u015fdirir. \u018fn\u0259n\u0259vi antivirus sisteml\u0259ri C2 server IP-l\u0259rin\u0259 baxaraq malware-\u0131 tap\u0131r, amma Tor olduqda bu metod i\u015fl\u0259mir. Bu, security team-l\u0259rinin behavioral analysis v\u0259 endpoint detection sisteml\u0259rini t\u0259tbiq etm\u0259sini t\u0259l\u0259b edir.<\/p>\n<p>Real d\u00fcnya ssenarisind\u0259 bu malware-\u0131n t\u0259siri geni\u015f vektorla yay\u0131lma potensial\u0131na malikdir. M\u0259s\u0259l\u0259n, bir office m\u00fchitind\u0259 bir yoluxmu\u015f USB drive bir ne\u00e7\u0259 kompyuter\u0259 qo\u015fula bil\u0259r \u2014 h\u0259r birind\u0259 .lnk fayl\u0131 \u00f6z\u00fcn\u00fc install edir. H\u0259r yoluxmu\u015f kompyuter, \u00f6z n\u00f6vb\u0259sind\u0259, ba\u015fqa USB drive-lar\u0131 da yoluxdurur. Bu, bir ne\u00e7\u0259 h\u0259ft\u0259 \u0259rzind\u0259 bir ne\u00e7\u0259 on kompyuter\u0259 yay\u0131lma ssenariyi reald\u0131r. Bir yoluxmu\u015f USB drive bir attachment vasit\u0259sil\u0259 d\u0259 g\u0259l\u0259 bil\u0259r \u2014 m\u0259s\u0259l\u0259n, bir i\u015f\u00e7i \u00f6z flash drive-nu conference-dak\u0131 po\u00e7t kompyuterl\u0259rind\u0259n birin\u0259 qo\u015fubsa, bu da yoluxucu olar. Bu yegan\u0259 yoluxmu\u015f drive, bir ew m\u00fcdd\u0259t sonra \u015firk\u0259tin b\u00fct\u00fcn \u015f\u0259b\u0259k\u0259sin\u0259 s\u0131zm\u0131\u015f ola bil\u0259r, v\u0259 bu, USB-l\u0259rin tez-tez n\u0259z\u0259r\u0259 al\u0131nmayan bir threat vector oldu\u011fu fakt\u0131n\u0131 bir daha t\u0259sdiq edir.<\/p>\n<h2>Diqq\u0259t edilm\u0259li m\u0259qamlar<\/h2>\n<p>Birincisi, USB drive-lardan ehtiyatl\u0131 istifad\u0259 edin. Production server-l\u0259rind\u0259 v\u0259 ya admin kompyuterl\u0259rind\u0259 bilinm\u0259y\u0259n USB drive-lar\u0131 qo\u015fmay\u0131n. Siyasi qayda olaraq, USB drive-lar yaln\u0131z trusted m\u0259nb\u0259l\u0259rd\u0259n q\u0259bul edilm\u0259li v\u0259 istifad\u0259d\u0259n \u0259vv\u0259l antivirus t\u0259r\u0259find\u0259n skan edilm\u0259lidir.<\/p>\n<p>\u0130kincisi, kripto wallet address-l\u0259rini yap\u0131\u015fd\u0131rd\u0131qdan sonra h\u0259mi\u015f\u0259 son bir ne\u00e7\u0259 simvolu yoxlay\u0131n. Address-i yap\u0131\u015fd\u0131rd\u0131qdan d\u0259rhal sonra, son 4-6 simvolu manual olaraq g\u00f6t\u00fcr\u00fcn v\u0259 \u0259sl wallet address il\u0259 m\u00fcqayis\u0259 edin. \u018fg\u0259r uy\u011fun g\u0259lmirs\u0259, clipboard-da malware ola bil\u0259r.<\/p>\n<p>\u00dc\u00e7\u00fcnc\u00fcs\u00fc, seed phrase-l\u0259ri he\u00e7 vaxt clipboard-a kopyalamay\u0131n. Seed phrase-l\u0259r yaln\u0131z offline yaz\u0131lmal\u0131 v\u0259 ya hardware wallet-da saxlanmal\u0131d\u0131r. \u018fg\u0259r seed phrase-i r\u0259q\u0259msal formatda saxlamaq laz\u0131md\u0131rsa, \u015fifrl\u0259nmi\u015f offline faylda v\u0259 ya password manager-da (clipboard monitoring-d\u0259n qorunan) saxlay\u0131n.<\/p>\n<p>D\u00f6rd\u00fcnc\u00fcs\u00fc, firewall-da SOCKS5 proxy traffic-ini izl\u0259yin. Crypto Clipper local SOCKS5 proxy istifad\u0259 edir \u2014 bu traffic-i network s\u0259viyy\u0259sind\u0259 a\u015fkar etm\u0259k m\u00fcmk\u00fcnd\u00fcr. \u018fg\u0259r kompyuterinizd\u0259 Tor traffic-i g\u00f6rm\u00fcrs\u00fcn\u00fczs\u0259 v\u0259 SOCKS5 proxy activity varsa, bu, malware-\u0131n i\u015fl\u0259diyin\u0259 i\u015far\u0259 ola bil\u0259r.<\/p>\n<p>Be\u015fincisi, endpoint protection solutions (EDR) istifad\u0259 edin. \u018fn\u0259n\u0259vi antivirus signature-based detection il\u0259 i\u015fl\u0259yir v\u0259 yeni malware-lar\u0131 tutmaqda z\u0259ifdir. EDR sisteml\u0259ri is\u0259 behavioral analysis edir \u2014 clipboard monitoring, SOCKS5 proxy yarad\u0131lmas\u0131 v\u0259 USB-d\u0259n .lnk fayl yaz\u0131lmas\u0131 kimi davran\u0131\u015flar\u0131 a\u015fkarlaya bil\u0259r.<\/p>\n<h2>N\u0259tic\u0259<\/h2>\n<p>Crypto Clipper, lightweight amma y\u00fcks\u0259k t\u0259sirli malware-\u0131n n\u00fcmun\u0259sidir. O, sad\u0259 bir clipboard o\u011furlu\u015fu deyil \u2014 Tor \u015f\u0259b\u0259k\u0259si, SOCKS5 proxy, USB yay\u0131lma v\u0259 address swapping kombinasiyas\u0131 il\u0259 tam funksional bir backdoor-dur. Microsoft-un a\u015fkarlamas\u0131 bu malware-\u0131n art\u0131q real d\u00fcnyada yay\u0131ld\u0131\u011f\u0131n\u0131 g\u00f6st\u0259rir. BITEP auditoriyas\u0131 \u00fc\u00e7\u00fcn bu, USB drive t\u0259hl\u00fck\u0259sizliyi, clipboard monitoring qorunmas\u0131 v\u0259 kripto wallet t\u0259hl\u00fck\u0259sizliyi kimi m\u00f6vzular\u0131n aktual oldu\u011funu bir daha t\u0259sdiql\u0259yir. Server v\u0259 VPS administratorlar\u0131 endpoint protection, behavioral detection v\u0259 USB siyas\u0259tl\u0259rini ciddi q\u0259bul etm\u0259lidirl\u0259r. Kriptovalyuta il\u0259 i\u015fl\u0259y\u0259n h\u0259r k\u0259s is\u0259 seed phrase-l\u0259ri exposure-d\u0259n qorumal\u0131 v\u0259 wallet address-l\u0259rini clipboard vasit\u0259sil\u0259 g\u00f6nd\u0259rm\u0259kd\u0259n \u00e7\u0259kinm\u0259lidir.<\/p>\n<p>G\u0259l\u0259c\u0259kd\u0259 bu tip malware-lar daha da inc\u0259l\u0259\u015f\u0259 v\u0259 geni\u015f yay\u0131la bil\u0259r. Microsoft-un researcher-l\u0259ri qeyd edir ki, &#8220;lightweight, script-based stealers&#8221;-in b\u00f6y\u00fck t\u0259sir ver\u0259 bilm\u0259si yeni bir malware trendin\u0259 i\u015far\u0259 edir. Security community \u00fc\u00e7\u00fcn bu, kiberm\u00fcharib\u0259nin yaln\u0131z b\u00f6y\u00fck malware-lara deyil, h\u0259m d\u0259 az \u00e7\u0259kiy\u0259 malik script-l\u0259rin b\u00f6y\u00fck z\u0259r\u0259r ver\u0259 bil\u0259c\u0259yi formala\u015fd\u0131\u011f\u0131n\u0131 g\u00f6st\u0259rir. H\u0259r IT m\u00fct\u0259x\u0259ssisi, EDR (Endpoint Detection and Response) sisteml\u0259rinin behavior-based analizl\u0259rin\u0259 \u00fcst\u00fcnl\u00fck verm\u0259li, USB drive-lar \u00fc\u00e7\u00fcn qrup siyas\u0259ti (Group Policy) t\u0259tbiq etm\u0259li, v\u0259 clipboard-dak\u0131 sensitive m\u0259lumatlar\u0131 monitorinq alt\u0131nda saxlamaq \u00fc\u00e7\u00fcn DLP (Data Loss Prevention) h\u0259ll\u0259ri n\u0259z\u0259rd\u0259n ke\u00e7irm\u0259lidir. T\u0259hl\u00fck\u0259sizlik bir m\u0259rh\u0259l\u0259lik yox, davaml\u0131 bir prosesdir v\u0259 Crypto Clipper kimi yeni threat-l\u0259r\u0259 adaptasiya olmaq \u00fc\u00e7\u00fcn daimi vigilance t\u0259l\u0259b edir.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Microsoft-un T\u0259hl\u00fck\u0259sizlik T\u0259dqiqatlar\u0131 Komandas\u0131 yeni v\u0259 t\u0259hl\u00fck\u0259li self-propagating malware a\u015fkar edib. &#8220;Crypto Clipper&#8221; adlanan bu worm, USB drive-lar \u00fcz\u0259rind\u0259n yay\u0131l\u0131r, istifad\u0259\u00e7il\u0259rin clipboard m\u0259lumatlar\u0131n\u0131 izl\u0259yir v\u0259 kriptovalyuta wallet addressl\u0259rini o\u011furlay\u0131b onlar\u0131 attacker-in wallet-l\u0259ri il\u0259 \u0259v\u0259z edir. Bu, sad\u0259 bir clipboard o\u011furlu\u015fu deyil \u2014Tor \u015f\u0259b\u0259k\u0259si \u00fcz\u0259rind\u0259n i\u015fl\u0259y\u0259n tam funksional backdoor-dur. X\u0259b\u0259r 18 \u0130yun 2026 tarixind\u0259 Ars Technica [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":11207,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"om_disable_all_campaigns":false,"_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0,"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[31,18],"tags":[],"class_list":["post-11208","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cyber-security","category-technology"],"aioseo_notices":[],"jetpack_featured_media_url":"https:\/\/bitep.net\/blog\/wp-content\/uploads\/2026\/06\/microsoft-crypto-clipper-cover.png","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/bitep.net\/blog\/wp-json\/wp\/v2\/posts\/11208","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/bitep.net\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/bitep.net\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/bitep.net\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/bitep.net\/blog\/wp-json\/wp\/v2\/comments?post=11208"}],"version-history":[{"count":0,"href":"https:\/\/bitep.net\/blog\/wp-json\/wp\/v2\/posts\/11208\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/bitep.net\/blog\/wp-json\/wp\/v2\/media\/11207"}],"wp:attachment":[{"href":"https:\/\/bitep.net\/blog\/wp-json\/wp\/v2\/media?parent=11208"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/bitep.net\/blog\/wp-json\/wp\/v2\/categories?post=11208"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/bitep.net\/blog\/wp-json\/wp\/v2\/tags?post=11208"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}