{"id":14,"date":"2025-10-19T19:05:38","date_gmt":"2025-10-19T19:05:38","guid":{"rendered":"https:\/\/mobisec.uz\/index.php\/2025\/10\/19\/blog-2\/"},"modified":"2025-10-20T12:26:27","modified_gmt":"2025-10-20T12:26:27","slug":"blog-2","status":"publish","type":"post","link":"https:\/\/mobisec.uz\/index.php\/2025\/10\/19\/blog-2\/","title":{"rendered":"&#171;Clayrat&#187; josus dasturi aniqlandi"},"content":{"rendered":"<p>Josus dastur o&#8217;zini telegram, instagram va xattoki whatsapp ilovasi sifatida ko&#8217;rsata oladi.<\/p>\n\n\n<p class=\"wp-block-paragraph\">Android uchun yangi josuslik dasturi o\u02bbzini mashhur ilovalar va xizmatlar, jumladan WhatsApp, Google Photos, TikTok va YouTube sifatida yashiradi. ClayRat rus foydalanuvchilariga mo&#8217;ljallangan va Telegram kanallari va fishing veb-saytlari orqali tarqatiladi. Zararli dastur SMS-xabarlarni, qo\u2018ng\u2018iroqlar jurnallarini, bildirishnomalarni o\u2018g\u2018irlaydi, kameradan suratga oladi va hatto jabrlanuvchining o\u2018zini ko\u2018rsatuvchi qo\u2018ng\u2018iroqlarni ham amalga oshirishi mumkin.<\/p>\n\n\n\n<figure class=\"wp-block-image size-full is-resized\"><img loading=\"lazy\" decoding=\"async\" width=\"906\" height=\"582\" src=\"https:\/\/mobisec.uz\/wp-content\/uploads\/2025\/10\/image-1.png\" alt=\"\" class=\"wp-image-91\" style=\"width:758px;height:auto\" srcset=\"https:\/\/mobisec.uz\/wp-content\/uploads\/2025\/10\/image-1.png 906w, https:\/\/mobisec.uz\/wp-content\/uploads\/2025\/10\/image-1-300x193.png 300w, https:\/\/mobisec.uz\/wp-content\/uploads\/2025\/10\/image-1-768x493.png 768w\" sizes=\"auto, (max-width: 906px) 100vw, 906px\" \/><\/figure>\n\n\n\n<p class=\"wp-block-paragraph\">Zimperium tadqiqotchilari atigi uch oy ichida ushbu zararli dasturning 600 dan ortiq namunalarini va 50 ta turli tomchilarni topdilar.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Shuningdek, ClayRat o\u02bbzining boshqaruv serveri bilan bog\u02bblanadi (so\u02bbnggi versiyalarda trafik AES\u2011GCM yordamida shifrlanadi), undan so\u02bbng u qo\u02bbllab\u2011quvvatlanadigan o\u02bbn ikki buyruqdan birini bajarishga tayyor:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>get_apps_list<\/strong> \u2014 o\u02bbrnatilgan ilovalar ro\u02bbyxatini boshqaruv serveriga yuborish;<\/li>\n\n\n\n<li><strong>get_calls<\/strong> \u2014 qo\u02bbng\u02bbiroqlar jurnalini olish;<\/li>\n\n\n\n<li><strong>get_camera<\/strong> \u2014 old (selfi) kameradan surat olib serverga yuborish;<\/li>\n\n\n\n<li><strong>get_sms_list<\/strong> \u2014 SMS-xabarlarni olish;<\/li>\n\n\n\n<li><strong>messsms<\/strong> \u2014 kontaktlarning barchasiga ommaviy SMS tarqatish;<\/li>\n\n\n\n<li><strong>send_sms \/ make_call<\/strong> \u2014 qurilmadan SMS yuborish yoki qo\u02bbng\u02bbiroq amalga oshirish;<\/li>\n\n\n\n<li><strong>notifications \/ get_push_notifications<\/strong> \u2014 bildirishnomalar va push-xabarlarni ushlab olish;<\/li>\n\n\n\n<li><strong>get_device_info<\/strong> \u2014 qurilma haqida ma\u02bclumot yig\u02bbish;<\/li>\n\n\n\n<li><strong>get_proxy_data<\/strong> \u2014 proxy\u2011WebSocket URLini olish, qurilma ID sini qo\u02bbshish va ulanishni ishga tushirish (HTTP\/HTTPS ni WebSocket ga aylantiradi va vazifalarni rejalashtiradi);<\/li>\n\n\n\n<li><strong>retransmishion<\/strong> \u2014 boshqaruv serveridan olingan raqamga SMSni qayta yo\u02bbnaltirish.<\/li>\n<\/ul>\n\n\n\n<p class=\"wp-block-paragraph\">Zimperium mutaxassislari Google-ga to\u02bbliq komprometatsiya indikatorlari ro\u02bbyxatini topshirgan, va hozirda Play Protect himoyasi ClayRat-ning ma\u02bclum hamda yangi variantlarini aniqlab bloklamoqda.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Josus dastur o&#8217;zini telegram, instagram va xattoki whatsapp ilovasi sifatida ko&#8217;rsata oladi. Android uchun yangi josuslik dasturi o\u02bbzini mashhur ilovalar va xizmatlar, jumladan WhatsApp, Google Photos, TikTok va YouTube sifatida yashiradi. ClayRat rus foydalanuvchilariga mo&#8217;ljallangan va Telegram kanallari va fishing veb-saytlari orqali tarqatiladi. Zararli dastur SMS-xabarlarni, qo\u2018ng\u2018iroqlar jurnallarini, bildirishnomalarni o\u2018g\u2018irlaydi, kameradan suratga oladi va hatto&#8230;<\/p>\n","protected":false},"author":1,"featured_media":116,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[6,8,5],"tags":[],"class_list":["post-14","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-android-ilovalari-kiberxavfsizligi","category-kiberxavfsizlik-insidentlari","category-zararli-dasturlar"],"_links":{"self":[{"href":"https:\/\/mobisec.uz\/index.php\/wp-json\/wp\/v2\/posts\/14","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/mobisec.uz\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/mobisec.uz\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/mobisec.uz\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/mobisec.uz\/index.php\/wp-json\/wp\/v2\/comments?post=14"}],"version-history":[{"count":5,"href":"https:\/\/mobisec.uz\/index.php\/wp-json\/wp\/v2\/posts\/14\/revisions"}],"predecessor-version":[{"id":119,"href":"https:\/\/mobisec.uz\/index.php\/wp-json\/wp\/v2\/posts\/14\/revisions\/119"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/mobisec.uz\/index.php\/wp-json\/wp\/v2\/media\/116"}],"wp:attachment":[{"href":"https:\/\/mobisec.uz\/index.php\/wp-json\/wp\/v2\/media?parent=14"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/mobisec.uz\/index.php\/wp-json\/wp\/v2\/categories?post=14"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/mobisec.uz\/index.php\/wp-json\/wp\/v2\/tags?post=14"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}