{"id":10825,"date":"2022-07-05T15:06:27","date_gmt":"2022-07-05T12:06:27","guid":{"rendered":"https:\/\/www.kaspersky.com.tr\/blog\/?p=10825"},"modified":"2022-07-05T15:06:27","modified_gmt":"2022-07-05T12:06:27","slug":"phishing-qr-code-attack-on-qq-users","status":"publish","type":"post","link":"https:\/\/www.kaspersky.com.tr\/blog\/phishing-qr-code-attack-on-qq-users\/10825\/","title":{"rendered":"QQ kullan\u0131c\u0131lar\u0131na QR kodlu kimlik av\u0131 sald\u0131r\u0131s\u0131"},"content":{"rendered":"

G\u00fcn\u00fcm\u00fczde insanlar g\u00fcvenilir olmayan kaynaklardan e-posta veya mesajlarla gelen ba\u011flant\u0131lara t\u0131klaman\u0131n iyi bir fikir olmad\u0131\u011f\u0131n\u0131n fark\u0131nda. Ancak i\u015f QR kod taramaya gelince pek \u00e7ok ki\u015fi daha ihmalkar davranabiliyor. Asl\u0131nda QR kodlar daha tehlikeli bile olabilir; bir ba\u011flant\u0131ya t\u0131klamadan \u00f6nce ba\u011flant\u0131da ne yazd\u0131\u011f\u0131n\u0131 kontrol edebiliyorsunuz, QR kodlarda ise b\u00f6yle bir \u015fans\u0131n\u0131z yok. Dolay\u0131s\u0131yla \u00c7in\u2019deki bu QR kodlu kimlik av\u0131 hikayesi \u00e7ok da \u015fa\u015f\u0131rt\u0131c\u0131 de\u011fil.<\/p>\n

Ne oldu?<\/h2>\n

Ge\u00e7ti\u011fimiz g\u00fcn, bilinmeyen baz\u0131 siber su\u00e7lular\u0131n oyunlara \u00fccretsiz giri\u015f sunan kimlik av\u0131 QR kodlar\u0131 yayd\u0131\u011f\u0131, ard\u0131ndan da bu QR kodlar\u0131 kullanarak QQ mesajla\u015fma ve sosyal medya platformundaki baz\u0131 hesaplar\u0131 ele ge\u00e7irdi\u011fi bildirildi<\/a>.<\/p>\n

QQ<\/a>, di\u011fer \u00fclkelerde pek bilinmese de \u00c7in\u2019de y\u00fcz milyonlarca aktif kullan\u0131c\u0131ya sahip DEV bir platform. Platform sohbet, film izleme, blog ve oyun gibi \u00e7e\u015fitli servisler sunuyor. Bu yaz\u0131da bizi ilgilendiren oyun k\u0131sm\u0131. Platform \u00c7inli teknoloji devi Tencent taraf\u0131ndan geli\u015ftirildi.<\/p>\n

B\u00f6lgenin \u00f6zellikleri nedeniyle sald\u0131r\u0131n\u0131n tam olarak nas\u0131l ba\u015flad\u0131\u011f\u0131n\u0131 ve ka\u00e7 hesab\u0131n \u00e7al\u0131nd\u0131\u011f\u0131n\u0131 anlamak zor. Ancak olay, Tencent\u2019in Sina Weibo\u2019da (Twitter\u2019\u0131n \u00c7in versiyonu) bir \u00f6z\u00fcr metni yay\u0131nlamas\u0131n\u0131 gerektirecek kadar b\u00fcy\u00fck.<\/p>\n

Sald\u0131r\u0131 mekanizmas\u0131 az \u00e7ok ortada. Yukar\u0131da bahsetti\u011fimiz gibi, sald\u0131rganlar oyunlara \u00fccretsiz giri\u015f vadeden k\u00f6t\u00fc ama\u00e7l\u0131 QR kodlar yaym\u0131\u015f. Bu QR kodlar\u0131 taratan kullan\u0131c\u0131lardan QQ hesaplar\u0131yla kimlik do\u011frulamalar\u0131 isteniyor. Kullan\u0131c\u0131lar isteneni yapt\u0131\u011f\u0131nda sald\u0131rganlar kurbanlar\u0131n giri\u015f bilgilerini \u00e7al\u0131yor ve sonras\u0131nda bu hesaplar\u0131 kendi \u00e7\u0131karlar\u0131 do\u011frultusunda kullan\u0131yor. Sonu\u00e7 olarak bilinmeyen say\u0131da kullan\u0131c\u0131 QQ hesaplar\u0131na eri\u015fimi kaybetti.<\/p>\n

Durumdan haberdar olan Tencent, etkilenen hesaplara eri\u015fimi geri sa\u011flad\u0131. \u015eirket sald\u0131r\u0131 hakk\u0131nda daha fazla bilgiye ula\u015fmak i\u00e7in yerel yetkililerle birlikte \u00e7al\u0131\u015f\u0131yor.<\/p>\n

Kendinizi koruyun<\/h2>\n

Bu \u00f6rnek \u00c7in\u2019i etkilemi\u015f olsa da k\u00f6t\u00fc ama\u00e7l\u0131 QR kod tehdidi hafife al\u0131nmamal\u0131. \u00d6zellikle de Covid y\u00fcz\u00fcnden son y\u0131llarda QR kod kullan\u0131m\u0131 bu kadar yayg\u0131nla\u015fm\u0131\u015fken. \u0130\u015fi \u015fansa b\u0131rakmamak i\u00e7in QR kodlar\u0131 tararken Kaspersky QR Scanner kullan\u0131n (hem Android<\/a> hem de iOS<\/a> i\u00e7in mevcut). Kod tehlikeli bir siteye y\u00f6nlendiriyorsa uygulama sizi uyaracakt\u0131r.<\/p>\n\n","protected":false},"excerpt":{"rendered":"

Doland\u0131r\u0131c\u0131lar QR kodlu kimlik av\u0131 sald\u0131r\u0131s\u0131yla nas\u0131l QQ hesaplar\u0131n\u0131 ele ge\u00e7irdi<\/p>\n","protected":false},"author":2684,"featured_media":10828,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[1351],"tags":[1074,963,586,2560],"class_list":{"0":"post-10825","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-threats","8":"tag-kimlik-avi","9":"tag-oyun","10":"tag-oyunlar","11":"tag-qr-kodlar"},"hreflang":[{"hreflang":"tr","url":"https:\/\/www.kaspersky.com.tr\/blog\/phishing-qr-code-attack-on-qq-users\/10825\/"},{"hreflang":"en-in","url":"https:\/\/www.kaspersky.co.in\/blog\/phishing-qr-code-attack-on-qq-users\/24327\/"},{"hreflang":"en-ae","url":"https:\/\/me-en.kaspersky.com\/blog\/phishing-qr-code-attack-on-qq-users\/19794\/"},{"hreflang":"ar","url":"https:\/\/me.kaspersky.com\/blog\/phishing-qr-code-attack-on-qq-users\/9993\/"},{"hreflang":"en-us","url":"https:\/\/usa.kaspersky.com\/blog\/phishing-qr-code-attack-on-qq-users\/26690\/"},{"hreflang":"en-gb","url":"https:\/\/www.kaspersky.co.uk\/blog\/phishing-qr-code-attack-on-qq-users\/24628\/"},{"hreflang":"es-mx","url":"https:\/\/latam.kaspersky.com\/blog\/phishing-qr-code-attack-on-qq-users\/25002\/"},{"hreflang":"es","url":"https:\/\/www.kaspersky.es\/blog\/phishing-qr-code-attack-on-qq-users\/27357\/"},{"hreflang":"it","url":"https:\/\/www.kaspersky.it\/blog\/phishing-qr-code-attack-on-qq-users\/27011\/"},{"hreflang":"ru","url":"https:\/\/www.kaspersky.ru\/blog\/phishing-qr-code-attack-on-qq-users\/33433\/"},{"hreflang":"x-default","url":"https:\/\/www.kaspersky.com\/blog\/phishing-qr-code-attack-on-qq-users\/44767\/"},{"hreflang":"fr","url":"https:\/\/www.kaspersky.fr\/blog\/phishing-qr-code-attack-on-qq-users\/19114\/"},{"hreflang":"pt-br","url":"https:\/\/www.kaspersky.com.br\/blog\/phishing-qr-code-attack-on-qq-users\/19666\/"},{"hreflang":"ja","url":"https:\/\/blog.kaspersky.co.jp\/phishing-qr-code-attack-on-qq-users\/32592\/"},{"hreflang":"nl","url":"https:\/\/www.kaspersky.nl\/blog\/phishing-qr-code-attack-on-qq-users\/28350\/"},{"hreflang":"ru-kz","url":"https:\/\/blog.kaspersky.kz\/phishing-qr-code-attack-on-qq-users\/25182\/"},{"hreflang":"en-au","url":"https:\/\/www.kaspersky.com.au\/blog\/phishing-qr-code-attack-on-qq-users\/30691\/"},{"hreflang":"en-za","url":"https:\/\/www.kaspersky.co.za\/blog\/phishing-qr-code-attack-on-qq-users\/30440\/"}],"acf":[],"banners":"","maintag":{"url":"https:\/\/www.kaspersky.com.tr\/blog\/tag\/qr-kodlar\/","name":"QR kodlar"},"_links":{"self":[{"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/posts\/10825","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/users\/2684"}],"replies":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/comments?post=10825"}],"version-history":[{"count":3,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/posts\/10825\/revisions"}],"predecessor-version":[{"id":10829,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/posts\/10825\/revisions\/10829"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/media\/10828"}],"wp:attachment":[{"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/media?parent=10825"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/categories?post=10825"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/tags?post=10825"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}