{"id":10887,"date":"2022-07-26T17:08:22","date_gmt":"2022-07-26T14:08:22","guid":{"rendered":"https:\/\/www.kaspersky.com.tr\/blog\/?p=10887"},"modified":"2022-07-26T17:08:22","modified_gmt":"2022-07-26T14:08:22","slug":"sky-mavis-crypto-heist","status":"publish","type":"post","link":"https:\/\/www.kaspersky.com.tr\/blog\/sky-mavis-crypto-heist\/10887\/","title":{"rendered":"Yar\u0131m milyar dolarl\u0131k kripto soygunu"},"content":{"rendered":"

\u0130nsanlara tonla para vadeden<\/a>, oysa ger\u00e7ekte tam tersine ceplerini bo\u015faltan doland\u0131r\u0131c\u0131l\u0131klar hakk\u0131nda s\u0131k s\u0131k yaz\u0131yoruz. Siber su\u00e7lular benzer \u015fekilde \u00e7al\u0131\u015fanlar\u0131n a\u00e7g\u00f6zl\u00fcl\u00fc\u011f\u00fcnden veya ihmalinden faydalanarak koskoca \u015firketlerin paras\u0131n\u0131 da \u00e7alabiliyor.<\/p>\n

Axie Infinity<\/em> adl\u0131 oynad\u0131k\u00e7a kazan oyunu i\u00e7in Sky Mavis taraf\u0131ndan yarat\u0131lan Ronin Networks blok zinciri sisteminin ba\u015f\u0131na gelen de tam olarak bu. Bir Sky Mavis \u00e7al\u0131\u015fan\u0131n\u0131n i\u00e7inde casus yaz\u0131l\u0131m gizli bir PDF dosyas\u0131 indirmesi, gelmi\u015f ge\u00e7mi\u015f en b\u00fcy\u00fck kripto para h\u0131rs\u0131zl\u0131klar\u0131ndan biriyle sonu\u00e7land\u0131. \u015eirket 173\u00a0600 ETH ve 25,5 milyon USDC kaybetti (olay ger\u00e7ekle\u015fti\u011fi s\u0131rada bunlar yakla\u015f\u0131k 540 milyon USD de\u011ferindeydi). Sald\u0131r\u0131y\u0131 ayr\u0131nt\u0131lar\u0131yla tart\u0131\u015f\u0131yor ve kendinizi nas\u0131l koruyabilece\u011finize dair ipu\u00e7lar\u0131 payla\u015f\u0131yoruz.<\/p>\n

K\u0131saca Axie Infinity<\/em> ve Ronin Networks<\/h2>\n

Axie Infinity<\/a>, oyuncularn \u201cyeti\u015ftirilebilen,\u201d yar\u0131\u015fmalarda kullan\u0131labilen ve di\u011fer oyunculara sat\u0131labilen \u201caxie\u201d adl\u0131 fantastik yarat\u0131klar\u0131n yard\u0131m\u0131yla kripto para kazanabildi\u011fi \u00e7evrimi\u00e7i vir video oyunu. Oyuncular\u0131n sevimli hayvanlar olarak g\u00f6rd\u00fc\u011f\u00fc axie\u2019ler asl\u0131nda \u00f6z\u00fcnde birer de\u011fi\u015ftirilemez token (NFT).<\/p>\n

2018\u2019de yay\u0131nlanan Axie Infinity<\/em> k\u0131sa s\u00fcrede geni\u015f bir oyuncu kitlesi kazand\u0131. Zirvede oldu\u011fu d\u00f6nemde oyuncular o kadar \u00e7ok para kazanabiliyordu ki G\u00fcneydo\u011fu Asya\u2019da baz\u0131 insanlar i\u00e7in tam zamanl\u0131 bir i\u015fe d\u00f6n\u00fc\u015ft\u00fc<\/a>. Rekor k\u0131rd\u0131\u011f\u0131 Kas\u0131m 2021\u2019de oyunun g\u00fcnl\u00fck oyuncu say\u0131s\u0131 2,7 milyondu<\/a>, kazanc\u0131 ise ge\u00e7ti\u011fimiz sene haftada 215 milyon USD\u2019ye<\/a> ula\u015ft\u0131 (ancak 2022 yaz\u0131na gelindi\u011finde haftada yaln\u0131zca 1 milyon USD\u2019ye kadar d\u00fc\u015ft\u00fc).<\/p>\n

Axie Infinity<\/em> ekosisteminde \u00f6demeler Ethereum blok zinciri tabanl\u0131 oyun i\u00e7i para birimi Smooth Love Potion<\/a> (SLP) ile yap\u0131l\u0131yor. Geli\u015ftiriciler oyuncular\u0131n normal kripto parayla rahat\u00e7a ve y\u00fcksek \u00fccretler \u00f6demeden SLP al\u0131p satabilmesi i\u00e7in Ronin platformunu<\/a> yaratt\u0131. Siber su\u00e7lular\u0131n ilgisini \u00e7eken de bu platform oldu.<\/p>\n

Reddedilemeyecek bir teklif: Doland\u0131r\u0131c\u0131lar geli\u015ftiricileri nas\u0131l kand\u0131rd\u0131<\/h2>\n

Sald\u0131rganlar platforma ula\u015fabilmek i\u00e7in Sky Mavis \u00e7al\u0131\u015fanlar\u0131na hedefli bir sald\u0131r\u0131<\/a> d\u00fczenledi. \u015eirket hakk\u0131nda bilgi toplad\u0131ktan sonra \u00e7ok cazip maa\u015fl\u0131 sahte bir i\u015f teklifine dayanan bir plan kurdular.<\/p>\n

Plan, asl\u0131nda bu tuza\u011fa d\u00fc\u015fmemesi gereken \u00fcst d\u00fczey bir m\u00fchendise (b\u00fcy\u00fck olas\u0131l\u0131kla LinkedIn \u00fcst\u00fcnden) \u00e7ekici bir i\u015f teklifi g\u00f6nderilmesiyle ba\u015fl\u0131yordu. Beklendi\u011fi \u00fczere t\u00fcm \u201cse\u00e7me a\u015famalar\u0131n\u0131\u201d b\u00fcy\u00fck ba\u015far\u0131yla ge\u00e7en \u00e7al\u0131\u015fan, i\u015ftah kabartan teklifi PDF dosyas\u0131 format\u0131nda ald\u0131. Dosya indirildi\u011finde i\u00e7indeki casus yaz\u0131l\u0131m \u015firket a\u011f\u0131na sal\u0131nm\u0131\u015f oldu.<\/p>\n

Casus yaz\u0131l\u0131m i\u015f ba\u015f\u0131nda: Fonlar\u0131n \u00e7ekilmesi<\/h2>\n

Siber su\u00e7lular k\u00f6t\u00fc ama\u00e7l\u0131 yaz\u0131l\u0131mlar kullanarak a\u011f do\u011frulay\u0131c\u0131lar\u0131n<\/a>, yani kripto para i\u015flemlerini do\u011frulayan ve onaylayan d\u00fc\u011f\u00fcmlerin \u00f6zel anahtarlar\u0131na<\/a> eri\u015fim elde etti. Sald\u0131r\u0131 s\u0131ras\u0131nda Ronin Networks\u2019de bu \u015fekilde dokuz do\u011frulay\u0131c\u0131 vard\u0131 ve i\u015flemin ger\u00e7ekle\u015febilmesi i\u00e7in bunlardan en az be\u015finin i\u015flemi onaylamas\u0131 gerekiyordu. Nihayetinde sald\u0131rganlar \u015firket b\u00fcnyesindeki d\u00f6rt do\u011frulay\u0131c\u0131n\u0131n ve merkezi olmayan otonom Axie DAO<\/a> kurulu\u015fundaki be\u015finci bir do\u011frulay\u0131c\u0131n\u0131n g\u00fcvenli\u011fini ihlal etmeyi ba\u015fard\u0131. Sky Mavis\u2019in ihmali olmasayd\u0131 bu be\u015finci do\u011frulay\u0131c\u0131n\u0131n burada olmamas\u0131 gerekiyordu.<\/p>\n

\u015eirket Kas\u0131m 2021\u2019de y\u00fcksek i\u015flem hacmi ve do\u011frulay\u0131c\u0131lardaki y\u00fck y\u00fcz\u00fcnden Axie DAO\u2019nun transferleri onaylamas\u0131na izin vermi\u015fti. Bir ay sonra y\u00fck azald\u0131. Art\u0131k Axie DAO\u2019nun yard\u0131m\u0131na ihtiya\u00e7 kalmam\u0131\u015ft\u0131 ama i\u015flem onaylama haklar\u0131 geri \u00e7ekilmedi, bu da siber su\u00e7lular\u0131n ekme\u011fine ya\u011f s\u00fcrd\u00fc. Sky Mavis sistemine s\u0131zan hacker\u2019lar Axie DAO\u2019ya da eri\u015fim kazand\u0131, bu da onlara ba\u015fkalar\u0131n\u0131n hesaplar\u0131ndaki fonlar\u0131 kendi hesaplar\u0131na ge\u00e7irmek i\u00e7in gereken be\u015finci do\u011frulay\u0131c\u0131ya eri\u015fim sa\u011flad\u0131.<\/p>\n

Sky Mavis\u2019in yan\u0131t\u0131<\/h2>\n

Sky Mavis sald\u0131r\u0131y\u0131 ke\u015ffedince sorumlu davranarak g\u00fcvenli\u011fi artt\u0131rmaya y\u00f6nelik ad\u0131mlar att\u0131. \u015eirket, Verichains ve CertiK\u2019den g\u00fcvenlik uzmanlar\u0131 getirerek Ronin Networks\u2019de detayl\u0131 bir inceleme y\u00fcr\u00fctt\u00fc<\/a>. Sky Mavis ayr\u0131ca do\u011frulay\u0131c\u0131 say\u0131s\u0131n\u0131 11\u2019e y\u00fckseltti ve kademeli olarak en az 100\u2019e \u00e7\u0131karaca\u011f\u0131na da s\u00f6z verdi<\/a>. Toplam do\u011frulay\u0131c\u0131 say\u0131s\u0131 ne kadar fazla olursa yetkisiz i\u015flem ger\u00e7ekle\u015ftirmek i\u00e7in g\u00fcvenli\u011fi ihlal edilmesi gereken do\u011frulay\u0131c\u0131 say\u0131s\u0131 da o kadar art\u0131yor. Dolay\u0131s\u0131yla say\u0131y\u0131 artt\u0131rman\u0131n teoride bu t\u00fcr sald\u0131r\u0131lar\u0131 daha zor hale getirmesi gerekiyor.<\/p>\n

\u00c7al\u0131nan fonlar esas\u0131nda Axie Infinity<\/em> oyuncular\u0131na ait oldu\u011fu i\u00e7in Sky Mavis 28 Haziran\u2019da tazminat \u00f6demelerine ba\u015flad\u0131. \u015eirket bunun i\u00e7in hem kendi kaynaklar\u0131ndan hem de Nisan ba\u015f\u0131nda ald\u0131\u011f\u0131 150 milyon USD\u2019lik Binance fonundan yararland\u0131.<\/p>\n

Kendinizi koruman\u0131n yollar\u0131<\/h2>\n

Siber su\u00e7lular hedefli bir sald\u0131r\u0131 planlarken kurbanlar\u0131n\u0131n zay\u0131f noktalar\u0131n\u0131 dikkatle inceler. Bu zay\u0131f noktalar hem cihazlar ve yaz\u0131l\u0131mlardaki g\u00fcvenlik a\u00e7\u0131klar\u0131 hem de insan fakt\u00f6r\u00fc olabilir. Hikayemizin \u201ckahraman\u0131\u201d deneyimli bir BT uzman\u0131yd\u0131, fakat o bile kand\u0131r\u0131ld\u0131. Benzer bir duruma d\u00fc\u015fmemek ve verilerinize, paran\u0131za ve token\u2019lar\u0131n\u0131za sahip \u00e7\u0131kmak i\u00e7in uyan\u0131k olun ve g\u00fcvenlik \u00f6nlemlerini ihmal etmeyin.<\/p>\n