{"id":11903,"date":"2023-12-11T16:09:05","date_gmt":"2023-12-11T13:09:05","guid":{"rendered":"https:\/\/www.kaspersky.com.tr\/blog\/?p=11903"},"modified":"2023-12-11T16:13:41","modified_gmt":"2023-12-11T13:13:41","slug":"vulnerability-in-hot-cryptowallets-from-2011-2015","status":"publish","type":"post","link":"https:\/\/www.kaspersky.com.tr\/blog\/vulnerability-in-hot-cryptowallets-from-2011-2015\/11903\/","title":{"rendered":"Randstorm: 2010’lardan kalma savunmas\u0131z kripto c\u00fczdanlar\u0131"},"content":{"rendered":"

Ara\u015ft\u0131rmac\u0131lar BitcoinJS k\u00fct\u00fcphanesinde, on y\u0131l \u00f6nce \u00e7evrimi\u00e7i olarak olu\u015fturulan Bitcoin c\u00fczdanlar\u0131n\u0131 ele ge\u00e7irilmeye a\u00e7\u0131k hale getirebilecek \u00e7e\u015fitli g\u00fcvenlik a\u00e7\u0131klar\u0131 ke\u015ffetti. Temel sorun, bu kripto c\u00fczdanlar\u0131n\u0131n \u00f6zel anahtarlar\u0131n\u0131n k\u00fct\u00fcphane geli\u015ftiricilerinin bekledi\u011finden \u00e7ok daha y\u00fcksek bir \u00f6ng\u00f6r\u00fclebilirlikle \u00fcretilmi\u015f olmas\u0131yd\u0131.<\/p>\n

Randstorm g\u00fcvenlik a\u00e7\u0131klar\u0131 ve sonu\u00e7lar\u0131<\/h2>\n

Meseleyi en ba\u015ftan ele alal\u0131m. Kripto c\u00fczdan eri\u015fimi kurtarma konusunda uzmanla\u015fm\u0131\u015f bir \u015firket olan Unciphered\u2019deki ara\u015ft\u0131rmac\u0131lar, bir\u00e7ok \u00e7evrimi\u00e7i kripto para birimi platformu taraf\u0131ndan kullan\u0131lan BitcoinJS JavaScript k\u00fct\u00fcphanesinde bir dizi g\u00fcvenlik a\u00e7\u0131\u011f\u0131 ke\u015ffetti ve a\u00e7\u0131klad\u0131<\/a>. Bu hizmetler aras\u0131nda \u00e7ok pop\u00fcler olanlar ve \u00f6zellikle de art\u0131k Blockchain.com olarak bilinen Blockchain.info da bulunuyor. Bu g\u00fcvenlik a\u00e7\u0131\u011f\u0131 k\u00fcmesine ara\u015ft\u0131rmac\u0131lar taraf\u0131ndan Randstorm ad\u0131 verildi.<\/p>\n

BitcoinJS k\u00fct\u00fcphanesindeki g\u00fcvenlik a\u00e7\u0131klar\u0131 2014 y\u0131l\u0131nda giderilmi\u015f olsa da, sorun bu k\u00fct\u00fcphanenin kullan\u0131m\u0131n\u0131n sonu\u00e7lar\u0131n\u0131 da kaps\u0131yor: 2010\u2019lar\u0131n ba\u015f\u0131nda BitcoinJS ile olu\u015fturulan t\u00fcm kripto c\u00fczdanlar\u0131 g\u00fcvensiz olabilir \u00e7\u00fcnk\u00fc \u00f6zel anahtarlar\u0131n\u0131 bulmak, altta yatan Bitcoin kriptografisinin varsayd\u0131\u011f\u0131ndan \u00e7ok daha kolay.<\/p>\n

Ara\u015ft\u0131rmac\u0131lar, toplamda yakla\u015f\u0131k 1,4 milyon BTC\u2019ye tekab\u00fcl eden birka\u00e7 milyon c\u00fczdan\u0131n Randstorm nedeniyle potansiyel olarak risk alt\u0131nda oldu\u011funu tahmin ediyor. Ara\u015ft\u0131rmac\u0131lara g\u00f6re, potansiyel<\/em> olarak savunmas\u0131z c\u00fczdanlar\u0131n %3 ila %5\u2019i ger\u00e7ek sald\u0131r\u0131lara kar\u015f\u0131 savunmas\u0131z durumda<\/em>. Yay\u0131n\u0131n\u00a0 yap\u0131ld\u0131\u011f\u0131 tarihte yakla\u015f\u0131k 36.500 $ olan Bitcoin kuruna g\u00f6re bu, Randstorm\u2019dan ba\u015far\u0131yla yararlanabilen sald\u0131rganlar i\u00e7in toplam 1,5 ila 2,5 milyar $\u2019l\u0131k bir ganimet anlam\u0131na geliyor.<\/p>\n

Ara\u015ft\u0131rmac\u0131lar, Randstorm g\u00fcvenlik a\u00e7\u0131klar\u0131n\u0131n ger\u00e7ekten de kripto c\u00fczdanlar\u0131na y\u00f6nelik ger\u00e7ek d\u00fcnya sald\u0131r\u0131lar\u0131 i\u00e7in kullan\u0131labilece\u011fini iddia ediyor. Dahas\u0131, Mart 2012\u2019den \u00f6nce Blockchain.info\u2019da olu\u015fturulan birka\u00e7 kripto c\u00fczdan\u0131na eri\u015fimi yeniden sa\u011flamak i\u00e7in bu g\u00fcvenlik a\u00e7\u0131klar\u0131ndan ba\u015far\u0131yla yararland\u0131lar. Etik nedenlerden \u00f6t\u00fcr\u00fc, on binlerce kripto c\u00fczdan\u0131n\u0131 do\u011frudan h\u0131rs\u0131zl\u0131k riskine maruz b\u0131rakaca\u011f\u0131ndan sald\u0131r\u0131 i\u00e7in kavram kan\u0131tlama yay\u0131nlamad\u0131lar.<\/p>\n

Ara\u015ft\u0131rmac\u0131lar, BitcoinJS k\u00fct\u00fcphanesinin g\u00fcvenlik a\u00e7\u0131\u011f\u0131 bulunan s\u00fcr\u00fcmlerini kulland\u0131\u011f\u0131 bilinen \u00e7evrimi\u00e7i kripto para hizmetleriyle \u00e7oktan ileti\u015fime ge\u00e7ti. Bu hizmetler de Randstorm\u2019dan potansiyel olarak etkilenebilecek m\u00fc\u015fterileri bilgilendirdi.<\/p>\n

Randstorm g\u00fcvenlik a\u00e7\u0131klar\u0131n\u0131n do\u011fas\u0131<\/h2>\n

\u015eimdi bu g\u00fcvenlik a\u00e7\u0131klar\u0131n\u0131n ger\u00e7ekte nas\u0131l \u00e7al\u0131\u015ft\u0131\u011f\u0131na daha ayr\u0131nt\u0131l\u0131 olarak bakal\u0131m. Bitcoin c\u00fczdan g\u00fcvenli\u011finin temelinde \u00f6zel anahtar vard\u0131r. Her modern kriptografik sistem gibi Bitcoin de bu anahtar\u0131n gizli ve k\u0131r\u0131lamaz olmas\u0131na dayan\u0131r. Yine, her modern kriptografik sistemde oldu\u011fu gibi, bu da \u00e7ok uzun rastgele say\u0131lar\u0131n kullan\u0131lmas\u0131n\u0131 gerektirir.<\/p>\n

Ve \u00f6zel anahtar taraf\u0131ndan korunan herhangi bir verinin g\u00fcvenli\u011fi i\u00e7in, bu say\u0131lar\u0131n olabildi\u011fince rastgele olmas\u0131 gerekir. Anahtar olarak kullan\u0131lan say\u0131 y\u00fcksek tahmin edilebilirli\u011fe sahip olursa, anahtar olu\u015fturma prosed\u00fcr\u00fc hakk\u0131nda bilgi sahibi olan bir sald\u0131rgan\u0131n bu say\u0131y\u0131 deneme yan\u0131lma y\u00f6ntemiyle elde etmesi daha kolay ve h\u0131zl\u0131 olur.<\/p>\n

Rastgele bir say\u0131 \u00fcretmenin asl\u0131nda<\/em> o kadar da kolay<\/a> olmad\u0131\u011f\u0131n\u0131 unutmay\u0131n. Ayr\u0131ca bilgisayarlar do\u011falar\u0131 gere\u011fi bu g\u00f6rev i\u00e7in son derece elveri\u015fsizdir \u00e7\u00fcnk\u00fc \u00e7ok \u00f6ng\u00f6r\u00fclebilirdirler. Bu nedenle, genellikle sahip oldu\u011fumuz \u015fey s\u00f6zde rastgele<\/em> say\u0131lard\u0131r ve \u00fcretimin entropisini<\/em> (kriptograf dilinde \u00f6ng\u00f6r\u00fclemezlik \u00f6l\u00e7\u00fcs\u00fc) art\u0131rmak i\u00e7in \u00f6zel i\u015flevlere g\u00fcveniriz.<\/p>\n

\u015eimdi BitcoinJS k\u00fct\u00fcphanesine geri d\u00f6nelim. \u201cY\u00fcksek kaliteli\u201d s\u00f6zde rastgele say\u0131lar elde etmek i\u00e7in bu k\u00fct\u00fcphane JSBN (JavaScript Big Number) adl\u0131 ba\u015fka bir JavaScript k\u00fct\u00fcphanesini, \u00f6zellikle de SecureRandom<\/em> i\u015flevini kullan\u0131yor. Ad\u0131ndan da anla\u015f\u0131laca\u011f\u0131 gibi, bu i\u015flev kriptografide kullan\u0131lmaya uygun s\u00f6zde rastgele say\u0131lar \u00fcretmek i\u00e7in tasarlanm\u0131\u015ft\u0131r. Entropilerini art\u0131rmak i\u00e7in SecureRandom<\/em>, window.crypto.random<\/em> taray\u0131c\u0131 i\u015flevine g\u00fcvenir.<\/p>\n

Sorun da zaten burada yat\u0131yor: window.crypto.random<\/em> i\u015flevi Netscape Navigator 4.x taray\u0131c\u0131 ailesinde mevcut olsa da, web hizmetleri BitcoinJS k\u00fct\u00fcphanesini aktif olarak kullanmaya ba\u015flad\u0131\u011f\u0131nda bu taray\u0131c\u0131lar \u00e7oktan kullan\u0131lmaz hale gelmi\u015fti bile. Ve o g\u00fcnlerin pop\u00fcler taray\u0131c\u0131lar\u0131nda )(Internet Explorer, Google Chrome, Mozilla Firefox ve Apple Safari)window.crypto.random <\/em>i\u015flevi basit\u00e7e uygulanm\u0131yordu.<\/p>\n

Ne yaz\u0131k ki, JSBN k\u00fct\u00fcphanesinin geli\u015ftiricileri herhangi bir kontrol veya ilgili hata mesaj\u0131 i\u00e7in haz\u0131rl\u0131k yapmam\u0131\u015ft\u0131. Bunun neticesinde, SecureRandom<\/em> i\u015flevi entropi art\u0131rma ad\u0131m\u0131n\u0131 sessizce ge\u00e7erek \u00f6zel anahtar olu\u015fturma g\u00f6revini standart s\u00f6zde rastgele say\u0131 \u00fcreteci Math.random<\/em>\u2018a devretti.<\/p>\n

Bu durumun kendisi zaten \u00e7ok vahimdir \u00e7\u00fcnk\u00fc Math.random<\/em> kriptografik ama\u00e7lar i\u00e7in uygun de\u011fildir<\/a>. Ancak ba\u015fta Google Chrome<\/a> olmak \u00fczere 2011-2015 y\u0131llar\u0131n\u0131n pop\u00fcler taray\u0131c\u0131lar\u0131ndaki Math.random<\/em> uygulamas\u0131n\u0131n, olmas\u0131 gerekenden daha az rastgele say\u0131 elde edilmesine neden olan hatalar i\u00e7ermesi durumu daha da karma\u015f\u0131k hale getirmektedir.<\/p>\n

B\u00f6ylece, BitcoinJS k\u00fct\u00fcphanesi yukar\u0131da bahsedilen t\u00fcm sorunlar\u0131 JSBN\u2019den devralm\u0131\u015f oldu. Sonu\u00e7 olarak, kripto c\u00fczdanlar\u0131 i\u00e7in \u00f6zel anahtarlar \u00fcretmek i\u00e7in kullanan platformlar, SecureRandom i\u015flevi sayesinde k\u00fct\u00fcphane geli\u015ftiricilerinin bekledi\u011finden \u00e7ok daha az rastgele say\u0131 elde etti. Ve bu anahtarlar b\u00fcy\u00fck bir \u00f6ng\u00f6r\u00fclebilirlikle \u00fcretildi\u011finden, deneme yan\u0131lma ile k\u0131r\u0131lmalar\u0131 \u00e7ok daha kolayd\u0131r ve savunmas\u0131z kripto c\u00fczdanlar\u0131n\u0131n ele ge\u00e7irilmesine olanak tan\u0131r.<\/p>\n

Yukar\u0131da belirtildi\u011fi gibi, bu teorik bir tehlike de\u011fil, olduk\u00e7a pratik bir tehlikedir. Unciphered ekibi, Blockchain.info\u2019da olu\u015fturulan birka\u00e7 eski kripto c\u00fczdan\u0131na eri\u015fimi geri almak (ba\u015fka bir deyi\u015fle, etik olarak hacklemek) i\u00e7in bu g\u00fcvenlik a\u00e7\u0131klar\u0131ndan yararlanmay\u0131 ba\u015fard\u0131.<\/p>\n

Randstorm riski alt\u0131nda olanlar<\/h2>\n

BitcoinJS, 2011\u2019deki tan\u0131t\u0131m\u0131ndan 2014\u2019e kadar savunmas\u0131z JSBN k\u00fct\u00fcphanesini kullanm\u0131\u015ft\u0131r. Bununla birlikte, baz\u0131 kripto para projelerinin bir s\u00fcredir k\u00fct\u00fcphanenin en son s\u00fcr\u00fcm\u00fcnden daha d\u00fc\u015f\u00fck s\u00fcr\u00fcmlerini kullan\u0131yor olabilece\u011fini de unutmay\u0131n. Pop\u00fcler taray\u0131c\u0131larda Math.random\u2019u etkileyen hatalara gelince, 2016 y\u0131l\u0131na kadar s\u00f6zde rastgele say\u0131 \u00fcretme algoritmalar\u0131 de\u011fi\u015ftirilerek d\u00fczeltildi. Bunlar bir araya getirildi\u011finde, potansiyel olarak savunmas\u0131z kripto c\u00fczdanlar\u0131n\u0131n olu\u015fturuldu\u011fu zaman diliminin yakla\u015f\u0131k 2011-2015 oldu\u011fu ortaya \u00e7\u0131k\u0131yor.<\/p>\n

Ara\u015ft\u0131rmac\u0131lar, BitcoinJS\u2019nin 2010\u2019lar\u0131n ba\u015f\u0131nda \u00e7ok pop\u00fcler oldu\u011funu, bu nedenle savunmas\u0131z bir s\u00fcr\u00fcm\u00fc kullanm\u0131\u015f olabilecek hizmetlerin tam bir listesini derlemenin zor oldu\u011funu vurguluyor. Haz\u0131rlad\u0131klar\u0131 raporda, risk alt\u0131nda oldu\u011funu tespit ettikleri platformlar\u0131n bir listesi yer al\u0131yor:<\/p>\n