{"id":13720,"date":"2025-08-28T16:13:07","date_gmt":"2025-08-28T13:13:07","guid":{"rendered":"https:\/\/www.kaspersky.com.tr\/blog\/?p=13720"},"modified":"2025-08-28T16:13:07","modified_gmt":"2025-08-28T13:13:07","slug":"ledger-vulnerability-phishing-scheme","status":"publish","type":"post","link":"https:\/\/www.kaspersky.com.tr\/blog\/ledger-vulnerability-phishing-scheme\/13720\/","title":{"rendered":"Ledger c\u00fczdan sahiplerini hedef alan kimlik av\u0131 doland\u0131r\u0131c\u0131l\u0131\u011f\u0131"},"content":{"rendered":"

Yak\u0131n zamana kadar doland\u0131r\u0131c\u0131lar, \u00e7o\u011funlukla bireysel kullan\u0131c\u0131lar\u0131n sahip oldu\u011fu kripto para c\u00fczdanlar\u0131n\u0131 hedef alm\u0131\u015ft\u0131. Ancak, i\u015fletmelerin kripto para birimlerini giderek daha fazla kulland\u0131\u011f\u0131 g\u00f6r\u00fcl\u00fcyor ve bu nedenle sald\u0131rganlar art\u0131k kurumsal c\u00fczdanlar\u0131 da el ge\u00e7irmeye \u00e7al\u0131\u015f\u0131yorlar. \u00d6rnekler i\u00e7in uza\u011fa gitmeye gerek yok. Son zamanlarda incelenen ve kurulu\u015flara da\u011f\u0131t\u0131lan Efimer<\/a> k\u00f6t\u00fc ama\u00e7l\u0131 yaz\u0131l\u0131m\u0131, panodaki kripto para c\u00fczdan adreslerini de\u011fi\u015ftirebilmekte. Bu nedenle hem bireysel hem de kurumsal kullan\u0131c\u0131lara y\u00f6nelik kripto para birimi kimlik av\u0131 sald\u0131r\u0131 kampanyalar\u0131 g\u00f6zlemlememiz bizi pek \u015fa\u015f\u0131rtmad\u0131. Ancak \u015fa\u015f\u0131rt\u0131c\u0131 olan, kapak hikayesinin ve doland\u0131r\u0131c\u0131l\u0131\u011f\u0131n genel olarak ne kadar sofistike oldu\u011fuydu.<\/p>\n

Kimlik av\u0131 \u015femas\u0131<\/h2>\n

Bu \u00f6zel plan, \u00f6zellikle Nano X ve Nano S Plus olmak \u00fczere, Ledger donan\u0131m kripto para c\u00fczdanlar\u0131n\u0131n kullan\u0131c\u0131lar\u0131n\u0131 hedefliyor. Doland\u0131r\u0131c\u0131lar, uzun bir \u00f6z\u00fcr metni i\u00e7eren bir kimlik av\u0131 e-postas\u0131 g\u00f6nderiyorlar. E-postada, teknik bir hata nedeniyle kullan\u0131c\u0131lar\u0131n \u00f6zel anahtarlar\u0131n\u0131n bir k\u0131sm\u0131n\u0131n Ledger sunucusuna aktar\u0131ld\u0131\u011f\u0131, verilerin iyi korunmu\u015f ve \u015fifrelenmi\u015f oldu\u011fu, ancak \u201c\u015firket ekibi\u201dnin son derece karma\u015f\u0131k bir veri ihlali tespit etti\u011fi belirtiliyor. Sald\u0131rganlar\u0131n sahte hikayesi, anahtar par\u00e7alar\u0131n\u0131n ele ge\u00e7irildi\u011fini ve ard\u0131ndan son derece geli\u015fmi\u015f y\u00f6ntemler kullan\u0131larak baz\u0131lar\u0131n\u0131n \u015fifrelerinin \u00e7\u00f6z\u00fcl\u00fcp yeniden olu\u015fturuldu\u011funu ve \u201ckripto varl\u0131klar\u0131n \u00e7al\u0131nmas\u0131na yol a\u00e7t\u0131\u011f\u0131n\u0131\u201d iddia ediyor. Ayn\u0131 g\u00fcvenlik a\u00e7\u0131\u011f\u0131 nedeniyle sald\u0131rganlar, kullan\u0131c\u0131lara kripto c\u00fczdanlar\u0131n\u0131n ele ge\u00e7irilmesini \u00f6nlemelerini tavsiye ediyor ve cihazlar\u0131n\u0131n donan\u0131m yaz\u0131l\u0131m\u0131n\u0131 derhal g\u00fcncellemeleri gerekti\u011fini belirtiyorlar.<\/p>\n

\"Cihaz<\/a>

Cihaz yaz\u0131l\u0131m\u0131n\u0131 g\u00fcncellemek i\u00e7in kimlik av\u0131 uyar\u0131s\u0131<\/p><\/div>\n

Bu kesinlikle ilgi \u00e7ekici bir hikaye. Ancak biraz ele\u015ftirel d\u00fc\u015f\u00fcn\u00fcrseniz, birka\u00e7 tutars\u0131zl\u0131k ortaya \u00e7\u0131k\u0131yor. \u00d6rne\u011fin, bir anahtar\u0131n bir par\u00e7as\u0131n\u0131n kullan\u0131larak nas\u0131l b\u00fct\u00fcn anahtar\u0131n yeniden olu\u015fturulabilece\u011fi belirsiz. Bu \u201cgeli\u015fmi\u015f \u015fifre \u00e7\u00f6zme y\u00f6ntemlerinin\u201d ne oldu\u011fu ve Ledger temsilcilerinin bunlar\u0131 nas\u0131l bildi\u011fi de tam olarak anla\u015f\u0131lm\u0131yor.<\/p>\n

E-posta metni son derece \u00f6zenle haz\u0131rlanm\u0131\u015f; ele\u015ftirecek neredeyse hi\u00e7bir \u015fey yok. Bu mesaj, standart doland\u0131r\u0131c\u0131 ara\u00e7lar\u0131n\u0131n yard\u0131m\u0131yla bile g\u00f6nderilmemi\u015f. Bunun yerine sald\u0131rganlar, SendGrid adl\u0131 me\u015fru bir posta hizmetini kullanm\u0131\u015f. Bu, e-postalar\u0131n iyi bir itibara sahip oldu\u011fu ve genellikle kimlik av\u0131 filtrelerini atlatt\u0131\u011f\u0131 anlam\u0131na geliyor. Tek dikkat \u00e7ekici nokta, g\u00f6nderenin alan ad\u0131 ve kullan\u0131c\u0131lar\u0131n donan\u0131m yaz\u0131l\u0131m\u0131 g\u00fcncellemesi i\u00e7in ziyaret etmeleri istenen web sitesinin alan ad\u0131. \u0130kisinin de Ledger ile herhangi bir ba\u011flant\u0131s\u0131 olmad\u0131\u011f\u0131 a\u00e7\u0131k.<\/p>\n

Doland\u0131r\u0131c\u0131lar\u0131n web sitesi<\/h2>\n

Web sitesi de \u00e7ok temiz ve profesyonelce tasarlanm\u0131\u015f. Tabii, bar\u0131nd\u0131r\u0131ld\u0131\u011f\u0131 alan ad\u0131n\u0131n konuyla hi\u00e7bir ilgisi olmad\u0131\u011f\u0131n\u0131 g\u00f6z ard\u0131 ederseniz. Cihaz\u0131n yaz\u0131l\u0131m g\u00fcncellemesi hakk\u0131nda herhangi bir bilgi bulunmamas\u0131 ve e-postada belirtilenden \u00e7ok daha fazla cihaz\u0131n listelenmesi nedeniyle, sitenin birden fazla doland\u0131r\u0131c\u0131l\u0131k amac\u0131yla kullan\u0131l\u0131yor olmas\u0131 m\u00fcmk\u00fcn. Hatta web sitesinde i\u015flevsel bir destek sohbeti bile var! Bu b\u00fcy\u00fck olas\u0131l\u0131kla bir sohbet botu olsa da, sorulara yan\u0131t veriyor ve yararl\u0131 gibi g\u00f6r\u00fcnen tavsiyelerde bulunuyor. Sitenin amac\u0131, cihaz\u0131n\u0131z\u0131 se\u00e7tikten sonra kurtarma ifadesini girmenizi sa\u011flamak.<\/p>\n

\"Kurtarma<\/a>

Kurtarma ifadelelerini girmek i\u00e7in aray\u00fcz<\/p><\/div>\n

Kurtarma ifadesi, kripto para c\u00fczdan\u0131na eri\u015fimi geri kazanmak i\u00e7in kullan\u0131lan rastgele olu\u015fturulmu\u015f bir kelime dizisi ve tahmin edebilece\u011finiz gibi, bunu bilen herkes kripto varl\u0131klar\u0131n\u0131za tam eri\u015fim sa\u011flayabilece\u011finden, bu bilgi girilmemeli.<\/p>\n

Ayr\u0131ca, Google\u2019da benzer siteleri arad\u0131\u011f\u0131n\u0131zda, \u015fa\u015f\u0131rt\u0131c\u0131 say\u0131da benzer sahte sayfa bulacaks\u0131n\u0131z. Bu durum, bu tipteki doland\u0131r\u0131c\u0131l\u0131\u011f\u0131n olduk\u00e7a pop\u00fcler oldu\u011funu g\u00f6steriyor.<\/p>\n

Tehlikeden nas\u0131l uzak durulur?<\/h2>\n

Kripto varl\u0131klar\u0131n\u0131z\u0131 kendi cihazlar\u0131n\u0131zda y\u00f6netiyor veya sadece normal \u00e7evrimi\u00e7i bankac\u0131l\u0131k uygulamalar\u0131n\u0131 kullan\u0131yor olsan\u0131z da sald\u0131rganlar\u0131n kulland\u0131\u011f\u0131 en son taktikler hakk\u0131nda bilgi sahibi olmak \u00e7ok \u00f6nemlidir. \u015eirket \u00e7al\u0131\u015fanlar\u0131 i\u00e7in, modern siber tehditler konusunda fark\u0131ndal\u0131klar\u0131n\u0131 art\u0131rmak amac\u0131yla, \u00f6zel e\u011fitim ara\u00e7lar\u0131 \u00f6neriyoruz. Bunu yapman\u0131n etkili bir yolu, Kaspersky Automated Security Awareness Platform<\/a>\u2018u kullanmakt\u0131r. Ev kullan\u0131c\u0131lar\u0131 i\u00e7in ise blogumuz<\/a>, kimlik av\u0131 doland\u0131r\u0131c\u0131l\u0131klar\u0131n\u0131 nas\u0131l tespit edebilece\u011finizi \u00f6\u011frenmek i\u00e7in harika bir kaynakt\u0131r.<\/p>\n

Ayr\u0131ca, finansal i\u015flemler i\u00e7in kulland\u0131\u011f\u0131n\u0131z ki\u015fisel<\/a> ve \u015firket<\/a> cihazlar\u0131n\u0131za sa\u011flam bir g\u00fcvenlik \u00e7\u00f6z\u00fcm\u00fc y\u00fcklemenizi \u00f6neririz. Bu \u00e7\u00f6z\u00fcmler hem kimlik av\u0131 sitelerine eri\u015fimi engelleyebilir hem de veri ihlallerini \u00f6nleyebilir.<\/p>\n\n","protected":false},"excerpt":{"rendered":"

Sald\u0131rganlar, kimlik av\u0131 ile tohum c\u00fcmlelerini ele ge\u00e7irmeye \u00e7al\u0131\u015f\u0131rken, kaybolan \u00f6zel anahtarlarla ilgili dokunakl\u0131 hikayeler uyduruyorlar. <\/p>\n","protected":false},"author":2598,"featured_media":13721,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[1726,1194,1727],"tags":[1921,2679,2284],"class_list":{"0":"post-13720","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-enterprise","8":"category-business","9":"category-smb","10":"tag-e-posta","11":"tag-kimlik-avi-belirtileri","12":"tag-kripto-cuzdanlar"},"hreflang":[{"hreflang":"tr","url":"https:\/\/www.kaspersky.com.tr\/blog\/ledger-vulnerability-phishing-scheme\/13720\/"},{"hreflang":"es-mx","url":"https:\/\/latam.kaspersky.com\/blog\/ledger-vulnerability-phishing-scheme\/28487\/"},{"hreflang":"ru","url":"https:\/\/www.kaspersky.ru\/blog\/ledger-vulnerability-phishing-scheme\/40330\/"},{"hreflang":"fr","url":"https:\/\/www.kaspersky.fr\/blog\/ledger-vulnerability-phishing-scheme\/23116\/"},{"hreflang":"de","url":"https:\/\/www.kaspersky.de\/blog\/ledger-vulnerability-phishing-scheme\/32605\/"},{"hreflang":"ru-kz","url":"https:\/\/blog.kaspersky.kz\/ledger-vulnerability-phishing-scheme\/29595\/"}],"acf":[],"banners":"","maintag":{"url":"https:\/\/www.kaspersky.com.tr\/blog\/tag\/kimlik-avi-belirtileri\/","name":"kimlik av\u0131 belirtileri"},"_links":{"self":[{"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/posts\/13720","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/users\/2598"}],"replies":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/comments?post=13720"}],"version-history":[{"count":4,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/posts\/13720\/revisions"}],"predecessor-version":[{"id":13723,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/posts\/13720\/revisions\/13723"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/media\/13721"}],"wp:attachment":[{"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/media?parent=13720"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/categories?post=13720"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/tags?post=13720"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}