{"id":2100,"date":"2016-05-25T04:36:47","date_gmt":"2016-05-25T08:36:47","guid":{"rendered":"https:\/\/www.kaspersky.com.tr\/blog\/?p=2100"},"modified":"2019-11-15T15:01:15","modified_gmt":"2019-11-15T12:01:15","slug":"invisible-skimmer-at-atm","status":"publish","type":"post","link":"https:\/\/www.kaspersky.com.tr\/blog\/invisible-skimmer-at-atm\/2100\/","title":{"rendered":"ATM&#8217;lerdeki g\u00f6r\u00fcnmez kart kopyalama cihazlar\u0131"},"content":{"rendered":"<p>ATM\u2019lerdeki kart kopyalama cihazlar\u0131 hakk\u0131nda bilginiz varsa tamam, bu g\u00f6nderiyi okumal\u0131s\u0131n\u0131z. Ama hi\u00e7 fikriniz yoksa, \u00f6nce \u015fu <a href=\"https:\/\/www.kaspersky.com\/blog\/skimmers-part-one\/7223\/\" target=\"_blank\" rel=\"noopener noreferrer nofollow\">yaz\u0131m\u0131za<\/a> g\u00f6z atmak isteyebilirsiniz. B\u00fcy\u00fck ihtimalle banka kart\u0131n\u0131z\u0131 g\u00fcvenli tutabilmek i\u00e7in yapman\u0131z gerekenleri biliyorsunuzdur. ATM\u2019lerde bulunan herhangi \u015f\u00fcphe uyand\u0131rabilecek ek cihaz, par\u00e7a ya da normalde olmamas\u0131 gereken bir \u015fey g\u00f6rd\u00fc\u011f\u00fcn\u00fczde kullanmaktan vazge\u00e7mek en \u00f6nemlilerinden biri. Peki ya hi\u00e7bir g\u00f6r\u00fclebilecek \u015fey yoksa? Ya tamamen g\u00f6r\u00fcnmezse?<\/p>\n<p><em>B\u00f6yle bir \u015fey m\u00fcmk\u00fcn m\u00fc?<\/em><\/p>\n<p>Korkar\u0131m ki bunun cevab\u0131 evet. Hatta Global Ara\u015ft\u0131rma ve Analiz Tak\u0131m\u0131m\u0131z\u2019\u0131n\u00a0 (GReAT) PenetrationTestingTeam\u2019imiz ile ke\u015ffretti\u011fi <a href=\"https:\/\/securelist.com\/blog\/research\/74772\/atm-infector\/\" target=\"_blank\" rel=\"noopener noreferrer\">ATM\u2019leri etkileyen siber su\u00e7lular tam<\/a> olarak bunu yap\u0131yor.\u00a0 Rus\u00e7a konu\u015fan siber su\u00e7lu \u00e7etesi, ATM\u2019leri kendi kopyalama cihazlar\u0131na \u00e7eviriyor.<\/p>\n<p><strong>\u00c7ifte \u015eans<\/strong><\/p>\n<p>G\u00f6r\u00fcnen o ki , siber su\u00e7lular da payla\u015farak ekonomiye can verme fikrini sevmi\u015fler: ATM\u2019leri kendileri\u00a0 i\u00e7in kullanmaya yarayacak t\u00fcm donan\u0131m zaten cihaz\u0131n kendisinde mevcutken, neden fazladan bir kart kopyalama cihaz\u0131 eklesinler? T\u00fcm yapt\u0131klar\u0131 ATM\u2019lere Skimer ad\u0131 verilen zararl\u0131 yaz\u0131l\u0131m\u0131 y\u00fcklemek, daha sonra ATM\u2019lerde bulunan kart okuyucular ile tu\u015f tak\u0131m\u0131na eri\u015ferek \u00f6nemli banka kart bilgilerinize eri\u015febiliyorlar.<\/p>\n<blockquote class=\"twitter-tweet\" data-width=\"500\" data-dnt=\"true\">\n<p lang=\"en\" dir=\"ltr\">Now you know how they do their criminal business on ATMs and will never fall for the trick: <a href=\"https:\/\/t.co\/y58IvQSBQw\" target=\"_blank\" rel=\"noopener nofollow\">https:\/\/t.co\/y58IvQSBQw<\/a> <a href=\"http:\/\/t.co\/Dj8otixjg3\" target=\"_blank\" rel=\"noopener nofollow\">pic.twitter.com\/Dj8otixjg3<\/a><\/p>\n<p>\u2014 Eugene Kaspersky (@e_kaspersky) <a href=\"https:\/\/twitter.com\/e_kaspersky\/status\/558295295402844160?ref_src=twsrc%5Etfw\" target=\"_blank\" rel=\"noopener nofollow\">January 22, 2015<\/a><\/p><\/blockquote>\n<p><script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<p>Bununla da kalm\u0131yor; e\u011fer bir ATM\u2019ye vir\u00fcs bula\u015ft\u0131r\u0131lm\u0131\u015flar, bir ad\u0131m daha \u00f6teye gidip ATM\u2019nin tu\u015f tak\u0131m\u0131 ve kart okuyucu b\u00f6l\u00fcmleri hari\u00e7 para al\u0131p verme b\u00f6lmesini de kontrol edebiliyorlar. Yani sadece hesab\u0131 \u00e7almakla kalm\u0131yor, ayn\u0131 zamanda ATM\u2019ye g\u00f6nderdikleri komut ile ATM\u2019de bulunan t\u00fcm paray\u0131 da d\u0131\u015far\u0131dan \u00e7ekebiliyorlar.<\/p>\n<p>Siber olaylar\u0131n arkas\u0131ndaki siber su\u00e7lular izlerini \u00e7ok dikkatli \u015fekilde saklayabiliyorlar. Asl\u0131nda bu y\u00fczden \u00e7ifte taktik uyguluyorlar. E\u011fer bir anda ATM\u2019deki t\u00fcm paray\u0131 \u00e7ekerlerse, bu b\u00fcy\u00fck bir \u015f\u00fcphe uyand\u0131r\u0131r ve \u00e7ok daha b\u00fcy\u00fck bir ara\u015ft\u0131rma ba\u015flat\u0131lmas\u0131na sebep olur. Bu y\u00fczden ATM\u2019lere bula\u015fan bu vir\u00fcs\u00fcn sessiz sedas\u0131z orada kalmas\u0131n\u0131 daha uygun g\u00f6r\u00fcyorlar. \u0130kinci \u015fanslar\u0131 da bu, gelecekte bir \u015fey oldu\u011funda an\u0131nda istedikleri kadar para \u00e7ekebilecekleri bir kaynak.<\/p>\n<p><strong>ATM\u2019ye vir\u00fcs bula\u015fmas\u0131n\u0131n arkas\u0131ndaki su\u00e7lular nas\u0131l y\u00f6netiyor<\/strong><\/p>\n<p>Daha \u00f6ncelerde de <a href=\"https:\/\/www.kaspersky.com\/blog\/atm-jackpotting-explained\/11323\/\" target=\"_blank\" rel=\"noopener noreferrer nofollow\">belirtti\u011fimiz<\/a> gibi, ATM g\u00fcvenlikleri fiziksel olarak \u00e7ok g\u00fc\u00e7l\u00fc g\u00f6r\u00fcnmesine ra\u011fmen, \u00e7o\u011fu fiziksel z\u0131rhl\u0131 cihaz siber uzayda zay\u0131ft\u0131r. B\u00f6yle bir olayda ilerlemenin iki yolu vard\u0131r. Ya ATM\u2019ye fiziksel olarak eri\u015fim sa\u011flamak ya da bankan\u0131n sistemine s\u0131zmak.<\/p>\n<p>Skimer vir\u00fcs\u00fc sistemin \u00e7ekirde\u011fine eri\u015ftikten sonra, ATM\u2019yi su\u00e7lular\u0131n tamamen kontrol\u00fcne a\u00e7\u0131yor ve ATM\u2019yi kart kopyalama cihaz\u0131na \u00e7eviriyor.\u00a0 Daha sonra su\u00e7lular ATM\u2019yi kullanmak istedikleri zamana kadar vir\u00fcs sistemde sessiz sedas\u0131z kal\u0131yor.<\/p>\n<blockquote class=\"twitter-tweet\" data-width=\"500\" data-dnt=\"true\">\n<p lang=\"en\" dir=\"ltr\">7 reasons why it\u2019s oh so easy for bad guys to hack an <a href=\"https:\/\/twitter.com\/hashtag\/ATM?src=hash&amp;ref_src=twsrc%5Etfw\" target=\"_blank\" rel=\"noopener nofollow\">#ATM<\/a> <a href=\"https:\/\/t.co\/7H7znX1REt\" target=\"_blank\" rel=\"noopener nofollow\">https:\/\/t.co\/7H7znX1REt<\/a> <a href=\"https:\/\/twitter.com\/hashtag\/security?src=hash&amp;ref_src=twsrc%5Etfw\" target=\"_blank\" rel=\"noopener nofollow\">#security<\/a> <a href=\"https:\/\/t.co\/SPNqm7vXJk\" target=\"_blank\" rel=\"noopener nofollow\">pic.twitter.com\/SPNqm7vXJk<\/a><\/p>\n<p>\u2014 Kaspersky (@kaspersky) <a href=\"https:\/\/twitter.com\/kaspersky\/status\/699986331527684096?ref_src=twsrc%5Etfw\" target=\"_blank\" rel=\"noopener nofollow\">February 17, 2016<\/a><\/p><\/blockquote>\n<p><script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<p>ATM\u2019de duran vir\u00fcs\u00fc uyand\u0131rmak i\u00e7in su\u00e7lular \u00f6zel olarak tasarlad\u0131klar\u0131 kart\u0131 okutuyorlar. ATM bu kart\u0131 okuduktan sonra, Skimer vir\u00fcs\u00fc ya ona \u00f6nceden tan\u0131mlad\u0131\u011f\u0131n\u0131z \u00f6zel emiri yerine getiriyor ya da yine daha \u00f6nceden tan\u0131mlad\u0131\u011f\u0131n\u0131z \u00f6zel men\u00fcy\u00fc sizin i\u00e7in aktif ediyor.<\/p>\n<p>E\u011fer su\u00e7lu, kart\u0131n\u0131 \u00e7\u0131kartt\u0131ktan sonraki 60 saniye i\u00e7erisinde tu\u015f tak\u0131m\u0131ndan do\u011fru oturum anahtar\u0131n\u0131 girerse, Skimer vir\u00fcs\u00fcn\u00fcn g\u00f6rsel aray\u00fcz\u00fc a\u00e7\u0131l\u0131yor. Bu men\u00fcn\u00fcn yard\u0131m\u0131yla 21 farkl\u0131 komutu \u00e7al\u0131\u015ft\u0131rabiliyorlar. Komutlar\u0131n bir k\u0131sm\u0131 \u015funlar;<\/p>\n<ul>\n<li>Para da\u011f\u0131tma (Se\u00e7ilen para haznesinden 40 adet banknot alma \u2013 \u00d6rn: sadece 100$ banknotlar\u0131 \u00e7ekebilir, b\u00f6ylelikle d\u00fc\u015f\u00fck paralarla zaman kaybetmemi\u015f olur)<\/li>\n<li>Girilen kartlar\u0131n bilgilerini alma<\/li>\n<li>Hesab\u0131n kendisini silme<\/li>\n<li>G\u00fcncelleme(Kart\u0131n \u00e7ipine yerle\u015ftirilen g\u00fcncelle\u015ftirilmi\u015f vir\u00fcs sayesinde)<\/li>\n<li>Ayn\u0131 karttaki \u00e7ipin \u00fcst\u00fcne kart ve pin verilerini i\u00e7eren dosyay\u0131 kaydetme<\/li>\n<li>Ya da \u00e7al\u0131nan bilgileri ATM\u2019den makbuz olarak \u00e7\u0131kt\u0131 alma<\/li>\n<\/ul>\n<p>\u00a0<\/p>\n<p><span class=\"embed-youtube\" style=\"text-align:center; display: block;\"><iframe class=\"youtube-player\" type=\"text\/html\" width=\"640\" height=\"390\" src=\"https:\/\/www.youtube.com\/embed\/hOcFy02c7x0?version=3&amp;rel=1&amp;fs=1&amp;showsearch=0&amp;showinfo=1&amp;iv_load_policy=1&amp;wmode=transparent\" frameborder=\"0\" allowfullscreen=\"true\"><\/iframe><\/span><\/p>\n<p><strong>Nas\u0131l korunulur<\/strong><\/p>\n<p>Securelist\u2019te bulunan blog yaz\u0131s\u0131na g\u00f6re, uzmanlar\u0131m\u0131z bankalara sistemlerindeki hangi dosyalar\u0131 aramalar\u0131 gerekti\u011fini belirtiyor. ATM\u2019ler hakk\u0131ndaki detayl\u0131 raporumuz k\u0131s\u0131tl\u0131 insanlarla ve kurulu\u015flarla (federal polisler, bilgisayar acil m\u00fcdahale ekipleri, \u00f6nemli finansal kurumlar ve Kaspersky Lab tehdit istihbarat m\u00fc\u015fterileri) payla\u015f\u0131ld\u0131.<\/p>\n<p>Sizin ve benim gibi s\u0131radan insanlar i\u00e7in ise vir\u00fcsl\u00fc ATM\u2019ler son derece korkutucu \u00e7\u00fcnk\u00fc g\u00f6rd\u00fc\u011f\u00fcm\u00fcz s\u0131radan bir ATM\u2019nin bilgisayar yard\u0131m\u0131 ile taranmad\u0131\u011f\u0131 s\u00fcrece g\u00fcvenli olup olmad\u0131\u011f\u0131n\u0131 bilemiyoruz.<\/p>\n<p>Bankalar genellikle PIN giri\u015fini, i\u015flemlerin kart sahibi veya sahibin kendisi taraf\u0131ndan yap\u0131ld\u0131\u011f\u0131n\u0131n kan\u0131t\u0131 olarak dikkate al\u0131rlar. Bu konuda banka ile tart\u0131\u015fmak genelde i\u015fe yaramaz ve bu \u015fekilde kayb\u0131n\u0131z\u0131 telafi etmezler.<\/p>\n<blockquote class=\"twitter-tweet\" data-width=\"500\" data-dnt=\"true\">\n<p lang=\"en\" dir=\"ltr\">Criminal business on <a href=\"https:\/\/twitter.com\/hashtag\/ATMs?src=hash&amp;ref_src=twsrc%5Etfw\" target=\"_blank\" rel=\"noopener nofollow\">#ATMs<\/a>, part 2: <a href=\"https:\/\/t.co\/qCWhTm2ALD\" target=\"_blank\" rel=\"noopener nofollow\">https:\/\/t.co\/qCWhTm2ALD<\/a> <a href=\"http:\/\/t.co\/46zP035BBE\" target=\"_blank\" rel=\"noopener nofollow\">pic.twitter.com\/46zP035BBE<\/a><\/p>\n<p>\u2014 Kaspersky (@kaspersky) <a href=\"https:\/\/twitter.com\/kaspersky\/status\/561223684514672640?ref_src=twsrc%5Etfw\" target=\"_blank\" rel=\"noopener nofollow\">January 30, 2015<\/a><\/p><\/blockquote>\n<p><script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<p>Yani b\u00fct\u00fcn bu olay\u0131 \u00f6zetlemek gerekirse, kart\u0131n\u0131z\u0131, bilgilerinizi ve paran\u0131z\u0131 vir\u00fcsl\u00fc ATM\u2019den %100 koruyamazs\u0131n\u0131z ama yine de paran\u0131z\u0131n b\u00fcy\u00fck k\u0131sm\u0131n\u0131 koruyabilmek i\u00e7in birka\u00e7 ipucu var.<\/p>\n<ol>\n<li>ATM\u2019lerin vir\u00fcsl\u00fc olup olmad\u0131\u011f\u0131n\u0131 bilemezsiniz ama \u015f\u00fcpheli yerlerdeki bankamatikleri kullanmayarak bu riski azaltabilirsiniz. Kullanabilece\u011finiz en g\u00fcvenilir ATM\u2019ler bankalar\u0131n kendi ATM\u2019leridir. \u00c7\u00fcnk\u00fc bu ATM\u2019ler bankalar\u0131n teknik yetkilileri taraf\u0131ndan s\u0131k s\u0131k kontrol edilirler.<\/li>\n<li>T\u00fcm kart hareketlerinizi s\u0131k s\u0131k kontrol edin. E\u011fer bankan\u0131z SMS bildirim sistemi kullan\u0131yorsa SMS bildirimlerini kesinlikle aktif edin.<\/li>\n<li>E\u011fer sizin olmayan bir hesap hareketi ile kar\u015f\u0131la\u015f\u0131rsan\u0131z, an\u0131nda bankan\u0131z\u0131 aray\u0131n ve kart\u0131n\u0131z\u0131 kapatt\u0131r\u0131n. Ger\u00e7ekten, bunu olabildi\u011fince h\u0131zl\u0131 yap\u0131n \u00e7\u00fcnk\u00fc ne kadar h\u0131zl\u0131 davran\u0131rsan\u0131z paran\u0131z\u0131n kalan k\u0131sm\u0131n\u0131 <a href=\"https:\/\/www.kaspersky.com\/blog\/5-lessons-i-learned-from-my-credit-card-hack\/6646\/\" target=\"_blank\" rel=\"noopener noreferrer nofollow\">kurtarabilirsiniz<\/a>.<\/li>\n<\/ol>\n<p>\u00a0<\/p>\n<p>\u00a0<\/p>\n","protected":false},"excerpt":{"rendered":"<p>ATM\u2019lerdeki kart kopyalama cihazlar\u0131 hakk\u0131nda bilginiz varsa tamam, bu g\u00f6nderiyi okumal\u0131s\u0131n\u0131z. Ama hi\u00e7 fikriniz yoksa, \u00f6nce \u015fu yaz\u0131m\u0131za g\u00f6z atmak isteyebilirsiniz. B\u00fcy\u00fck ihtimalle banka kart\u0131n\u0131z\u0131 g\u00fcvenli tutabilmek i\u00e7in yapman\u0131z gerekenleri<\/p>\n","protected":false},"author":421,"featured_media":2101,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[1287,1284,1351],"tags":[401,836,415,416,264,837,838,611,839,626,510,145],"class_list":{"0":"post-2100","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-news","8":"category-tips","9":"category-threats","10":"tag-atm","11":"tag-atm-guvenligi","12":"tag-byod","13":"tag-data-threat","14":"tag-device-security","15":"tag-finansal-veri","16":"tag-kart-kopyalama-cihazi","17":"tag-kredi-karti","18":"tag-kredi-karti-hirsizligi","19":"tag-para","20":"tag-siber-suclular","21":"tag-virus"},"hreflang":[{"hreflang":"tr","url":"https:\/\/www.kaspersky.com.tr\/blog\/invisible-skimmer-at-atm\/2100\/"},{"hreflang":"en-us","url":"https:\/\/usa.kaspersky.com\/blog\/invisible-skimmer-at-atm\/7151\/"},{"hreflang":"es-mx","url":"https:\/\/latam.kaspersky.com\/blog\/invisible-skimmer-at-atm\/7145\/"},{"hreflang":"es","url":"https:\/\/www.kaspersky.es\/blog\/invisible-skimmer-at-atm\/8339\/"},{"hreflang":"it","url":"https:\/\/www.kaspersky.it\/blog\/invisible-skimmer-at-atm\/8189\/"},{"hreflang":"ru","url":"https:\/\/www.kaspersky.ru\/blog\/invisible-skimmer-at-atm\/11940\/"},{"hreflang":"x-default","url":"https:\/\/www.kaspersky.com\/blog\/invisible-skimmer-at-atm\/12121\/"},{"hreflang":"fr","url":"https:\/\/www.kaspersky.fr\/blog\/invisible-skimmer-at-atm\/5675\/"},{"hreflang":"pt-br","url":"https:\/\/www.kaspersky.com.br\/blog\/invisible-skimmer-at-atm\/6285\/"},{"hreflang":"de","url":"https:\/\/www.kaspersky.de\/blog\/invisible-skimmer-at-atm\/7698\/"},{"hreflang":"ja","url":"https:\/\/blog.kaspersky.co.jp\/invisible-skimmer-at-atm\/11451\/"},{"hreflang":"ru-kz","url":"https:\/\/blog.kaspersky.kz\/invisible-skimmer-at-atm\/11940\/"},{"hreflang":"en-au","url":"https:\/\/www.kaspersky.com.au\/blog\/invisible-skimmer-at-atm\/12121\/"},{"hreflang":"en-za","url":"https:\/\/www.kaspersky.co.za\/blog\/invisible-skimmer-at-atm\/12121\/"}],"acf":[],"banners":"","maintag":{"url":"https:\/\/www.kaspersky.com.tr\/blog\/tag\/atm\/","name":"atm"},"_links":{"self":[{"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/posts\/2100","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/users\/421"}],"replies":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/comments?post=2100"}],"version-history":[{"count":2,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/posts\/2100\/revisions"}],"predecessor-version":[{"id":7197,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/posts\/2100\/revisions\/7197"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/media\/2101"}],"wp:attachment":[{"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/media?parent=2100"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/categories?post=2100"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/tags?post=2100"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}