{"id":2520,"date":"2016-10-12T03:36:29","date_gmt":"2016-10-12T07:36:29","guid":{"rendered":"https:\/\/www.kaspersky.com.tr\/blog\/?p=2520"},"modified":"2020-02-26T18:39:07","modified_gmt":"2020-02-26T15:39:07","slug":"4-ways-to-hack-atm","status":"publish","type":"post","link":"https:\/\/www.kaspersky.com.tr\/blog\/4-ways-to-hack-atm\/2520\/","title":{"rendered":"ATM hacklemenin 4 yolu"},"content":{"rendered":"<p>Size zaten <a href=\"https:\/\/www.kaspersky.com.tr\/blog\/invisible-skimmer-at-atm\/2100\/\" target=\"_blank\" rel=\"noopener noreferrer\">hacker gruplar\u0131n\u0131n para i\u00e7in ATM\u2019leri hackledi\u011fini<\/a> <a href=\"https:\/\/www.kaspersky.com\/blog\/metel-gcman-carbanak\/11236\/\" target=\"_blank\" rel=\"noopener noreferrer nofollow\">anlatm\u0131\u015ft\u0131k<\/a>. \u015eimdi ise kendi g\u00f6zlerinizle bunu g\u00f6rebilirsiniz! Uzmanlar\u0131m\u0131z d\u00f6rt tane ATM hackleme demo videosu haz\u0131rlad\u0131. Not: Bu s\u00fcre\u00e7te hi\u00e7bir banka zarar g\u00f6rmemi\u015ftir ve bu metotlardan hi\u00e7birini denemenizi \u00f6nermiyoruz.<\/p>\n<p><strong>Metot 1: Sahte s\u00fcre\u00e7 merkezi<\/strong><br>\nBu y\u00f6ntem i\u00e7in sald\u0131rgan\u0131n a\u011fa ba\u011flanmas\u0131 i\u00e7in i\u00e7in kablo kullanmas\u0131n\u0131 gerektiriyor. Hacker, ATM\u2019yi bankan\u0131n a\u011f\u0131ndan \u00e7\u0131kar\u0131p sahte s\u00fcre\u00e7 merkezine ba\u011fl\u0131yor.<\/p>\n<p>Kutu, nakit \u00e7ekme b\u00f6lgelerini kontrol ediyor ve ATM\u2019ye komutlar yolluyor. Se\u00e7ilen nakit \u00e7ekme b\u00f6lgesinden para talep ediyor. Bu kadar basit: Sald\u0131rgan art\u0131k herhangi bir kart veya herhangi bir PIN kodu kullanabilir ve ayr\u0131ca para transferlerini bir sald\u0131rgan\u0131n yapt\u0131\u011f\u0131 anla\u015f\u0131lm\u0131yor.<\/p>\n<p><span class=\"embed-youtube\" style=\"text-align:center; display: block;\"><iframe class=\"youtube-player\" type=\"text\/html\" width=\"640\" height=\"390\" src=\"https:\/\/www.youtube.com\/embed\/nRbqBLBlLLs?version=3&amp;rel=1&amp;fs=1&amp;showsearch=0&amp;showinfo=1&amp;iv_load_policy=1&amp;wmode=transparent\" frameborder=\"0\" allowfullscreen=\"true\"><\/iframe><\/span><\/p>\n<p><strong>Metot 2: Birden \u00e7ok ATM\u2019ye dolayl\u0131 sald\u0131r\u0131<\/strong><br>\nBu metot hedefteki bankan\u0131n i\u00e7inde \u00e7al\u0131\u015fan birini gerektiriyor. Su\u00e7lu, \u00e7al\u0131\u015fandan ATM g\u00f6vdesini a\u00e7an anahtar\u0131 al\u0131yor. Bu anahtarla su\u00e7lu direkt para alam\u0131yor ancak a\u011f kablosunu bulabiliyor. Hacker, ATM\u2019yi bankan\u0131n a\u011f\u0131ndan \u00e7\u0131kararak \u00f6zel bir ayg\u0131tla t\u00fcm veriyi kendi sunucusuna yolluyor.<\/p>\n<p>ATM\u2019leri birbirine ba\u011flayan a\u011flar genelde g\u00fcvenlik nedenlerinden dolay\u0131 birbirinden ayr\u0131 olur ve ATM\u2019ler kendilerini otomatik yap\u0131land\u0131rm\u0131\u015f olabilirler. Bu durumda baz\u0131 cihazlarla, sadece birine ba\u011fl\u0131 olsa bile birden \u00e7ok ATM\u2019nin verilerine ula\u015f\u0131labilir.<\/p>\n<p>Sald\u0131r\u0131n\u0131n geri kalan k\u0131sm\u0131 metot 1\u2019de anlatt\u0131klar\u0131m\u0131z\u0131n ayn\u0131s\u0131: Sahte bir i\u015flem merkezi sunucuya y\u00fckleniyor, sald\u0131rgan ATM\u2019nin t\u00fcm kontrol\u00fcn\u00fc eline ge\u00e7iriyor. Herhangi bir kart kullanarak modeline ba\u011fl\u0131 olmaks\u0131z\u0131n ATM\u2019den t\u00fcm paray\u0131 \u00e7ekebiliyor. Bu metodu ba\u015far\u0131l\u0131 \u015fekilde uygulayabilmek i\u00e7in ATM\u2019lerin tek ortak noktas\u0131n\u0131n i\u015flem s\u00fcrecine ba\u011flanan ATM\u2019lerin protokollerinin ayn\u0131 olmas\u0131 yetiyor.<\/p>\n<p><span class=\"embed-youtube\" style=\"text-align:center; display: block;\"><iframe class=\"youtube-player\" type=\"text\/html\" width=\"640\" height=\"390\" src=\"https:\/\/www.youtube.com\/embed\/N9DjtYO-coo?version=3&amp;rel=1&amp;fs=1&amp;showsearch=0&amp;showinfo=1&amp;iv_load_policy=1&amp;wmode=transparent\" frameborder=\"0\" allowfullscreen=\"true\"><\/iframe><\/span><\/p>\n<p><strong>Metot 3: Karakutu sald\u0131r\u0131s\u0131 <\/strong><br>\n\u00d6nceden anlatt\u0131\u011f\u0131m\u0131z gibi, sald\u0131rgan ATM ana g\u00f6vdesinin anahtar\u0131n\u0131 al\u0131yor ancak bu sefer makineyi bak\u0131m moduna sokuyor. Daha sonra hacker USB giri\u015fine karakutu tak\u0131yor. Karakutu, sald\u0131rgan\u0131n nakit b\u00f6lgelerini kontrol edebilmesini sa\u011fl\u0131yor.<\/p>\n<p>Sald\u0131rgan ATM ile u\u011fra\u015f\u0131rken, ekranda \u201cBak\u0131m \u201d ya da \u201cKullan\u0131m d\u0131\u015f\u0131\u201d servis mesjalar\u0131 geliyor ancak ATM hala para verebilir durumda oluyor. Dahas\u0131, karakutu ak\u0131ll\u0131 bir telefon ile uzaktan kontrol edilebiliyor. Hacker ekrandaki bir tu\u015fa basarak para al\u0131yor ve karakutuyu delilleri yok ediyor.<\/p>\n<p><span class=\"embed-youtube\" style=\"text-align:center; display: block;\"><iframe class=\"youtube-player\" type=\"text\/html\" width=\"640\" height=\"390\" src=\"https:\/\/www.youtube.com\/embed\/3HYA0MvizpM?version=3&amp;rel=1&amp;fs=1&amp;showsearch=0&amp;showinfo=1&amp;iv_load_policy=1&amp;wmode=transparent\" frameborder=\"0\" allowfullscreen=\"true\"><\/iframe><\/span><br>\n<strong><br>\nMetot 4: K\u00f6t\u00fc ama\u00e7l\u0131 yaz\u0131l\u0131m sald\u0131r\u0131s\u0131<\/strong><br>\nATM\u2019ye k\u00f6t\u00fc ama\u00e7l\u0131 yaz\u0131l\u0131m y\u00fcklemenin iki yolu var: Porta k\u00f6t\u00fc ama\u00e7l\u0131 yaz\u0131l\u0131m i\u00e7eren USB takmak ya da makineyi uzaktan bankan\u0131n a\u011f\u0131na girerek hacklemek.<\/p>\n<p>Hedef ATM k\u00f6t\u00fc ama\u00e7l\u0131 yaz\u0131l\u0131mlara kar\u015f\u0131 g\u00fcvende de\u011filse hacker ATM\u2019de k\u00f6t\u00fc ama\u00e7l\u0131 yaz\u0131l\u0131m \u00e7al\u0131\u015ft\u0131r\u0131p ATM\u2019ye para vermesi y\u00f6n\u00fcnde komut verebilir. Ta ki ATM\u2019nin i\u00e7indeki para bitene kadar.<\/p>\n<p><span class=\"embed-youtube\" style=\"text-align:center; display: block;\"><iframe class=\"youtube-player\" type=\"text\/html\" width=\"640\" height=\"390\" src=\"https:\/\/www.youtube.com\/embed\/XokG7HNVt20?version=3&amp;rel=1&amp;fs=1&amp;showsearch=0&amp;showinfo=1&amp;iv_load_policy=1&amp;wmode=transparent\" frameborder=\"0\" allowfullscreen=\"true\"><\/iframe><\/span><\/p>\n<p>Tabiki her ATM hacklenebilir de\u011fildir. Yukar\u0131da anlat\u0131lanlar sadece bir \u015feyler eksik unutulmu\u015fsa olabilir. Bankan\u0131n a\u011f\u0131 g\u00fcvenli olmayabilir, ATM yaz\u0131l\u0131m\u0131 de\u011fi\u015ftirirken onaylama gerekmeyebilir, uygulamalar i\u00e7in beyaz liste olmayabilir ya da a\u011f kablosu kolay eri\u015filebilir bir yerdedir.<\/p>\n<p>Ne yaz\u0131k ki, bu t\u00fcr problemler yayg\u0131n olarak var. \u00d6rne\u011fin,<a href=\"https:\/\/www.kaspersky.com\/blog\/tyupkin-atm-malware\/6246\/\" target=\"_blank\" rel=\"noopener noreferrer nofollow\"> Tyupkin Tojan\u2019\u0131<\/a> ile sald\u0131rganlara ATM\u2019lere sald\u0131rma \u015fans\u0131 tan\u0131d\u0131lar. Kaspersky Lab uzmanlar\u0131 bankalara bu t\u00fcr konularda yard\u0131m etmek i\u00e7in daima <a href=\"https:\/\/www.kaspersky.com\/tr\/enterprise-security\/intelligence-services\" target=\"_blank\" rel=\"noopener noreferrer nofollow\">haz\u0131rlar<\/a>: Dan\u0131\u015fmanl\u0131k servislerimizi \u00f6neriyoruz. Ayr\u0131ca bankan\u0131n altyap\u0131s\u0131n\u0131 denetleyebilir ve sald\u0131r\u0131lara kar\u015f\u0131 g\u00fcvenli\u011fini test edebiliriz.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Size zaten hacker gruplar\u0131n\u0131n para i\u00e7in ATM\u2019leri hackledi\u011fini anlatm\u0131\u015ft\u0131k. \u015eimdi ise kendi g\u00f6zlerinizle bunu g\u00f6rebilirsiniz! Uzmanlar\u0131m\u0131z d\u00f6rt tane ATM hackleme demo videosu haz\u0131rlad\u0131. Not: Bu s\u00fcre\u00e7te hi\u00e7bir banka zarar g\u00f6rmemi\u015ftir<\/p>\n","protected":false},"author":696,"featured_media":2521,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[1287,1351],"tags":[401,978,545,352,626,58],"class_list":{"0":"post-2520","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-news","8":"category-threats","9":"tag-atm","10":"tag-bankalar","11":"tag-hack","12":"tag-kaspersky-lab","13":"tag-para","14":"tag-video"},"hreflang":[{"hreflang":"tr","url":"https:\/\/www.kaspersky.com.tr\/blog\/4-ways-to-hack-atm\/2520\/"},{"hreflang":"en-ae","url":"https:\/\/me-en.kaspersky.com\/blog\/4-ways-to-hack-atm\/5599\/"},{"hreflang":"en-us","url":"https:\/\/usa.kaspersky.com\/blog\/4-ways-to-hack-atm\/7720\/"},{"hreflang":"en-gb","url":"https:\/\/www.kaspersky.co.uk\/blog\/4-ways-to-hack-atm\/7725\/"},{"hreflang":"es-mx","url":"https:\/\/latam.kaspersky.com\/blog\/4-ways-to-hack-atm\/7776\/"},{"hreflang":"es","url":"https:\/\/www.kaspersky.es\/blog\/4-ways-to-hack-atm\/9198\/"},{"hreflang":"it","url":"https:\/\/www.kaspersky.it\/blog\/4-ways-to-hack-atm\/9056\/"},{"hreflang":"ru","url":"https:\/\/www.kaspersky.ru\/blog\/4-ways-to-hack-atm\/13215\/"},{"hreflang":"x-default","url":"https:\/\/www.kaspersky.com\/blog\/4-ways-to-hack-atm\/13126\/"},{"hreflang":"pt-br","url":"https:\/\/www.kaspersky.com.br\/blog\/4-ways-to-hack-atm\/6598\/"},{"hreflang":"pl","url":"https:\/\/plblog.kaspersky.com\/4-ways-to-hack-atm\/5567\/"},{"hreflang":"de","url":"https:\/\/www.kaspersky.de\/blog\/4-ways-to-hack-atm\/8816\/"},{"hreflang":"ja","url":"https:\/\/blog.kaspersky.co.jp\/4-ways-to-hack-atm\/12724\/"},{"hreflang":"ru-kz","url":"https:\/\/blog.kaspersky.kz\/4-ways-to-hack-atm\/13215\/"},{"hreflang":"en-au","url":"https:\/\/www.kaspersky.com.au\/blog\/4-ways-to-hack-atm\/13126\/"},{"hreflang":"en-za","url":"https:\/\/www.kaspersky.co.za\/blog\/4-ways-to-hack-atm\/13126\/"}],"acf":[],"banners":"","maintag":{"url":"https:\/\/www.kaspersky.com.tr\/blog\/tag\/atm\/","name":"atm"},"_links":{"self":[{"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/posts\/2520","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/users\/696"}],"replies":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/comments?post=2520"}],"version-history":[{"count":3,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/posts\/2520\/revisions"}],"predecessor-version":[{"id":7839,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/posts\/2520\/revisions\/7839"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/media\/2521"}],"wp:attachment":[{"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/media?parent=2520"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/categories?post=2520"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/tags?post=2520"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}