{"id":7539,"date":"2020-01-15T14:44:23","date_gmt":"2020-01-15T11:44:23","guid":{"rendered":"https:\/\/www.kaspersky.com.tr\/blog\/?p=7539"},"modified":"2020-01-15T14:44:23","modified_gmt":"2020-01-15T11:44:23","slug":"faketoken-trojan-sends-offensive-sms","status":"publish","type":"post","link":"https:\/\/www.kaspersky.com.tr\/blog\/faketoken-trojan-sends-offensive-sms\/7539\/","title":{"rendered":"Faketoken Truva At\u0131 sald\u0131rgan metinler g\u00f6nderiyor"},"content":{"rendered":"<p>Vir\u00fcs geli\u015ftiricilerin yarat\u0131c\u0131l\u0131\u011f\u0131 s\u0131n\u0131r tan\u0131m\u0131yor. Baz\u0131 fidye yaz\u0131l\u0131m\u0131 uygulamalar\u0131 <a href=\"https:\/\/www.kaspersky.com.tr\/blog\/rakhni-miner-cryptor\/5079\/\" target=\"_blank\" rel=\"noopener\">art\u0131k madencilik yeteneklerine sahip<\/a>; baz\u0131 bankac\u0131l\u0131k Truva Atlar\u0131 ise kurbanlar\u0131ndan <a href=\"https:\/\/securelist.com\/latest-version-of-svpeng-targets-users-in-us\/63746\/\" target=\"_blank\" rel=\"noopener\">zorla para s\u0131zd\u0131r\u0131yor<\/a>. Faketoken\u2019in ismi kula\u011fa aptalca gelebilir, ancak bu bankac\u0131l\u0131k Truva At\u0131, Android cihazlar i\u00e7in ciddi bir tehdit i\u00e7eriyor.<\/p>\n<h2>Faketoken: SMS h\u0131rs\u0131zl\u0131\u011f\u0131ndan tam te\u015fekk\u00fcll\u00fc bankac\u0131l\u0131\u011fa<\/h2>\n<p>Bankac\u0131l\u0131k Truva At\u0131 Faketoken, bir s\u00fcredir piyasada: <a href=\"https:\/\/securelist.com\/kaspersky-security-bulletin-2014-overall-statistics-for-2014\/68010\/68010\/\" target=\"_blank\" rel=\"noopener\">2014\u2019te en yayg\u0131n g\u00f6r\u00fclen 20 mobil tehdit<\/a> listemize girmi\u015fti. O zamanlar bu k\u00f6t\u00fc ama\u00e7l\u0131 yaz\u0131l\u0131m, masa\u00fcst\u00fc bankac\u0131l\u0131k Truva Atlar\u0131 ile birlikte \u00e7al\u0131\u015f\u0131yordu. Masa\u00fcst\u00fc uygulamas\u0131 kurbanlar\u0131n hesaplar\u0131n\u0131 hackliyor ve para \u00e7ekiyordu; Faketoken ise i\u015flemleri onaylamak i\u00e7in g\u00f6nderilen tek seferlik \u015fifreleri i\u00e7eren k\u0131sa mesajlar\u0131 ele ge\u00e7iriyordu.<\/p>\n<p>2016\u2019ya geldi\u011fimizde Faketoken <a href=\"https:\/\/securelist.com\/the-banker-that-encrypted-files\/76913\/\" target=\"_blank\" rel=\"noopener\">do\u011frudan para \u00e7alan<\/a> tam te\u015fekk\u00fcll\u00fc bir mobil bankac\u0131l\u0131k Truva At\u0131 haline geldi. Kullan\u0131c\u0131lar\u0131n oturum a\u00e7ma verilerini, \u015fifrelerini ve banka kart\u0131 bilgilerini girmelerini sa\u011flamak \u00fczere sahte pencerelerle di\u011fer uygulamalar\u0131n \u00fczerini kaplamaya ba\u015flad\u0131. Ayr\u0131ca vir\u00fcsl\u00fc cihazlar\u0131n ekranlar\u0131n\u0131 engelleyip dosyalar\u0131n\u0131 \u015fifreleyerek fidye yaz\u0131l\u0131m\u0131 olarak da etkili bir \u015fekilde \u00e7al\u0131\u015f\u0131yordu.<\/p>\n<p>2017\u2019ye gelindi\u011finde Faketoken, banka hesap verilerini \u00e7almak \u00fczere mobil bankac\u0131l\u0131k uygulamalar\u0131, Google Pay gibi e-c\u00fczdanlar ve hatta <a href=\"https:\/\/www.kaspersky.com.tr\/blog\/faketoken-trojan-taxi\/3677\/\" target=\"_blank\" rel=\"noopener\">taksi hizmeti uygulamalar\u0131<\/a> ile para cezas\u0131 ve ceza \u00f6deme i\u00e7in kullan\u0131lan uygulamalar gibi bir\u00e7ok uygulamay\u0131 taklit edebilir hale geldi.<\/p>\n<input type=\"hidden\" class=\"category_for_banner\" value=\"android-malware\">\n<h2>Faketoken i\u00e7in beklenmedik bir d\u00f6n\u00fc\u015f<\/h2>\n<p>K\u0131sa s\u00fcre \u00f6nce, botnet etkinlik izleme sistemimiz Botnet Attack Tracking, Faketoken bula\u015fan 5.000 ak\u0131ll\u0131 telefonun rahats\u0131z edici k\u0131sa mesajlar g\u00f6ndermeye ba\u015flad\u0131\u011f\u0131n\u0131 tespit etti. Bu durum tuhaf g\u00f6r\u00fcn\u00fcyordu.<\/p>\n<p>SMS \u00f6zelli\u011fi, bir\u00e7o\u011fu kurbanlar\u0131n ki\u015filerine g\u00f6nderdi\u011fi indirme ba\u011flant\u0131lar\u0131 arac\u0131l\u0131\u011f\u0131yla yay\u0131lan mobil k\u00f6t\u00fc ama\u00e7l\u0131 yaz\u0131l\u0131m uygulamalar\u0131 i\u00e7in standart bir ekipmand\u0131r. Buna ek olarak bankac\u0131l\u0131k Truva Atlar\u0131, genellikle onay kodu mesajlar\u0131na m\u00fcdahale edebilmek i\u00e7in varsay\u0131lan SMS uygulamas\u0131 olarak ayarlanmay\u0131 talep eder. Peki ya bankac\u0131l\u0131k k\u00f6t\u00fc ama\u00e7l\u0131 yaz\u0131l\u0131mlar\u0131n toplu bir mesajla\u015fma arac\u0131 haline gelmesi? \u0130\u015fte bunu daha \u00f6nce hi\u00e7 g\u00f6rmemi\u015ftik.<\/p>\n<h2>Yurtd\u0131\u015f\u0131na SMS, hem de masraflar\u0131 size ait<\/h2>\n<p>Faketoken\u2019\u0131n mesajla\u015fma etkinliklerinin \u00fccreti, vir\u00fcs bula\u015fm\u0131\u015f cihaz sahiplerine kesiliyor. Herhangi bir \u015fey g\u00f6ndermeden \u00f6nce, kurbanlar\u0131n banka hesab\u0131nda yeterli para bulunup bulunmad\u0131\u011f\u0131n\u0131 kontrol ediyor. Hesapta nakit oldu\u011fu takdirde k\u00f6t\u00fc ama\u00e7l\u0131 yaz\u0131l\u0131m, mesajla\u015fmaya devam etmeden \u00f6nce mobil hesaba karttan para y\u00fckl\u00fcyor.<\/p>\n<p>Faketoken bula\u015fm\u0131\u015f ak\u0131ll\u0131 telefonlar\u0131n bir\u00e7o\u011fu yurtd\u0131\u015f\u0131 numaralara mesaj g\u00f6nderiyor; bu y\u00fczden Truva At\u0131n\u0131n g\u00f6nderdi\u011fi mesajlar olduk\u00e7a pahal\u0131ya patl\u0131yor.<\/p>\n<input type=\"hidden\" class=\"category_for_banner\" value=\"android-malware\">\n<h2>Kendinizi Faketoken\u2019den Koruma Yollar\u0131<\/h2>\n<p>Bu Faketoken sald\u0131r\u0131s\u0131n\u0131n bir defal\u0131k bir kampanya m\u0131 yoksa bir trendin ba\u015flang\u0131c\u0131 m\u0131 oldu\u011funu hen\u00fcz bilmiyoruz. Ancak \u015fimdilik karga\u015fadan ka\u00e7\u0131nmak i\u00e7in:<\/p>\n<ul>\n<li>Yaln\u0131zca Google Play taraf\u0131ndan da\u011f\u0131t\u0131lan uygulamalar\u0131 y\u00fckleyin ve telefonunuzun ayarlar\u0131n\u0131 kullanarak di\u011fer kaynaklardan uygulama indirmeyi devre d\u0131\u015f\u0131 b\u0131rak\u0131n.<\/li>\n<li>Tan\u0131d\u0131\u011f\u0131n\u0131z ki\u015filerden gelse bile, g\u00fcvenli\u011finden emin olmad\u0131\u011f\u0131n\u0131z s\u00fcrece iletilerdeki ba\u011flant\u0131lara t\u0131klamay\u0131n. \u00d6rne\u011fin, normalde sosyal medyada veya anl\u0131k mesajla\u015fma uygulamalar\u0131 arac\u0131l\u0131\u011f\u0131yla sizinle foto\u011fraf payla\u015fan biri, size web ba\u011flant\u0131s\u0131 i\u00e7eren bir metin mesaj\u0131 g\u00f6nderirse bu bir tehlike i\u015faretidir.<\/li>\n<li>G\u00fcvenilir bir g\u00fcvenlik \u00e7\u00f6z\u00fcm\u00fc y\u00fckleyin. <a href=\"https:\/\/kas.pr\/kisatr\" target=\"_blank\" rel=\"noopener\">Kaspersky Internet Security for Android<\/a>, Faketoken\u2019in yan\u0131 s\u0131ra di\u011fer bir\u00e7ok mobil k\u00f6t\u00fc ama\u00e7l\u0131 yaz\u0131l\u0131m uygulamas\u0131n\u0131 alg\u0131lar ve engeller.<\/li>\n<\/ul>\n","protected":false},"excerpt":{"rendered":"<p>Fidye yaz\u0131l\u0131m\u0131 uygulamas\u0131 art\u0131k vir\u00fcsl\u00fc cihazlar\u0131 kullanarak kurban\u0131n paras\u0131yla yurtd\u0131\u015f\u0131na SMS mesajlar\u0131 g\u00f6nderiyor.<\/p>\n","protected":false},"author":2555,"featured_media":7541,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[1351],"tags":[105,2089,2090,1322,665,46,537],"class_list":{"0":"post-7539","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-threats","8":"tag-android","9":"tag-bankacilik-truva-atlari","10":"tag-botnetler","11":"tag-faketoken","12":"tag-mobil-cihazlar","13":"tag-sms","14":"tag-tehditler"},"hreflang":[{"hreflang":"tr","url":"https:\/\/www.kaspersky.com.tr\/blog\/faketoken-trojan-sends-offensive-sms\/7539\/"},{"hreflang":"en-in","url":"https:\/\/www.kaspersky.co.in\/blog\/faketoken-trojan-sends-offensive-sms\/18380\/"},{"hreflang":"en-ae","url":"https:\/\/me-en.kaspersky.com\/blog\/faketoken-trojan-sends-offensive-sms\/15254\/"},{"hreflang":"ar","url":"https:\/\/me.kaspersky.com\/blog\/faketoken-trojan-sends-offensive-sms\/7390\/"},{"hreflang":"en-us","url":"https:\/\/usa.kaspersky.com\/blog\/faketoken-trojan-sends-offensive-sms\/20140\/"},{"hreflang":"en-gb","url":"https:\/\/www.kaspersky.co.uk\/blog\/faketoken-trojan-sends-offensive-sms\/18441\/"},{"hreflang":"es-mx","url":"https:\/\/latam.kaspersky.com\/blog\/faketoken-trojan-sends-offensive-sms\/16904\/"},{"hreflang":"es","url":"https:\/\/www.kaspersky.es\/blog\/faketoken-trojan-sends-offensive-sms\/20868\/"},{"hreflang":"it","url":"https:\/\/www.kaspersky.it\/blog\/faketoken-trojan-sends-offensive-sms\/19660\/"},{"hreflang":"ru","url":"https:\/\/www.kaspersky.ru\/blog\/faketoken-trojan-sends-offensive-sms\/26021\/"},{"hreflang":"x-default","url":"https:\/\/www.kaspersky.com\/blog\/faketoken-trojan-sends-offensive-sms\/32048\/"},{"hreflang":"fr","url":"https:\/\/www.kaspersky.fr\/blog\/faketoken-trojan-sends-offensive-sms\/13597\/"},{"hreflang":"pt-br","url":"https:\/\/www.kaspersky.com.br\/blog\/faketoken-trojan-sends-offensive-sms\/13893\/"},{"hreflang":"pl","url":"https:\/\/plblog.kaspersky.com\/faketoken-trojan-sends-offensive-sms\/12635\/"},{"hreflang":"de","url":"https:\/\/www.kaspersky.de\/blog\/faketoken-trojan-sends-offensive-sms\/21878\/"},{"hreflang":"zh","url":"https:\/\/www.kaspersky.com.cn\/blog\/faketoken-trojan-sends-offensive-sms\/10623\/"},{"hreflang":"ja","url":"https:\/\/blog.kaspersky.co.jp\/faketoken-trojan-sends-offensive-sms\/26619\/"},{"hreflang":"nl","url":"https:\/\/www.kaspersky.nl\/blog\/faketoken-trojan-sends-offensive-sms\/24818\/"},{"hreflang":"ru-kz","url":"https:\/\/blog.kaspersky.kz\/faketoken-trojan-sends-offensive-sms\/20823\/"},{"hreflang":"en-au","url":"https:\/\/www.kaspersky.com.au\/blog\/faketoken-trojan-sends-offensive-sms\/25665\/"},{"hreflang":"en-za","url":"https:\/\/www.kaspersky.co.za\/blog\/faketoken-trojan-sends-offensive-sms\/25496\/"}],"acf":[],"banners":"","maintag":{"url":"https:\/\/www.kaspersky.com.tr\/blog\/tag\/android\/","name":"android"},"_links":{"self":[{"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/posts\/7539","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/users\/2555"}],"replies":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/comments?post=7539"}],"version-history":[{"count":1,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/posts\/7539\/revisions"}],"predecessor-version":[{"id":7542,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/posts\/7539\/revisions\/7542"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/media\/7541"}],"wp:attachment":[{"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/media?parent=7539"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/categories?post=7539"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/tags?post=7539"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}