{"id":23335,"date":"2022-05-08T10:36:03","date_gmt":"2022-05-08T07:36:03","guid":{"rendered":"https:\/\/kutaybilen.com.tr\/?p=23335"},"modified":"2022-05-08T10:36:03","modified_gmt":"2022-05-08T07:36:03","slug":"hackerlar-gecersiz-mahkeme-karariyla-kimlik-avi-yapti","status":"publish","type":"post","link":"https:\/\/kutaybilen.com.tr\/?p=23335","title":{"rendered":"Hackerlar, Ge\u00e7ersiz Mahkeme Karar\u0131yla Kimlik Av\u0131 Yapt\u0131"},"content":{"rendered":"

Yeni cins bir kimlik av\u0131 doland\u0131r\u0131c\u0131l\u0131\u011f\u0131 prosed\u00fcr\u00fc geli\u015ftiren bilgisayar korsanlar\u0131, a\u011f sayfalar\u0131n\u0131n g\u00fcvenli\u011fi i\u00e7in kullan\u0131lan bir uygulama olan CAPTCHA\u2019y\u0131<\/strong> kullanarak kullan\u0131c\u0131lar\u0131n kimlik bilgilerini \u00e7ald\u0131. Kimlik av\u0131 ak\u0131n\u0131nda sald\u0131rganlar, kurbanlar\u0131n\u0131 tuza\u011fa \u00e7ekmek i\u00e7in bir otorite oldu\u011funu sav ederek \u2018mahkeme karar\u0131\u2019<\/strong> temal\u0131 e-postalar kulland\u0131.<\/p>\n

Bu \u00e7e\u015fit kimlik av\u0131 sistemleri \u00e7ok yayg\u0131n olarak kullan\u0131lmasa da ge\u00e7mi\u015fte birtak\u0131m \u00f6rnekleri mevcut. Bu noktada ge\u00e7ti\u011fimiz y\u0131l\u0131n kas\u0131m ay\u0131nda makus niyetli \u015fah\u0131slar, Birle\u015fik Krall\u0131k Adalet Bakanl\u0131\u011f\u0131\u2019n\u0131n<\/strong> ismini kullanarak kullan\u0131c\u0131lar\u0131n kimlik bilgilerini hedeflemi\u015fti. Benzeri halde yaln\u0131zca birka\u00e7 g\u00fcn evvel Armorblox<\/strong> da \u0130ngiliz mahkemelerinden geldi\u011fi arg\u00fcman edilen d\u00fczmece e-postalar\u0131n nas\u0131l g\u00f6nderildi\u011fini a\u00e7\u0131klam\u0131\u015ft\u0131.<\/p>\n

Sald\u0131rganlar, daha inand\u0131r\u0131c\u0131 olmak i\u00e7in CAPTCHA do\u011frulamas\u0131n\u0131 kulland\u0131:<\/b><\/p>\n

<\/p>\n

Sald\u0131rganlar\u0131n, ola\u011fan g\u00fcvenlik filtrelerinden ve Microsoft taraf\u0131ndan sa\u011flanan e-posta g\u00fcvenlik hizmeti Exchange Online Protection\u2019a (EOP)<\/strong> tak\u0131lmad\u0131klar\u0131ndan emin olmak i\u00e7in e-postalar\u0131 toplu olarak de\u011fil, sadece belli \u015fah\u0131slara g\u00f6nderdi\u011fi s\u00f6yleniyor. Bilmeyenler i\u00e7in EOP, e-posta mesajlar\u0131ndan mak\u00fbs maksatl\u0131 i\u00e7eri\u011fin kald\u0131r\u0131lmas\u0131 ve spam\u2019in filtrelenmesine y\u00f6nelik Microsoft taraf\u0131ndan sunulan bir e-posta g\u00fcvenlik hizmeti<\/strong> olarak biliniyor.<\/p>\n

Ama\u00e7lar\u0131 belirleyip e-postalar\u0131 g\u00f6nderen bilgisayar korsanlar\u0131, mesaj\u0131n daha inand\u0131r\u0131c\u0131 olmas\u0131 i\u00e7inse CAPTCHA\u2019y\u0131<\/strong> kulland\u0131. Armorblox taraf\u0131ndan yay\u0131nlanan bir blog g\u00f6nderisine nazaran CAPTCHA\u2019n\u0131n dahil edilmesi, g\u00fcvenlik teknolojilerinin daha da zorla\u015fmas\u0131na yard\u0131mc\u0131 oluyor.<\/p>\n

G\u00fcvenlik ara\u015ft\u0131rmac\u0131lar\u0131, bilgisayar korsanlar\u0131n\u0131n olu\u015fturdu\u011fu bu CAPTCHA do\u011frulamalar\u0131nda mahkemeye dayal\u0131 bir sayfan\u0131n asla yapmayaca\u011f\u0131 dilbilgisi<\/strong> yanl\u0131\u015flar\u0131n\u0131n<\/strong> oldu\u011funu ve sayfalar\u0131n alan isimlerinin<\/strong> yasal bir kuruma aitmi\u015f \u00fczere g\u00f6r\u00fcnmedi\u011fini s\u00f6yl\u00fcyor. Lakin pek \u00e7ok insan, bu \u00e7e\u015fit k\u00fc\u00e7\u00fck ayr\u0131nt\u0131lara pek fazla dikkat etmiyor.<\/p>\n

<\/p>\n

Kullan\u0131lan kimlik av\u0131 sisteminde, CAPTCHA do\u011frulamalar\u0131n\u0131 ge\u00e7en kullan\u0131c\u0131lara en sonunda kimlik bilgilerini soran bir Microsoft Office 365<\/strong> sayfas\u0131 sunuluyor. Temelinde sald\u0131rgan\u0131n alan ismini ta\u015f\u0131yan ve resmi olmayan bu sayfa, dikkatsiz kullan\u0131c\u0131lar\u0131n kimlik bilgilerini sayfaya girmesiyle bilgileri makus niyetli \u015fah\u0131slara aktar\u0131yor.<\/p>\n

<\/div>\n","protected":false},"excerpt":{"rendered":"

Yeni cins bir kimlik av\u0131 doland\u0131r\u0131c\u0131l\u0131\u011f\u0131 prosed\u00fcr\u00fc geli\u015ftiren bilgisayar korsanlar\u0131, a\u011f sayfalar\u0131n\u0131n g\u00fcvenli\u011fi i\u00e7in kullan\u0131lan bir uygulama olan …<\/p>\n","protected":false},"author":1,"featured_media":23336,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[15],"tags":[2414,4168,1265,1125,2415],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/kutaybilen.com.tr\/index.php?rest_route=\/wp\/v2\/posts\/23335"}],"collection":[{"href":"https:\/\/kutaybilen.com.tr\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/kutaybilen.com.tr\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/kutaybilen.com.tr\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/kutaybilen.com.tr\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=23335"}],"version-history":[{"count":1,"href":"https:\/\/kutaybilen.com.tr\/index.php?rest_route=\/wp\/v2\/posts\/23335\/revisions"}],"predecessor-version":[{"id":23337,"href":"https:\/\/kutaybilen.com.tr\/index.php?rest_route=\/wp\/v2\/posts\/23335\/revisions\/23337"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/kutaybilen.com.tr\/index.php?rest_route=\/wp\/v2\/media\/23336"}],"wp:attachment":[{"href":"https:\/\/kutaybilen.com.tr\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=23335"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/kutaybilen.com.tr\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=23335"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/kutaybilen.com.tr\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=23335"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}