{"id":5839,"date":"2015-12-04T07:54:20","date_gmt":"2015-12-04T07:54:20","guid":{"rendered":"https:\/\/ihs.com.tr\/blog\/?p=5839"},"modified":"2015-12-04T08:03:37","modified_gmt":"2015-12-04T08:03:37","slug":"guvenlik-uzmanlari-modpos-virusune-karsi-uyariyor","status":"publish","type":"post","link":"https:\/\/www.ihs.com.tr\/blog\/guvenlik-uzmanlari-modpos-virusune-karsi-uyariyor\/","title":{"rendered":"G\u00fcvenlik Uzmanlar\u0131 ModPOS Vir\u00fcs\u00fcne Kar\u015f\u0131 Uyar\u0131yor"},"content":{"rendered":"<p><span style=\"font-size: 14pt;\">Y\u0131lba\u015f\u0131 al\u0131\u015fveri\u015f sezonu tam gaz devam ederken, bir siber g\u00fcvenlik firmas\u0131 sat\u0131\u015f noktas\u0131 (POS) sistemleri kullanan perakendeciler i\u00e7in tehdit olu\u015fturabilecek \u201colduk\u00e7a geli\u015fmi\u015f\u201d bir k\u00f6t\u00fc ama\u00e7l\u0131 yaz\u0131l\u0131ma kar\u015f\u0131 uyar\u0131da bulundu. <strong>ModPOS<\/strong> ad\u0131 verilen bu k\u00f6t\u00fc ama\u00e7l\u0131 yaz\u0131l\u0131m asl\u0131nda 2012 y\u0131l\u0131ndan beri ortal\u0131kta ve 2014 y\u0131l\u0131nda \u015firketleri aktif olarak hedef ald\u0131\u011f\u0131 tespit edilmi\u015fti.<\/span><\/p>\n<p><span style=\"font-size: 14pt;\">Teksas merkezli siber g\u00fcvenlik \u015firketi <strong>iSight Partners<\/strong> bu hafta ba\u015f\u0131nda ModPOS ile ilgili detayl\u0131 bir rapor yay\u0131nlad\u0131 ve \u00e7ok say\u0131da perakendeciyi bu potansiyel tehdit hakk\u0131nda bilgilendirdi. \u015eirket ayr\u0131ca uzmanlar\u0131n\u0131n Perakendeciler Siber \u0130stihbarat Payla\u015f\u0131m Merkezi ile \u00e7al\u0131\u015farak \u00fcyelerinin kendilerini bu k\u00f6t\u00fc ama\u00e7l\u0131 yaz\u0131l\u0131ma kar\u015f\u0131 korumalar\u0131na yard\u0131mc\u0131 oluyor.<\/span><\/p>\n<p><span style=\"font-size: 14pt;\">ModPOS hem tespit edilebilmesi g\u00fc\u00e7 bir yaz\u0131l\u0131m hem de \u00e7ok say\u0131da ve belirli bir kesim perakendecinin POS sistemlerini hedef alacak \u015fekilde yap\u0131land\u0131r\u0131labiliyor. iSight ara\u015ft\u0131rmac\u0131lar\u0131, platforma ters m\u00fchendislik uygulad\u0131klar\u0131nda tespit ettikleri baz\u0131 IP adreslerinden yola \u00e7\u0131karak yaz\u0131l\u0131m\u0131n Do\u011fu Avrupa\u2019yla ba\u011flant\u0131lar\u0131 olabilece\u011fini tahmin ediyorlar.<\/span><\/p>\n<p><strong><span style=\"font-size: 14pt;\">Bug\u00fcne kadarki en geli\u015fmi\u015f POS vir\u00fcs\u00fc<\/span><\/strong><\/p>\n<p><span style=\"font-size: 14pt;\">iSight\u2019\u0131n pazarlama m\u00fcd\u00fcr\u00fc Stephen Ward ModPOS\u2019un bug\u00fcne kadar g\u00f6rd\u00fckleri en geli\u015fmi\u015f POS vir\u00fcs\u00fc oldu\u011funu s\u00f6yl\u00fcyor.<\/span><\/p>\n<p><span style=\"font-size: 14pt;\">ModPOS karma\u015f\u0131k ve geli\u015fmi\u015f kod taban\u0131 sayesinde bir\u00e7ok modern g\u00fcvenlik sistemine yakalanmadan cihazlara s\u0131zabiliyor. Mod\u00fcler yap\u0131s\u0131 \u00e7oklu sald\u0131r\u0131lar d\u00fczenlemesini m\u00fcmk\u00fcn k\u0131l\u0131yor. Tu\u015f kaydedici, POS delici ve y\u00fckleyici\/indirici mod\u00fclleri sayesinde de perakendecilerin POS sistemlerine daha \u00f6nce benzeri g\u00f6r\u00fclmemi\u015f sald\u0131r\u0131larda bulunabiliyor.<\/span><\/p>\n<p><span style=\"font-size: 14pt;\">Ward ayr\u0131ca ModPOS\u2019un kendine \u00f6zg\u00fc eklentileri ve \u00f6zel fonksiyonlar\u0131 oldu\u011funu s\u00f6yl\u00fcyor. Geli\u015fmi\u015f yap\u0131s\u0131 nedeniyle ters m\u00fchendislik yapmak isteyen g\u00fcvenlik uzmanlar\u0131na zor zamanlar ya\u015fatt\u0131\u011f\u0131n\u0131 da ekliyor.<\/span><\/p>\n<p><strong><span style=\"font-size: 14pt;\">Ak\u0131ll\u0131 Kart sistemleri bile tehlikede<\/span><\/strong><\/p>\n<p><span style=\"font-size: 14pt;\">iSight m\u00fcfetti\u015flerinin haz\u0131rlad\u0131\u011f\u0131 istihbarat raporuna g\u00f6re ModPOS\u2019un kabuk kodu C ile yaz\u0131lm\u0131\u015fa benziyor ve \u00e7ok say\u0131da \u00f6zelli\u011fe sahip. \u00d6rne\u011fin servis enjeksiyonunun yakla\u015f\u0131k 600 fonksiyonu, tipik kabuk kodunun ise sadece 0 ila 5 fonksiyonu var.<\/span><\/p>\n<p><span style=\"font-size: 14pt;\">ModPOS\u2019un bir mod\u00fcl\u00fcn\u00fcn POS sistemlerinin belle\u011finden kredi kart\u0131 takip bilgilerini ele ge\u00e7irdi\u011fi g\u00f6r\u00fcld\u00fc. Bu da perakendeci, restoranlar, oteller, sa\u011fl\u0131k merkezleri de dahil olmak \u00fczere POS sistemi kullanan t\u00fcm kurulu\u015flar\u0131n muhtemel hedef oldu\u011funu g\u00f6steriyor.<\/span><\/p>\n<p><span style=\"font-size: 14pt;\">iSight\u2019a g\u00f6re EMV ak\u0131ll\u0131 kart kullan\u0131lan daha geli\u015fmi\u015f POS sistemlerine sahip perakendeciler bile ModPOS\u2019un hedefi olabiliyor. POS sistemi u\u00e7tan uca \u015fifrelemeyi ve bellekteki verilerin \u015fifrelenmesini destekleyecek \u015fekilde yap\u0131land\u0131r\u0131lmam\u0131\u015fsa ModPOS m\u00fc\u015fterilerin kredi kart\u0131 bilgilerine ula\u015fabiliyor. Bu veriler daha sonra kredi kartlar\u0131n\u0131n fiziksel olarak bulunmas\u0131n\u0131n gerekmedi\u011fi online al\u0131\u015fveri\u015f i\u015flemlerinde kullan\u0131labiliyor. Verizon yak\u0131n tarihte yay\u0131nlad\u0131\u011f\u0131 Veri H\u0131rs\u0131zl\u0131\u011f\u0131 Soru\u015fturmalar\u0131 Raporu\u2019nda 61 farkl\u0131 \u00fclkeden perakendecinin 2015 y\u0131l\u0131nda her hafta 800 k\u00f6t\u00fc ama\u00e7l\u0131 yaz\u0131l\u0131m sald\u0131r\u0131s\u0131na u\u011frad\u0131\u011f\u0131n\u0131 bildirdi. Rapora g\u00f6re giderek daha sofistike bir hal alm\u0131\u015f olan sald\u0131rganlar\u0131n yakla\u015f\u0131k %70\u2019i bir\u00e7ok tekni\u011fin farkl\u0131 kombinasyonlar\u0131n\u0131 kullan\u0131yor.<\/span><\/p>\n<p>&nbsp;<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Y\u0131lba\u015f\u0131 al\u0131\u015fveri\u015f sezonu tam gaz devam ederken, bir siber g\u00fcvenlik firmas\u0131 sat\u0131\u015f noktas\u0131 (POS) sistemleri kullanan perakendeciler i\u00e7in tehdit olu\u015fturabilecek \u201colduk\u00e7a geli\u015fmi\u015f\u201d&hellip;<\/p>\n","protected":false},"author":3,"featured_media":5856,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-5839","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-haberler"],"amp_enabled":true,"_links":{"self":[{"href":"https:\/\/www.ihs.com.tr\/blog\/wp-json\/wp\/v2\/posts\/5839","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.ihs.com.tr\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.ihs.com.tr\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.ihs.com.tr\/blog\/wp-json\/wp\/v2\/users\/3"}],"replies":[{"embeddable":true,"href":"https:\/\/www.ihs.com.tr\/blog\/wp-json\/wp\/v2\/comments?post=5839"}],"version-history":[{"count":4,"href":"https:\/\/www.ihs.com.tr\/blog\/wp-json\/wp\/v2\/posts\/5839\/revisions"}],"predecessor-version":[{"id":5857,"href":"https:\/\/www.ihs.com.tr\/blog\/wp-json\/wp\/v2\/posts\/5839\/revisions\/5857"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.ihs.com.tr\/blog\/wp-json\/wp\/v2\/media\/5856"}],"wp:attachment":[{"href":"https:\/\/www.ihs.com.tr\/blog\/wp-json\/wp\/v2\/media?parent=5839"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.ihs.com.tr\/blog\/wp-json\/wp\/v2\/categories?post=5839"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.ihs.com.tr\/blog\/wp-json\/wp\/v2\/tags?post=5839"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}