Russian government hackers targeting Signal and WhatsApp users
Russian government hackers are targeting Signal and WhatsApp users, particularly government and military officials, as well as journalists all over the world, Dutch intelligence said on Monday.
The Netherlands’ Defence Intelligence and Security Service (MIVD) and the General Intelligence and Security Service (AIVD) published details about a “large-scale global” hacking campaign against Signal and WhatsApp users. The two agencies accused “Russian state actors” of using phishing and social engineering techniques — rather than malware — to take over accounts on the two messaging apps.
In the case of Signal, the hackers are masquerading as the app’s support team and messaging targets directly with warnings of suspicious activity, “a possible data leak,” or of attempts to access the target’s private data. If the target falls for it, the hackers ask for a verification code sent via SMS — the hackers themselves request this code from Signal — as well as the targets’ PIN code.
The hackers then use the verification and PIN codes to register a new device with a new phone number, impersonate the target, and potentially access their contacts, according to the report. Also, the target gets locked out of their account, but can re-register their number.
In the case of WhatsApp, the hackers are abusing the “Linked devices” function, which allows users to access WhatsApp from a secondary device such as a laptop or a tablet. If the hackers successfully trick their targets, — unlike with Signal — they can potentially read past messages. And sometimes, the victim may not realize that they have granted access to the hackers’ given that they don’t get logged out of their account.
Meta’s spokesperson Zade Alsawah said that WhatsApp suggests users to never share their six-digit code with anyone, and pointed to a Help Center page to help users recognize suspicious messages, and a page about the Linked Devices feature.
Laurens Bos, a spokesperson for the Ministry of Defence declined to provide more details about the campaign.
The Russian embassy in Washington, D.C. did not respond to a request for comment.
TechCrunch
Russian government hackers are targeting Signal and WhatsApp users, particularly government and military officials, as well as journalists all over the world, Dutch intelligence said on Monday.
The Netherlands’ Defence Intelligence and Security Service (MIVD) and the General Intelligence and Security Service (AIVD) published details about a “large-scale global” hacking campaign against Signal and WhatsApp users. The two agencies accused “Russian state actors” of using phishing and social engineering techniques — rather than malware — to take over accounts on the two messaging apps.
In the case of Signal, the hackers are masquerading as the app’s support team and messaging targets directly with warnings of suspicious activity, “a possible data leak,” or of attempts to access the target’s private data. If the target falls for it, the hackers ask for a verification code sent via SMS — the hackers themselves request this code from Signal — as well as the targets’ PIN code.
The hackers then use the verification and PIN codes to register a new device with a new phone number, impersonate the target, and potentially access their contacts, according to the report. Also, the target gets locked out of their account, but can re-register their number.
In the case of WhatsApp, the hackers are abusing the “Linked devices” function, which allows users to access WhatsApp from a secondary device such as a laptop or a tablet. If the hackers successfully trick their targets, — unlike with Signal — they can potentially read past messages. And sometimes, the victim may not realize that they have granted access to the hackers’ given that they don’t get logged out of their account.
Meta’s spokesperson Zade Alsawah said that WhatsApp suggests users to never share their six-digit code with anyone, and pointed to a Help Center page to help users recognize suspicious messages, and a page about the Linked Devices feature.
Laurens Bos, a spokesperson for the Ministry of Defence declined to provide more details about the campaign.
The Russian embassy in Washington, D.C. did not respond to a request for comment.
TechCrunch
Russian government hackers are targeting Signal and WhatsApp users, particularly government and military officials, as well as journalists all over the world, Dutch intelligence said on Monday.
The Netherlands’ Defence Intelligence and Security Service (MIVD) and the General Intelligence and Security Service (AIVD) published details about a “large-scale global” hacking campaign against Signal and WhatsApp users. The two agencies accused “Russian state actors” of using phishing and social engineering techniques — rather than malware — to take over accounts on the two messaging apps.
In the case of Signal, the hackers are masquerading as the app’s support team and messaging targets directly with warnings of suspicious activity, “a possible data leak,” or of attempts to access the target’s private data. If the target falls for it, the hackers ask for a verification code sent via SMS — the hackers themselves request this code from Signal — as well as the targets’ PIN code.
The hackers then use the verification and PIN codes to register a new device with a new phone number, impersonate the target, and potentially access their contacts, according to the report. Also, the target gets locked out of their account, but can re-register their number.
In the case of WhatsApp, the hackers are abusing the “Linked devices” function, which allows users to access WhatsApp from a secondary device such as a laptop or a tablet. If the hackers successfully trick their targets, — unlike with Signal — they can potentially read past messages. And sometimes, the victim may not realize that they have granted access to the hackers’ given that they don’t get logged out of their account.
Meta’s spokesperson Zade Alsawah said that WhatsApp suggests users to never share their six-digit code with anyone, and pointed to a Help Center page to help users recognize suspicious messages, and a page about the Linked Devices feature.
Laurens Bos, a spokesperson for the Ministry of Defence declined to provide more details about the campaign.
The Russian embassy in Washington, D.C. did not respond to a request for comment.
TechCrunch
comments
Russian government hackers targeting Signal and WhatsApp users
comments