For more than a decade, Russia’s cyber warfare has used Ukraine as Testing lab For its latest hacking technology, it is often first targeted at Ukrainians in deploying a wider approach. Now Google warns of a Russian spy trick that is used to get information from Ukrainians on encrypted platforms signal– Ukrainians and other signal users around the world should protect themselves by making new updates to the app.
Google’s Threat Intelligence Team released Wednesday Report Revealing how multiple hacker groups serving Russian national interests target signals, an end-to-end encrypted messaging tool that has been widely accepted as a standard for private communications and is now frequently used by Ukrainians, including Battlefield spread of the Ukrainian military. Google has given Russia-related groups that provide working names for UNC5792 and UNC4221, which utilizes the signaling function, which allows users to join signal groups by scanning QR codes from their phones. By sending phishing messages to victims, usually the signal itself, both hacker groups deceived these groups in the form of QR codes, rather than hiding JavaScript commands that connect the victim’s phone to the new device – here In this case, the eavesdropper can then read each message sent or received by the target.
“It looks exactly like an invitation from a group, and everything can be like this, unless you scan it, it links the device out,” said Dan Black, a Google Cyberespionage researcher and former NATO analyst. “It immediately brings you The devices are paired with their devices. Now all your messages are in real time and when you receive a threatening actor, you will be delivered to the threatening actor.”
Two months ago, Google started warning Maintaining the signal foundation of a private communication platform Regarding the use of the QR code phishing technology in Russia and signaled last week to complete an update to iOS and Android, which is designed to deal with this trick. New assurance people warn users when linking a new device and checking at random intervals a few hours after adding the device to confirm that they still want to share all messages with it. Signals now also require a form of authentication, such as entering a password or using faceID or TouchID on iOS to add a new linked device.
In fact, Signal’s senior technician Josh Lund said the signal is already working to update the forms of phishing protections involving the functionality of its linked devices. But Google’s report on Russia’s espionage in Ukraine provides a “rapid” example that prompted them to act quickly to protect users, he said.
“We are very grateful for the help of the Google team to make the signal more resilient,” said Lund, who said using cybersecurity terms to trick victims into providing hackers with sensitive information or accessing their systems.
Both Google and Signal stressed that the phishing technology Google uses in Ukraine does not imply that the encryption of the signal is corrupted, or that the application’s messages could otherwise be eavesdropped in transit. Instead, the trick essentially combines two legitimate features: QR-Code group invitation and QR-Code device linking the smartphone to the laptop’s QR-Code device – swapping it with another link to Deceive the user. “Phing is a big problem on the internet, and it’s not good to hear someone get caught in the victims of one of the attacks,” Lund said. “But we are trying to do our best to keep users safe, and we think these recent Improvements really help.”
