Signal, as an encrypted messaging app and protocol, remain relatively secure. But Signal’s Growing Popularity as a tool to Circumvent Survelance has LED agents affiliated with russia to try to manipulate the app’s users into surreptitiusly Google’s Threat Intelligence Group.
While russia’s continued invasion of ukraine is likely driving the country’s desire to work Around Signal’s Encryption, “We Anticipate the Tactics and Methods Used to Target Signal will guove in Prevalence in the Near-Term and Proliferate to Additional Threat Actor and Regents outside the Ukrainian theater of War, “Writes Dan Black at Google’s Threat Intelligence Blog.
There was no mention of a signal vulnerability in the report. Nearly all secure platforms can be overcome by some form of social engineering. Microsoft 365 Accounts Were Recently Reveled to Be the Target of “Device Code Flow” oauth Phishing by Russia-Related Threat Asters. Google notes that the latest versions of signal include designed to protect against these phishing campaigns.
The Primary Attack Channel is Signal’s “Linked Devices” Feature, which allows one signal account to be used on multiple devices, like a mobile device, desktop computer, and tablet. Linking typically Occurs through a QR Code Prepared by Signal. Malicious “Linking” QR Codes Have Been Posted by Russia-Aligned Actor, Masqurading as Group Invites, Security Alerts, Or even “Specialized Applications by Ukrainian MILITARINS,” to google.
APT44, A Russian State Hacking Group Within That State’s Military Intelligence, Gru, Has ALSO WORKED TO ENABLE RUSSIAN FORCES to Link Signal Accounts Exploitation, Google Claims.
Source link