Technology

82460 readers

3968 users here now

This is a most excellent place for technology news and articles.

Our Rules

Follow the lemmy.world rules.
Only tech related news or articles.
Be excellent to each other!
Mod approved content bots can post up to 10 articles per day.
Threads asking for personal tech support may be deleted.
Politics threads may be removed.
No memes allowed as posts, OK to post as comments.
Only approved bots from the list below, this includes using AI responses and summaries. To ask if your bot can be added please contact a mod.
Check for duplicates before posting, duplicates may be removed
Accounts 7 days and younger will have their posts automatically removed.

Approved Bots

founded 2 years ago

MODERATORS

L3s@lemmy.world

enu@lemmy.world

technopagan@lemmy.world

L4s@lemmy.world

L3s@hackingne.ws

112

Russia targets Signal and WhatsApp accounts in cyber campaign | AIVD (english.aivd.nl)

submitted 22 hours ago by kingofras@lemmy.world to c/technology@lemmy.world

7 comments fedilink hide all child comments

From the official Dutch Intelligence and Security Service

information.

“Despite their end-to-end encryption option, messaging apps such as Signal and WhatsApp should not be used as channels for classified, confidential or sensitive information,” states Director of the MIVD, vice-admiral Peter Reesink.

Individual accounts

An interesting aspect of this Russian campaign is that it does not exploit any technical vulnerabilities of the messaging services. The attackers instead make malicious use of legitimate security features of the apps. Director-General of the AIVD Simone Smit states, “It is not the case that Signal or WhatsApp as a whole have been compromised. Individual user accounts are being targeted.”

To increase resilience against this Russian campaign, MIVD and AIVD have published a Cyber Advisory explaining how to identify and respond to attacks. The advisory also give instructions for Signal users on how to identify potentially compromised contacts.

All Signal users can personally check whether there are any potentially compromised contacts in their group chats. If you see any people who appear twice in the list of members (under the same or a slightly different name), this may be evidence of either a compromised account or a new account created by a victim.If you suspect this to be the case, report this to the information security department of your organisation. Together you can try to verify (preferably using a channel other than Signal or WhatsApp, such as an email or a telephone call) whether it is correct that the account in question appears twice in the chat group contact list. Should this not be the case, ask the group administrator to remove both accounts from the group chat, after which the legitimate account holder can request to rejoin the group. Please remain vigilant for group members who are not recognised by the rest of the group. The actor may occasionally change the display name of a compromised account to remain unnoticed in chat groups, for example to names such as 'Deleted account'. If a member’s display name changes, the group will receive a notification. When the change is the legitimate transition to 'Deleted account', no notification is sent. Actor-controlled accounts can also gain entry to the group via an obtained Group Link, of which the group always receives a notification. In all such unauthorised scenarios, ask the group administrator to remove the offending accounts from the chat.If there is any indication that the group administrator themselves may have been compromised, it is advisable to exit the group and create a new one. |

top 7 comments

sorted by: hot top controversial new old

[–] Ek-Hou-Van-Braai@piefed.social 8 points 15 hours ago (1 children)

It was a phishing attack, Signal/WhatsApp wasn't hacked.

[–] Ulrich@feddit.org 1 points 4 hours ago

True but the attackers exploited SMS in order to gain access, which is notoriously insecure. It's a security vulnerability with no benefit.

[+] Sims@lemmy.ml -18 points 19 hours ago (3 children)

Another 'bad bad enemy' propaganda piece. Both comm systems are compromised by US oligarchs and their 3-letter ilk, and are used/promoted as attack surfaces for US propaganda and 'color-revolutions' in nations that don't want to bow down to the US Oligarchy, or let their populations be flooded with Merican "Freedumb" and "Democracy" propaganda that US elite obviously doesn't care about..

Everybody should boycott US sponsored/controlled/based platforms - and stop regurgitating Oligarch/western propaganda about their private 'Enemies'.

[–] kingofras@lemmy.world 11 points 18 hours ago (1 children)

and ghow the weather in kalingkgrad these days comrade?

[–] einkorn@feddit.org 6 points 17 hours ago

*Königsberg

Germany and NATO will start a special operation to come to the aid of the suppressed German minority any day now! /s

[–] yucandu@lemmy.world 8 points 18 hours ago

Does being a Marxist mean being contrarian to every accusation of wrong-doing against a country that America historically doesn't like?

[–] phoenixz@lemmy.ca 4 points 18 hours ago

Yeah, the USA is had and we all know that Putin is our friend who would never do anything to hurt anybody!

Come on dude, don't be THAT naive