For more than a decade, the Russian cyber war has already used Ukraine as a experimental laboratory for its latest hacking techniques, which often target Ukrainians before wider deployment. Google now warns of a Russian espionage trick that has been used to obtain Ukrainian messages in the encrypted platform signal – and one that both Ukrainians and other signal users around the world must have a new update to the program. Protect.
The Google Threat Intelligence Team released a report on Wednesday showing how several hacker groups serve the interests of the Russian government, the signal, the encrypted messaging tool ends as a standard for communications Private is accepted and is now often used by Ukrainians, including in the Ukrainian Army Battle Communications. These Russian -related groups, which Google has given UNC5792 and UNC4221, use a signal feature that allow users to join a signal group by scanning QR code from their phone. By sending phishing messages to the victims, often the signal itself, both hacker groups have been invited to invite these groups as QR codes that instead hide the JavaScript commands that link the victim’s phone to a new device. – In this case, one is in the hands of an eavesdropping that can read any message that the purpose is sending or receiving.
“It looks exactly like a group invitation, and everything acts exactly like it, except when you scan it, link the device together. Gives. ” “This will immediately pair your device with them. And all your messages are now delivered to the actor in real time, while receiving them.”
Two months ago, Google began alerting the Signal Foundation that maintains a private communication platform about Russia’s use of QR code phishing techniques, and last week’s update update for iOS and Android to counter this design trick Has been. The new Safeguard warns users when linking the new device and again a few hours after the device is added, reviewing them at a random interval to confirm that they still want to share all messages with it. The signal now also requires authentication such as entering the passage code or using Faceid or Touchid on iOS to add a new relevant device.
In fact, the signal was already trying to update those phishing protection forms specifically to exploit its related device feature before Google alert. But Google’s report on Russian espionage in Ukraine is an example of a “acute” problem that led them to a quick move to protect users.
“We are really grateful to the Google team for resisting this type of social engineering, using the term cyber security for tricks that deceive victims in giving victims sensitive information or access to their systems.” To. ”
Both Google and the signal have emphasized that the Google phishing technique in Ukraine has been seen that the signal encryption has been broken or that the program messages can otherwise be expressed in transit. Instead, this trick essentially combines two legitimate features-the QR Code is invited and links the QR Code device that pairs a smartphone with a laptop-clearly one with the other to deceive Users replace. “Phishing is a big problem on the Internet, and it is never good to hear that someone has been a victim of one of these attacks,” Lund says. “But we are trying to make every effort to keep users safe, and we think these recent progress will really help.”
