Russian Hackers Target Signal Messenger Accounts
Google‘s Threat Intelligence Group has reported a rise in hacking attempts by Russian state-backed groups targeting Signal messenger accounts. These attacks focus on people important to Russia, such as military personnel, government officials, journalists, and activists.
The threats are linked to Russia’s war in Ukraine, but experts warn that other hackers may soon follow suit. Russia-aligned groups have also targeted WhatsApp and Telegram using similar methods, according to Google’s latest report.
Experts say these attacks show a growing trend of cyber espionage worldwide. Governments and hacking groups are trying to get into secure messaging apps like Signal.
The main way these hackers work is by exploiting Signal’s “linked devices” feature. They create fake QR codes that look real and link a victim’s Signal account to a hacker-controlled device. This lets them read messages in real-time without needing direct access to the phone.
Hackers have sent out fake security alerts, group invitations, or official instructions that include these malicious QR codes. In some cases, they’ve hidden the codes inside fake apps designed to look like software used by Ukraine’s military.
Russian hackers have even used this tactic on the battlefield. The group APT44, linked to Russia’s GRU military intelligence agency, has reportedly linked soldiers’ Signal accounts to Russian-controlled infrastructure.
Signal and Google have strengthened their security measures to stop these phishing attempts. Users are urged to update their apps and be careful of suspicious QR codes or unexpected device-linking requests.
Read More @ kyivindependent.com