Indonesian Political, Business & Finance News

Russian "hackers" reported to target Signal and WhatsApp users globally

| Source: ANTARA_ID Translated from Indonesian | Technology
Russian "hackers" reported to target Signal and WhatsApp users globally
Image: ANTARA_ID

Jakarta (ANTARA) — The Dutch Defence Intelligence and Security Service (MIVD) has released a document alleging that hackers or cybercriminals from Russia are targeting users of the digital platforms Signal and WhatsApp globally.

The reported hacking targets specifically government officials and military personnel, as well as journalists worldwide.

According to a TechCrunch report on Monday, 9 March, the hacking operation uses phishing and social engineering techniques to take over user accounts on both instant messaging applications.

If targets are deceived, the hackers will request verification codes sent via SMS. Notably, hackers impersonating administrators claim to request codes and PINs from victims as a prerequisite for Signal to fix “problems”.

The PIN and verification codes are subsequently used to register a new device with a new telephone number, impersonate the victim’s identity, and potentially access the victim’s contacts.

In the document, it is explained that “because Signal stores chat history locally on the mobile phone, victims can access the history again after re-registering. As a result, the victim may assume that nothing is wrong”.

Specifically, Signal does not actually provide direct support through the application if there is an indication of a security breach.

Besides deceiving victims by impersonating app administrators, the hackers are also reported to attempt to deceive victims into scanning QR codes or clicking malicious links.

“For example, the perpetrator can send a QR code or link to the victim to add them to a chat group, but the QR code or link actually connects the perpetrator’s device to the victim’s account,” the report explains.

If hackers successfully deceive a victim, there is potential for them to read previous messages.

In the situation where WhatsApp has been compromised, the victim may not realise that they have given access to hackers because they have not logged out of their account.

Meta spokesperson Zade Alsawah stated that WhatsApp advises users never to share their six-digit code with anyone.

He recommended that users instead access the Help Centre page to recognise suspicious messages, and the page about the Linked Devices feature to ensure which devices are connected to their device.

View JSON | Print