For more than a decade, Russian cyberfarfare has used Ukraine as one Test laboratory For their latest hacking techniques, methods often target Ukrainians before they are wider. Now Google is warning about a Russian spy trick that has been used to get the Ukrainian message on the encrypted platform. SignalOne of the people that both Ukrainians and other signals around the world should protect themselves with a new update for the application.
Google's threat of intelligence on Wednesday published one report Revealing how many groups of hackers serving the interests of the Russian state are targeting the signal, the messaging tool encoded from the beginning to the end has been widely accepted as a standard for the private media and is currently available. Used by Ukrainians, including in Ukrainian army's battlefield media. The associated groups with Russia, which Google has given the name UNC5792 and UNC4221, are taking advantage of the signal feature that allows users to join the signal group by scanning the QR code from their phone. By sending scam message to the victims, often exceeding the signal, both hackers fake those invitations in the form of QR code instead of hidden JavaScript commands linking the victim's phone with one with one with one with one. The new device in this case, one of the hands of an eavesdropping can then read any message that the goal is sent or received.
This looks like a group invitation and everything will work exactly like that, except when you scan it, it links the device out, Dan Black, a researcher of Google Cyberspionage and former NATO analyst. . Immediately combine your device with their. And all your messages now, in real time, are sent to actors threatening while you receive them.
Two months ago, Google started warning The signal platform maintains the media platform Regarding Russia's use of QR code scam techniques and the signal last week have completed the introduction of an update for iOS and Android designed to combat this trick. Safe to warn users when they link a new device and check them again for a random period of time a few hours after the device is added to confirm that they still want to share all Messages with it. The signal now also requires a authentic form such as importing code or using FaceID or TouchID on iOS to add a new linked device.
In fact, the signal has worked to update these forms of fraudulent protection in order to exploit its link feature before Google's warning, Josh Lund of the signal, Josh Lund said. But Google's report on Russian spies in Ukraine provided an acute example of Muslims on the issue of promoting them to move quickly to protect users, he said.
Lund we are really grateful to the Google group for their help in making the signal more resilient with this type of social technique.
Both Google and the signal emphasize that Google scam techniques have been used in Ukraine, the encryption of the broken signal or the application's messages can be eavesdropping during transportation. Instead, the basic trick combines two legal features of the QR-C-Code Group and the QR code device that combines a smartphone with a laptop that can exchange this with this Users to deceive. Phishing is a big problem on the Internet and it is great to know that someone has become a victim of one of these attacks, Lund said. However, we are trying to do our best to keep users safe and we think that recent improvements will be really helpful.