For over ten years, Russia has used Ukraine to refine its cyberwarfare techniques. Recently, Google alerted users to a particular Russian espionage tactic involving the messaging app Signal. The strategy exploits a feature allowing users to join Signal groups via QR codes, which Russian-linked hacker groups have manipulated to conduct phishing attacks. By disguising malicious QR codes as group invites, hackers can pair their devices with victims' phones, enabling them to intercept messages in real time. Google has previously notified the Signal Foundation about these tactics, leading to a recent app update to enhance security.
For more than a decade now, Russian cyberwarfare has used Ukraine as a test lab for its latest hacking techniques, methods that often target Ukrainians first before they're deployed more broadly.
By sending phishing messages to victims, often over Signal itself, both hacker groups have spoofed those group invites in the form of QR codes that instead hide javascript commands that link the victim's phone to a new device.
Collection
[
|
...
]