The Google Threat Intelligence Group has detected significant activity from Russian state-aligned threat actors attempting to compromise Signal Messenger accounts of key individuals in the context of the ongoing Ukraine crisis. This surge in activity is thought to stem from the need for sensitive information pertaining to government and military communications. A key strategy used involves exploiting the app's 'linked devices' feature through malicious QR codes, enabling perpetrators to link their devices to victims' accounts, allowing for real-time eavesdropping without needing total control of the victim's device.
Google's Threat Intelligence Group warns of increasing Russian state-aligned efforts to compromise Signal Messenger accounts for espionage purposes amid the Ukraine conflict.
The use of malicious QR codes represents a novel technique allowing threat actors to link unauthorized devices to victims' Signal accounts.
Collection
[
|
...
]