Russian-linked hackers are trying to break into the Signal and WhatsApp accounts of government officials, journalists, and military personnel globally – not by cracking encryption, but by simply tricking people into handing over the keys.
That’s the warning issued Monday by the Netherlands’ intelligence and military security agencies, the AIVD and MIVD, which say a “large-scale” Russian cyber campaign is actively targeting Signal and WhatsApp accounts. The goal isn’t to defeat the apps’ end-to-end encryption, but to take over the accounts themselves and quietly read whatever conversations are inside.
Read more…
Source: The Register News
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Over 80 Cisco Products Affected by FragmentSmack DoS Bug
September 25, 2018
Cisco is currently looking into its product line to determine which products and services use Linux kernel 3.9 or above, which is vulnerable to the FragmentSmack denial-of-service (DoS) bug. The networking hardware manufacturer already assembled a list of more than 80 products that are affected by the vulnerability. Many of them expect a fix by February ...
- macOS Mojave Privacy Bypass Flaw Allows Access to Protected Files
September 24, 2018
A security researcher shows on Mojave’s release day that Apple’s latest privacy protection implementations in macOS are not sufficiently strong. In a minute-long clip, Patrick Wardle shows that the security in the dark-themed macOS can be bypassed to reach sensitive user data, such as the information in the address book. Talking to BleepingComputer, Wardle says that he ...
- Adwind RAT Scurries By AV Software With New DDE Variant
September 24, 2018
A newly-discovered spam campaign is spreading the Adwind 3.0 remote-access tool (RAT) – and using a fresh take on the Dynamic Data Exchange (DDE) code-injection technique for anti-virus evasion. The spam campaign features two types of droppers that leverage a new variant to the already-known DDE code-injection attack on Microsoft Excel – enabling them to bypass ...
- New Virobot malware works as ransomware, keylogger, and botnet
September 21, 2018
A newly discovered malware strain is a multi-tasking threat that besides working as ransomware and encrypting users’ files, it can also log and steal their keystrokes, and add infected computers to a spam-sending botnet. This new threat is named Virobot and appears to be under development, and comprised of multiple components that allow it to work ...
- Major Irish utility networks vulnerable to cyber attacks set to have security increased
September 19, 2018
Our water supplies, electricity and gas grids and phone networks are all vulnerable to cyber-attacks from tech-terrorists and are about to have their security beefed-up. That is because all of our utilities and essential State services are in some way or another reliant on digital technology, which in turn makes them vulnerable to digital attack. Minister Denis ...
- Cybercrime: Ransomware remains a ‘key’ malware threat says Europol
September 18, 2018
Targeted attacks replace spam campaigns, but Europol’s annual cybercrime report also warns that cryptojacking malware “may overtake ransomware as a future threat”. Ransomware remains the top malware threat to organisations, causing millions of dollars of damage and remaining a potent tool for cyber criminals and nation-state attackers. The rise of highly targeted file-locking malware campaigns and the ...