Russia-aligned hackers are targeting Signal users with device-linking QR codes
1 min read
Summary
According to reports from Google’s Threat Intelligence Group, Russian agents are attempting to manipulate users of the encrypted messaging app Signal into linking their devices in order to circumvent surveillance.
The continued invasion of Ukraine is thought to be driving Russia’s desire to find a way round Signal’s encryption.
To achieve this, hackers are using a technique known as social engineering, which involves the use of malicious ‘linking’ QR codes, posted by Russia-aligned actors, posing as group invites, security alerts, or Ukrainian military applications.
Furthermore, it is claimed that Russian state hacking group Apt44, within Russia’s military intelligence (GRU), has been working to help Russian invasion forces link Signal accounts to devices confiscated on the battlefield for future exploitation.
