Search This Blog
Powered by Blogger.

Blog Archive

Labels

Footer About

Footer About

Labels

Load More
Trendy Right Now

Popular Posts

Showing posts with label WhatsApp hacking. Show all posts
WhatsApp hacking
AIVD MIVD warning cyber espionage Data Breach Russian Hackers Signal security breach social engineering attacks WhatsApp hacking

Russian Cyber Campaign Targets Signal and WhatsApp Users Through Social Engineering Tactics

 

Hackers believed to be linked to Russia are attempting to gain access to Signal and WhatsApp accounts of government officials, journalists, and military personnel worldwide—not by breaking encryption, but by manipulating users into giving up their access credentials.

This warning was issued on Monday by the Netherlands’ intelligence and military agencies, AIVD and MIVD, which reported a "large-scale" cyber operation focused on compromising accounts on these messaging platforms. Instead of attacking the apps’ end-to-end encryption, the campaign aims to take control of user accounts and discreetly monitor their communications.

According to the agencies, attackers directly contact targets through chats and convince them to share verification codes or PINs, effectively handing over account access. In certain instances, the hackers impersonate a Signal support bot to make their requests appear authentic. Once the code is provided, they can log in and view private messages or track group conversations without bypassing encryption.

Another technique involves exploiting Signal’s “linked devices” feature, which allows multiple devices to connect to one account. If attackers successfully link their own device, they can observe messages in real time. Dutch authorities confirmed that this campaign has already impacted individuals, including those within the Dutch government. "The Russian hackers have likely gained access to sensitive information," the AIVD and MIVD said, adding that "targets and victims of the campaign include Dutch government employees" as well as journalists.

Ironically, the strong encryption that makes these platforms popular among officials and reporters also increases their value as targets once an account is compromised. While end-to-end encryption secures messages during transmission, it offers no protection if an attacker gains direct access to the account.

A Meta spokesperson told The Register that users should never share their six-digit code with others and that it provides detailed advice on how WhatsApp users can protect themselves from scams.

Signal did not immediately respond to The Register’s inquiries. Meanwhile, Dutch authorities have issued a cybersecurity advisory and are helping affected users secure their accounts. They also highlighted warning signs of a potential breach, such as duplicate contacts appearing or numbers being marked as “deleted account” unexpectedly.

The broader takeaway from intelligence officials is that while encrypted messaging apps are convenient, they are not designed for highly sensitive communication. As MIVD director Vice-Admiral Peter Reesink put it:

"Despite their end-to-end encryption option, messaging apps such as Signal and WhatsApp should not be used as channels for classified, confidential or sensitive information."

In essence, relying solely on the assumption that no one will request a verification code may not be sufficient for maintaining operational security.
Read more »
WhatsApp security alert
Cyber Fraud device pairing scam GhostPairing scam WhatsApp account hijack WhatsApp hacking WhatsApp security alert

Hackers Hijack WhatsApp Accounts Using ‘GhostPairing’ Scam Without Breaking Encryption

 

Cybersecurity experts have issued a warning after discovering a new method that allows hackers to take over WhatsApp accounts without compromising the app’s end-to-end encryption.

The attack, known as the GhostPairing scam, exploits WhatsApp’s legitimate device-linking feature. By manipulating users into unknowingly connecting their account to a device controlled by cybercriminals, attackers gain live access to private chats, images, videos, and voice messages. Once an account is compromised, hackers can impersonate the victim and message their contacts, enabling the scam to spread further.

The process begins when a target receives a message that appears to be sent by someone they trust. The message includes a link, often claiming to display a photo of the recipient. Clicking the link redirects the user to a fake Facebook login page that asks for their phone number.

Instead of displaying any image, the page triggers WhatsApp’s device-pairing process by showing a code and instructing the victim to enter it into the app. By doing so, the user unknowingly authorises an unfamiliar device to link with their account. This gives attackers full access without the need for passwords or additional verification.

The scam was identified by researchers at cybersecurity company Avast, who say it is particularly dangerous due to its ability to spread rapidly in a chain-like manner.

“This campaign highlights a growing shift in cybercrime: breaching people's trust is as important as breaching their security systems,” Luis Corrons, a Security Evangelist at Avast, told The Independent.

“Scammers are persuading people to approve access themselves by abusing familiar mechanisms like QR codes, pairing prompts, and ‘verify on your phone’ screens that feel routine.

“Scams like GhostPairing turn trust into a tool for abuse. This isn’t just a WhatsApp issue. It’s a warning sign for any platform that relies on fast, low-visibility device pairing.”

In a blog post explaining the scam, Avast cautioned that many victims may not even realise their accounts have been hijacked. WhatsApp users can review connected devices by opening Settings and tapping Linked Devices. Any unfamiliar device should be removed immediately.

“At Avast, we see this as a turning point in how we think about authentication and user intent,” Mr Corrons said.

“As attacks grow more manipulative, security must account not just for what users are doing intentionally, but also what they’re being tricked into doing. GhostPairing shows that when trust becomes automatic, it becomes exploitable."
Read more »
Subscribe to: Comments (Atom)