- Dutch intelligence warns of Russian cyber-espionage efforts
- Hackers target Signal and WhatsApp via social engineering
- Campaign likely already yielded sensitive information
The General Intelligence and Security Service (AIVD), the Netherlands’ primary civilian intelligence and security agency, has warned of a major ongoing cyber-espionage campaign by Russian spies.In a security advisory, AIVD said it had seen Russian state-sponsored hackers engaging in a “large-scale global cyber campaign” targeting dignitaries, military personnel, and civil servants, including Dutch government employees. Other high-value individuals, such as journalists could also be targeted, it was said.
Intel already taken
The strategy is social engineering, and the goal is to gain access to their targets’ Signal and WhatsApp accounts. Instead of looking for software vulnerabilities, the crooks are trying to persuade their victims into sharing security verification- and pincodes. The two most common approaches are either to spoof the Signal Support chatbot, or to try and take advantage of the “linked devices” function.This function lets multiple devices be connected to the same account, allowing the spies to read the conversations without alerting the victims in any way. AIVD believes the campaign is already a success: “The Russian hackers likely gained access to sensitive information through this campaign,” it said, although it did not detail if they accessed it from Dutch targets or someone else entirely.In the advisory, AIVD also says the Russians are most likely interested in Signal and WhatsApp because of their good reputation. “Signal is renowned as a reliable and independent communication channel which offers end-to-end encryption. This makes it an attractive channel for use within governments wishing to protect their internal communication. It also makes it the ideal place for malicious actors to try to capture sensitive information.”That’s why MIVD Director, vice-admiral Peter Reesink, advises against using these tools for classified, confidential, or sensitive information sharing. We would add that it would be wise not to share access to your apps with anyone, especially if you’re in a sensitive position.Via The Register
