this post was submitted on 23 Feb 2025
44 points (100.0% liked)

Privacy

10 readers
39 users here now

Protect your privacy in the digital world

Welcome! This is a community for all those who are interested in protecting their privacy.

Rules

PS: Don't be a smartass and try to game the system, we'll know if you're breaking the rules when we see it!

  1. Be nice, civil and no bigotry/prejudice.
  2. No tankies/alt-right fascists. The former can be tolerated but the latter are banned.
  3. Stay on topic.
  4. Don't promote proprietary software.
  5. No crypto, blockchain, etc.
  6. No Xitter links. (only allowed when can't fact check any other way, use xcancel)
  7. If in doubt, read rule 1

Related communities:

founded 3 months ago
MODERATORS
fxomt@lemmy.dbzer0.com
otter@lemmy.ca
shaytan@lemmy.dbzer0.com
fxomt@piefed.social
44
Warning over privacy of encrypted messages as Russia targets Signal Messenger (www.computerweekly.com)
submitted 5 days ago* (last edited 5 days ago) by fxomt@lemmy.dbzer0.com to c/privacy@lemmy.dbzer0.com
4 comments fedilink hide all child comments
 

A lot of people seem to be confused so to clear up: They haven't broken encryption. They are phishing using malicious QR codes.

Russia-backed hacking groups have developed techniques to compromise encrypted messaging services, including Signal, WhatsApp and Telegram, placing journalists, politicians and activists of interest to the Russian intelligence service at potential risk.

Google Threat Intelligence Group disclosed today that Russia-backed hackers had stepped up attacks on Signal Messenger accounts to access sensitive government and military communications relating to the war in Ukraine.

Analysts predict it is only a matter of time before Russia starts deploying hacking techniques against non-military Signal users and users of other encrypted messaging services, including WhatsApp and Telegram.

top 4 comments
sorted by: hot top controversial new old
[–] Draconic_NEO@lemmy.dbzer0.com 20 points 5 days ago* (last edited 5 days ago)

This is a Phishing attack, just so we're clear, they haven't broken the encryption. They gain access by tricking you into clicking malicious links or scanning fake QR codes. As long as you stay vigilant you should be fine, make sure to warn other people in your life though who might not be as keen on this though, they can easily be compromised, and if they share conversations with you it can indirectly affect you if they are.

[–] jol@discuss.tchncs.de 12 points 5 days ago

Clearly the solution is giving back doors only to the government.

[–] SARGE@startrek.website 11 points 5 days ago

Before I even read: it's phishing, and it's nothing new. There's no evidence supporting anyone has broken this level of E2EE.

After reading: oh look. Surprise. This is my surprised face.

This just screams of "we want backdoors to be forced into encrypted things so we have even more control"

[–] empireOfLove2@lemmy.dbzer0.com 9 points 5 days ago

Security is only as good as it's weakest link, which is almost always the end user. These attacks do not compromise Signal the protocol (e.g seeing in-flight data), they are focusing on hijacking account information to gain access.