"In an announcement on Friday, the government stated that Signal comes with security risks, including social engineering attacks orchestrated by advanced persistent threat (APT) groups. "National-level Computer Security Incident Response Teams (CSIRTs) have identified phishing campaigns conducted by APT groups linked to hostile state agencies," the announcement says. "These attacks target, among others, public figures and government employees.""
"Offering examples of these social engineering campaigns, the government said attackers impersonate Signal support staff and abuse this perceived trust to take over victims' accounts. Attackers trick users into opening malicious links by sending messages designed to create a sense of urgency, such as those supposedly informing them of their account being blocked. Successful attempts can expose victims' phone numbers and, crucially, messages sent between government officials, potentially threatening national security."
"A more detailed advisory cited "recent security incidents" related to Signal as reasons for the change. It didn't specify what these recent attacks were, or even who was behind them, but it can be reasonably assumed that the Polish government was indirectly referencing Russia's phishing attempts against both Signal and WhatsApp, which were revealed in March."
"Dutch intelligence agencies AIVD and MIVD reported a "large-scale" campaign targeting their own government officials, noting that some attacks were successful. "The Russian hackers have likely gained access to sensitive information," the AIVD and MIVD s"
Poland’s government has directed public officials and entities within the National Cybersecurity System to stop using Signal and switch to an encrypted messenger developed by a leading Polish research organization. The government cited security risks tied to social engineering attacks carried out by advanced persistent threat groups. National-level CSIRTs identified phishing campaigns linked to hostile state agencies that target public figures and government employees. Attackers impersonate Signal support staff, use urgency-themed messages such as claims of blocked accounts, and trick users into opening malicious links. Successful attacks can reveal phone numbers and messages exchanged between government officials, creating national security concerns. The government referenced recent security incidents without naming them or attributing responsibility.
Read at theregister
Unable to calculate read time
Collection
[
|
...
]