Russia Signals Pro-Ukrainian QR Code

Tech and Innovation
,
1

Concise Summary:
Google has warned of a new phishing technique used by Russian hackers to steal messages from Ukrainian soldiers using Signal. These attackers are targeting users through fake QR codes that, when scanned, link their devices to malicious servers. The malicious code then intercepts all communication on the victim’s device and delivers it to the attacker. Google alerted the Signal Foundation two months ago about this threat, and Signal has now released updates for iOS and Android that help prevent this attack. The technique highlights the ongoing use of Ukraine as a testing ground for Russian cyberattacks, which are designed to be deployed globally. Users should avoid scanning QR codes from unknown sources, especially those related to messaging apps like Signal.

Key Points:

  • Here are 5 key points from the provided text:.
    • Russian state-linked hackers are using fake QR codes to trick Ukrainians and other Signal users into granting access to their messages.
    • These hackers, identified as UNC5792 and UNC4221, exploit a Signal feature allowing group invites via QR code scanning.
    • The QR codes used in the phishing attack contain malicious JavaScript code that links victims’ devices to a hacker’s server.
    • Google has issued warnings about this technique to both the Signal Foundation and users, urging them to be vigilant against phishing attempts.
    • The stolen data can then be read in real-time by the threat actor who now has access to the victim’s messages.

Archive Links:
12ft: https://12ft.io/https://www.wired.com/story/russia-signal-qr-code-phishing-attack/
archive.org: A Signal Update Fends Off a Phishing Technique Used in Russian Espionage | WIRED
archive.is: https://archive.is/https://www.wired.com/story/russia-signal-qr-code-phishing-attack/
archive.ph: https://archive.ph/https://www.wired.com/story/russia-signal-qr-code-phishing-attack/
archive.today: https://archive.today/https://www.wired.com/story/russia-signal-qr-code-phishing-attack/

Original Link: https://www.wired.com/story/russia-signal-qr-code-phishing-attack/

User Message: Only saw the “not cooperating with Ukraine” thing on shady no-rep site.

Conversely, I’ve seen this:

Which seems pretty pro-Ukraine to me

For more on bypassing paywalls, see the post on bypassing methods