Russians are posing as Signal support to launch phishing attacks

Summary

Infosec In Brief Russian intelligence-affiliated parties are posing as customer support services on commercial messaging applications such as Signal to compromise accounts and conduct phishing attacks, the FBI and Cybersecurity and Infrastructure Security Agency (CISA) warned last Friday. The attacks target people with high intelligence value, like former government officials, military figures, politicians, and even journalists [We’re flattered – Ed] have snared thousands of individual accounts, allowing the Russians to read and send messages, and gather info from contact lists. The attackers send messages advising users of "suspicious activity" related to their accounts and urge clicking a link to conduct a verification process. Once victims click, the baddies connect their accounts to the victim's, or completely take over the account if the user is daft enough to submit credentials or a 2FA code. Signal remains a highly secure way to exchange messages, but not even the best end-to-end encryption can stop intruders if users invite them in. The FBI and CISA offer standard anti-phishing recommendations in their brief about the attacks. Uncle Sam seizes four domains used for Iranian psyops The US Department of Justice has seized domains associated with the Iran-linked group behind the cyberattack on med-tech firm Stryker. These websites, the feds say, were used to incite violence and claim credit for disrupting the US med-tech firm's operations. The domains were Justicehomeland[.]org, Handala-Hack.[to], Karmabelow80[.]org and Handala-Redwanted[.]to. The attack in question hit US med-tech firm Stryker through a hole in Microsoft Intune, wiping out information on employees' devices. Iranian hacktivist group Handala, considered to be a front for the nation’s Ministry of Intelligence and Security (MOIS), claimed credit for the Stryker attack on one of the sites, Handala-hack[.]to. Operators of the sites also used them to doxx members of the Israeli Defense Forces (IDF), a...