Threat Intelligence, Application security

CISA: Messaging apps besieged by spyware

Securing messaging apps

Cybernews reports that numerous threat operations were noted by the Cybersecurity and Infrastructure Security Agency to have been targeting high-profile U.S., European, and Middle Eastern users of WhatsApp, Telegram, Signal, and other messaging apps with commercial spyware.

Advanced attack techniques, including phishing, illicit QR codes, zero-click exploits, and messaging app spoofing, have been leveraged by malicious actors to spread spyware and facilitate further malware deployment primarily against current and former government, military, and political officials, as well as individuals belonging to civil society organizations, according to a CISA alert.

Multiple spyware intrusions have been associated with nation-state hackers, with Russian threat groups Turla and Sandworm reported by Google Threat Intelligence Group researchers to have leveraged Signal's "linked devices" functionality to compromise Ukrainian soldiers' communications. Meanwhile, intensified WhatsApp-related spyware attacks, including those involving Israeli spyware vendor Paragon, have prompted a federal ban on WhatsApp usage among members of Congress.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.

You can skip this ad in 5 seconds