Ukrainian officials targeted via Signal app

Attackers attempted to utilize Signal messaging to infect Ukrainian civil service officials and military personnel, the State Special Communications Service of Ukraine (SSSCIP) has reported.

The targeted cyberattack focuses on Ukrainian civil service officials, military servicemen and defense sector company employees, SSSCIP warned. Interestingly, malicious actors were utilizing Signal to distribute malware.

According to SSSCIP, Signal is commonly used among the Ukrainian military. Security experts have lauded the app for taking extra measures to safeguard user privacy, when compared to other messaging platforms.

The authorities claim that victims receive a message with an archive, a password to access it and a request to open the file on a PC. The malicious message often comes from “a compromised account of a person from the victim's contact list or shared groups may be used to increase the credibility of such messages.”

The archive contains executable files which infect the computer with DarkCrystal RAT (remote access trojan) malware after being launched.

DarkCrystal RAT malware is often used against targets in Ukraine. Last year, a Ukrainian utility company was breached after installing a DarkCrystal-infected pirated version of Microsoft Office.

More from Cybernews:

The kebab you ordered is leaking your data

Kickstarter star leaks over half a million records with clients' data

NYC planning regulations on what kids see on social media feeds

Motorola unveils Edge smartphone with lower price and larger battery

Millions of Cox WiFi routers were sitting ducks for hackers, researcher demonstrates

Subscribe to our newsletter

Leave a Reply

Your email address will not be published. Required fields are markedmarked