Portugal’s secret services (SIS) has sounded the alert today over a global campaign underway, sponsored by ‘a foreign state’, to access the WhatsApp/ Signal accounts of MPs, diplomats and the military in order to obtain ‘sensitive information’.
In a communiqué, SIS explains that “the attackers try to get users of the platforms to share data, like passwords” so that they can access individual and group chats, files “or even launch new phishing campaigns” targeting users’ contacts. (Phishing is ‘the fraudulent practice of sending emails or other messages purporting to be from reputable companies in order to induce individuals to reveal personal information. They can involve sending QR codes – a tactic known as ‘Quishing’).
According to SIS, the targets of these operations are “executive decision-makers in the government, diplomatic, and military sectors, as well as members of civil society with access to privileged information of national and allied origin.”
“This campaign does not mean that WhatsApp or Signal have been compromised, nor that the two platforms are vulnerable,’ SIS stresses: “Attackers are merely exploiting the potentially less cautious use by users who trust the encryption tools of the two applications that have become popular as a secure means of communication.”
To deflect attack, SIS recommends measures such as verifying the authenticity of all interactions with new contacts; not sharing account credentials and verification codes; not allowing unauthorised additions to WhatsApp or Signal chat groups; maximising security and privacy settings; and reporting all suspicious or hostile situations to the unit and cybersecurity.
SIS’ alert does not specify which foreign state is understood to be behind this campaign.
Source: https://sis.sirp.pt/alerta-de-ciberseguranca/
