The encrypted messaging app Signal has stopped responding to requests from Ukrainian law enforcement regarding Russian cyberthreats, a Ukrainian official claimed, warning that the shift is aiding Moscow’s intelligence efforts.
Russia was caught running a bunch of side channel and phishing attacks using malicious QR codes. Presumably signal could help track these patterns in terms of time and place, to help isolate where espionage activity was occuring.
Malicious QR codes were used to establish a separate device as a ‘linked device’ which would allow the attacker to receive and read Signal messages sent to and from the target
Russia was caught running a bunch of side channel and phishing attacks using malicious QR codes. Presumably signal could help track these patterns in terms of time and place, to help isolate where espionage activity was occuring.
Except Signal should not have that data. They claim they do not log that information, so it should be impossible for them to do that.
Unless signal is lying, that’s not something they can do.
Malicious QR codes were used to establish a separate device as a ‘linked device’ which would allow the attacker to receive and read Signal messages sent to and from the target
This tracks. Signal claims to have your phone number and logs on the last time that number accessed the service.
They could not generate new access codes via Twilio when certain patterns are detected and still be within that known data.