Security News > 2022 > April > Ukraine Warns of Cyber attack Aiming to Hack Users' Telegram Messenger Accounts
Ukraine's technical security and intelligence service is warning of a new wave of cyber attacks that are aimed at gaining access to users' Telegram accounts.
"The criminals sent messages with malicious links to the Telegram website in order to gain unauthorized access to the records, including the possibility to transfer a one-time code from SMS," the State Service of Special Communication and Information Protection of Ukraine said in an alert.
The attacks originate with Telegram messages alerting recipients that a login had been detected from a new device located in Russia, urging the users to confirm their accounts by clicking on a link.
The URL, in reality a phishing domain, prompts the victims to enter their phone numbers as well as the one-time passwords sent via SMS that are then used by the threat actors to take over the accounts.
The modus operandi mirrors that of an earlier phishing attack that was disclosed in early March that leveraged compromised inboxes belonging to different Indian entities to send phishing emails to users of Ukr.net to hijack the accounts.
CERT-UA attributed the attack to Armageddon, a Russia-based threat actor with ties to the Federal Security Service that has a history of striking Ukrainian entities since at least 2013.
News URL
https://thehackernews.com/2022/04/ukraine-warns-of-cyber-attack-aiming-to.html
Related news
- Bybit Hack Traced to Safe{Wallet} Supply Chain Attack Exploited by North Korean Hackers (source)
- Blind Eagle Hacks Colombian Institutions Using NTLM Flaw, RATs and GitHub-Based Attacks (source)
- ⚡ THN Weekly Recap: Router Hacks, PyPI Attacks, New Ransomware Decryptor, and More (source)
- GitHub Action hack likely led to another in cascading supply chain attack (source)