This time, Signal, one of the world’s most used messaging apps and one of the most vigilant and secure in terms of privacy protection, has been targeted by hackers, attacking its authentication service operated by an external company. Let’s find out what it was.
luckily i am Damage was few and limited. But also signalOne of the most used messaging apps in the world and also one of the most focused on security Confidentiality Occurred in the grip of its users Hacker Those who attacked its authentication service, which is operated by an outside US company Twilio.
And succeeded, the attack – announced last August 15 by signal – was partially compromised 1.900 accountConducted through a fake campaign the message Intended for Twilio and Signal staff who need to update password Their account, with a link “Accused”.
The messages appear to be from IT Department of the company and therefore, the first unfortunate person who performed the requested operation, the hackers were able to access Customer service management console Obviously, to conduct specific research Especially 3 users.
Compromises made by hackers: A lot of fear but luckily little damage
So it would seem that a target attackEdited on August 4th, confirmed by Twilio 3 days later and publicly announced on August 15th by Signal, which reported the number. 125 users involvedWith the same company account.
As it turns out, only the data hackers will be able to withhold from compromised accounts Telephone number connected to them, and this is due to the fact that the signal does not keep storage Personal Information Profiles of users, of Introduction or of chronology Chat
So are both companies Intervene immediately All compromised phone numbers and Signal alerted that it was in the process Deactivation of registration in service on all devices connected to it. To return to using the app, users must then repeat the procedure association.
Source: www.hdblog.it
