[ad_1]
Signal is one of the most secure and privacy-conscious messaging apps available on the market, but not even it is completely invulnerable. In the past few hours it has emerged that an attack on its authentication service, managed by an external company, compromised approximately 1,900 user accounts. Fortunately, the damage is limited.
The service in question is called Twilio, e the attack was already discovered (and reported) several days ago – to be precise, the news dates back to 8 August. Twilio says that through a social engineering campaign, the hackers were able to access the management console of the customer support service. The campaign was not particularly original: messages to current and former employees who appeared to be from the IT department warning that their password had expired, complete with a fake link to change it. Unfortunately, it is always the same story: it is enough for a person to “fall for it” to compromise the entire infrastructure.
The good news, we said at the beginning, is that hackers have managed to bite very little. As Signal doesn’t keep copies of chat history, contacts or profile info, essentially apart from the phone number nothing else has leaked. Interestingly, the hackers conducted specific searches for three numbers, thus suggesting that it was a targeted attack.
Signal and Twilio have already started alerting everyone the telephone numbers involved in the attack. Signal will disable app registration on all devices connected to those accounts and force the user to repeat the pairing procedure. It is worth pointing out that Twilio cooperated immediately in the investigation and moved as quickly as possible.
[ad_2]
Source link
