Close Menu
  • Home
  • News
  • Cyber Security
  • Internet of Things
  • Tips and Advice

Subscribe to Updates

Get the latest creative news from FooBar about art, design and business.

What's Hot

Hijacked npm and Go Packages Use VS Code Tasks to Deploy Python Infostealer

July 3, 2026

Over 300 UK Firms Hit by Ransomware in a Year

July 3, 2026

Ukraine Says Russian Intelligence Used Fake Support Texts to Steal Messaging Credentials

July 3, 2026
Facebook X (Twitter) Instagram
Friday, July 3
Facebook X (Twitter) Instagram Pinterest Vimeo
Cyberwire Daily
  • Home
  • News
  • Cyber Security
  • Internet of Things
  • Tips and Advice
Cyberwire Daily
Home»News»Ukraine Says Russian Intelligence Used Fake Support Texts to Steal Messaging Credentials
News

Ukraine Says Russian Intelligence Used Fake Support Texts to Steal Messaging Credentials

Team-CWDBy Team-CWDJuly 3, 2026No Comments2 Mins Read
Share Facebook Twitter Pinterest LinkedIn Tumblr Reddit Telegram Email
Share
Facebook Twitter LinkedIn Pinterest Email


The Security Service of Ukraine (SSU) said it, together with the U.S. Federal Bureau of Investigation (FBI), uncovered a long-running campaign orchestrated by Russian intelligence services to break into the messaging accounts of government officials, military personnel, politicians, and activists in Ukraine, Europe, and the U.S.

The systematic cyber attacks aimed at stealing sensitive information from the victims, the agency added.

“The goal of these ‘hacks’ is to gain access to sensitive military, political, and economic information exchanged by users, as well as to steal their personal data,” the agency warned in a post shared on Telegram.

To pull off the operation, the attackers send SMS messages that masquerade as the messaging platform’s support bot and urge users to disclose their account credentials. 

The SSU noted that these attacks include not only organizations, officials or public figures, but also personal accounts belonging to Ukrainian nationals. It did not attribute the campaign to a specific hacking group.

However, similar attack waves directly aimed at Signal and WhatsApp messaging app users have been attributed to Russian threat activity clusters tracked as Star Blizzard, UNC5792 (aka UAC-0195), and UNC4221 (aka UAC-0185).

To counter the risk posed by such threats, it’s advised to periodically review active messaging app sessions and log out of unknown connections, enable two-factor authentication, refrain from scanning QR codes received from unknown users, not disclose confirmation codes, PIN codes, passwords, and account recovery keys, and click on suspicious links or open files from unknown or dubious chats.

The development comes as the FBI attributed Russian Intelligence Services (RIS) cyber threat actors to an ongoing commercial messaging application (CMA) phishing campaign aimed at high-value targets to deceive them into handing over their backup recovery keys.

Late last month, the Computer Emergency Response Team of Ukraine (CERT-UA) attributed to the Belarus-aligned threat actor known as UNC1151 (aka Ghostwriter and UAC-0057) a spear-phishing campaign that targeted government organizations using compromised accounts to deliver an information stealer called OYSTERBLUES.



Source

Share. Facebook Twitter Pinterest LinkedIn Tumblr Email
Previous ArticleAlleged Scattered Spider Member Extradited to US
Next Article Over 300 UK Firms Hit by Ransomware in a Year
Team-CWD
  • Website

Related Posts

News

Hijacked npm and Go Packages Use VS Code Tasks to Deploy Python Infostealer

July 3, 2026
News

Over 300 UK Firms Hit by Ransomware in a Year

July 3, 2026
News

Alleged Scattered Spider Member Extradited to US

July 2, 2026
Add A Comment
Leave A Reply Cancel Reply

Latest News

North Korean Hackers Turn JSON Services into Covert Malware Delivery Channels

November 24, 202522 Views

macOS Stealer Campaign Uses “Cracked” App Lures to Bypass Apple Securi

September 7, 202517 Views

North Korean Hackers Target Crypto Firms with ClickFix and Zoom Lures

April 29, 202610 Views

Why SOC Burnout Can Be Avoided: Practical Steps

November 14, 20259 Views

Cyber M&A Roundup: Cyber Giants Strengthen AI Security Offerings

December 1, 20258 Views
Stay In Touch
  • Facebook
  • YouTube
  • TikTok
  • WhatsApp
  • Twitter
  • Instagram
Most Popular

North Korean Hackers Turn JSON Services into Covert Malware Delivery Channels

November 24, 202522 Views

macOS Stealer Campaign Uses “Cracked” App Lures to Bypass Apple Securi

September 7, 202517 Views

North Korean Hackers Target Crypto Firms with ClickFix and Zoom Lures

April 29, 202610 Views
Our Picks

Don’t let “back to school” become “back to bullying”

September 11, 2025

What it takes to fool facial recognition

March 14, 2026

Children and chatbots: What parents should know

January 23, 2026

Subscribe to Updates

Get the latest news from cyberwiredaily.com

Facebook X (Twitter) Instagram Pinterest
  • Home
  • Contact
  • Privacy Policy
  • Terms of Use
  • California Consumer Privacy Act (CCPA)
© 2026 All rights reserved.

Type above and press Enter to search. Press Esc to cancel.