messaging apps Archives

AppWizard

February 20, 2025

Russian Groups Target Signal Messenger in Spy Campaign

Multiple Russian threat groups are targeting the Signal Messenger application, focusing on individuals likely to engage in sensitive military and governmental communications during the conflict in Ukraine. Researchers from Google's Threat Intelligence Group have identified these attacks as primarily aimed at individuals of interest to Russian intelligence services. The two main cyber-espionage groups involved are UNC5792 (tracked by Ukraine's CERT as UAC-0195) and UNC4221 (UAC-0185). Their goal is to deceive victims into linking their Signal accounts to devices controlled by the attackers, granting access to incoming messages. UNC5792 uses invitations that resemble legitimate Signal group invites with malicious QR codes, while UNC4221 employs a phishing kit that mimics Ukraine's Kropyva app and includes harmful QR codes on fake sites. Other Russian and Belarusian groups, including Sandworm (APT44) and Turla, are also targeting Signal Messenger in various ways, such as stealing messages from databases or local storage. Additionally, Belarus-linked group UNC1151 uses the Robocopy tool to duplicate Signal messages for future theft. The increased activity against Signal reflects a broader interest in secure messaging apps used by individuals in espionage and intelligence roles. These apps' strong security features make them attractive to at-risk individuals and communities but also high-value targets for adversaries. Russian groups are also targeting Telegram and WhatsApp, with a recent report detailing attacks by the Russian group Star Blizzard on WhatsApp accounts of government officials and diplomats.

AppWizard

February 18, 2025

You Can Now Text Yourself via RCS on Google Messages (and You Should)

Google Messages has introduced a beta feature that allows users to send messages to themselves using RCS (Rich Communication Services), which provides advantages over SMS, such as the ability to send longer texts and high-resolution media without compression. However, RCS messages sent to oneself currently lack encryption. If the feature is active on a device, users can simply text themselves, or they may need to enroll in the Google Messages beta program. Self-messaging offers convenience and the ability to synchronize messages and media across devices, but users concerned about security may consider using encrypted platforms like Signal for sensitive information.

AppWizard

February 18, 2025

‘Loophole’ in law on messaging apps leaves children vulnerable to sexual abuse, says NSPCC

Nearly 39,000 child sex abuse image crimes were documented in the past year, with approximately 38,685 crimes recorded in England and Wales during the 2023/24 period, averaging over 100 incidents per day. Snapchat was identified as the most frequently mentioned app in these cases, accounting for 50% of incidents, followed by Instagram (11%), Facebook (7%), and WhatsApp (6%). The NSPCC and other organizations are advocating for stronger enforcement of the Online Safety Act, citing concerns about a loophole that allows direct messaging services to remove harmful content only if deemed "technically feasible." The NSPCC expressed the need for proactive measures from platforms to prevent becoming "safe havens" for abusers, particularly highlighting risks associated with end-to-end encryption. A 13-year-old victim shared her distressing experience on Snapchat, where she was threatened after sending nude pictures to a stranger. NSPCC chief executive Chris Sherwood called for immediate government action, criticizing separate regulations for private messaging services that allow tech companies to evade responsibility. The Online Safety Act, passed in 2023, mandates social media companies to mitigate illegal and harmful content, but protective measures are still being implemented. Ofcom stated that most services should be capable of removing harmful content, while a government spokesperson reiterated the commitment to combat child sexual exploitation and abuse and to implement the Online Safety Act effectively.

AppWizard

February 16, 2025

Federal workers say they increasingly distrust platforms like Facebook

Federal employees are increasingly concerned about the security of traditional communication platforms and are migrating to encrypted messaging apps like Signal for personal and work-related discussions. This shift is driven by distrust in technology companies, particularly those perceived to have ties with the Trump administration, and fears that user data may be shared with the government. Employees have noted a change in workplace conversation dynamics, becoming more guarded and circumspect. Concerns have also been raised about the potential misuse of personal data, highlighted by past incidents involving companies like Meta. Many federal workers are seeking security tips through forums and adopting measures such as anonymous display names to protect their identities. The federal workforce consists of over 3 million individuals, indicating a significant portion of the U.S. labor market is affected by these privacy and data security concerns.

AppWizard

February 12, 2025

Russia uses messaging apps to recruit terrorists, Ukraine’s police says

Russian intelligence agencies are using digital platforms to recruit Ukrainian citizens for terrorism, targeting vulnerable individuals such as the young, unemployed, and those with antisocial lifestyles. Many recruits face death or imprisonment instead of receiving promised payments. Ukrainian authorities have recorded nine attempted terrorist attacks this year, believed to be orchestrated by Russian intelligence, aiming to destabilize Ukraine and undermine public trust in its security. Telegram is a favored platform for Russian operatives to recruit individuals for disinformation campaigns and cyberattacks. Additionally, a recent espionage initiative recruited Ukrainian teenagers under the guise of “quest games” to gather intelligence for Russian forces. In September, a local individual was arrested for setting up surveillance cameras for Russian intelligence, having been recruited via Telegram with promises of easy money.

AppWizard

February 11, 2025

WhatsApp could be among the first to support Google’s ‘Pixel Besties’ feature

Google is developing a feature called "Pixel Besties" to consolidate conversations from various messaging applications into a single interface. It is expected to debut with the upcoming Pixel QPR update, with WhatsApp likely being the first third-party app to participate. The feature may be part of a dedicated application called "Pixel Relationship," which could include a home screen widget for easy access. Users will be able to curate a list of important contacts, and all interactions with designated "Pixel Besties" will be aggregated in one space. The latest beta version of WhatsApp suggests a central hub for this feature, supported by a new API for communication between apps. Initially, it will integrate data from Google Messages and WhatsApp, with potential future additions from other platforms like Messenger.

AppWizard

February 5, 2025

Ukrainian competitor to Telegram: Bridge messenger with «panic button» and encryption

Discussions about potentially blocking Telegram in Ukraine led to the development of a domestic alternative called Bridge messenger, created by a team of four IT specialists from Lviv. Bridge is designed to compete with messaging apps like Telegram, WhatsApp, and Signal, featuring efficient data compression for low Internet conditions, a recommendation feed, and a user-friendly interface tailored for Ukrainians. Notable features include a panic button for data deletion, end-to-end encryption, temporary accounts for anonymity, and advanced automation for business processes. The project has consumed over 2,000 hours and nearly 0,000 in personal funding. Bridge's concept originated in summer 2024 due to power outages and communication issues, with its beta version launched on October 29, attracting over 5,000 testers. The full release is expected in the second quarter of 2025.

AppWizard

February 4, 2025

Remove These 12 Android Apps Now—They’re Secretly Capturing Your Conversations

Some Android applications are covertly monitoring conversations and collecting personal data without user consent. Cybersecurity firm ESET identified six malicious apps on Google Play and another six on third-party app stores that disguise themselves as legitimate messaging platforms. These apps harvest data such as text messages, call logs, and recorded conversations. Hackers also employ tactics like creating fake romantic connections to persuade victims to download infected apps, such as those containing the VajraSpy Trojan, which records conversations and accesses personal files. Three groups of dangerous apps include: 1. Messaging apps disguised as secure platforms (e.g., Hello Chat, MeetMe, Chit Chat) that steal contact information and SMS messages. 2. Apps exploiting accessibility features (e.g., Wave Chat) that can intercept messages and record phone calls. 3. A fake news app that seeks access to personal data without messaging capabilities. A list of malicious apps includes: Rafaqat, Privee Talk, MeetMe, Let’s Chat, Quick Chat, Chit Chat, YohooTalk, TikTalk, Hello Chat, Nidus, GlowChat, and Wave Chat. Six of these apps were downloaded over 1,400 times each before being removed from Google Play. To protect privacy, users are advised to uninstall suspicious apps, change passwords, enable two-factor authentication, run security scans, and stay informed about cybersecurity threats.

AppWizard

February 3, 2025

Delete These 12 Android Apps That Are Secretly Recording Your Conversations

Smartphones are essential in daily life but pose risks due to malicious applications that threaten privacy and security. ESET security researchers identified 12 Android apps that covertly record conversations and steal sensitive data, disguised as legitimate messaging platforms. These apps were distributed through a cyberespionage strategy that exploited the Google Play Store. Victims were initially lured through online romance scams, leading them to download apps for "secure communication," which then operated covertly. The malicious apps fall into three categories: 1. Basic Spyware: Apps that offer basic messaging features while secretly gathering personal information, including contacts and location data. 2. Advanced Interception: More sophisticated apps that intercept messages from platforms like WhatsApp and Signal, and can activate the microphone to record calls. 3. The “Innocent” App: Apps that appear benign, such as a news platform, but still request personal information and can access contacts. The 12 identified apps to delete include: Rafaqat, Privee Talk, MeetMe, Let’s Chat, Quick Chat, Chit Chat, YohooTalk, TikTalk, Hello Cha, Nidus, GlowChat, and Wave Chat. These apps were available on the Google Play Store and collectively had over 1,400 downloads before being removed. The main danger of these applications is their ability to operate silently, compromising user privacy by recording audio, tracking location, and stealing information without user awareness. Users are advised to uninstall these apps immediately and conduct security scans with reputable antivirus software. Caution is recommended when downloading apps, emphasizing the importance of using trusted sources and being skeptical of unsolicited recommendations.

AppWizard

December 24, 2024

Russian authorities reportedly weigh blocking messaging app calls

Russia's Digital Development Ministry and the federal censorship agency Roskomnadzor are considering changes to the regulation of voice calls through messaging apps to address rising fraud. They are evaluating a potential ban on such calls or restrictions on those originating from abroad, as around 40% of calls through these platforms are fraudulent, with 70% traced to foreign numbers. Telecom operators have expressed concerns about their inability to block these calls independently and are seeking collaboration with Roskomnadzor and messaging app developers. Roskomnadzor has the technological means to block calls if apps violate Russian law, but the Digital Development Ministry is not currently drafting regulations to restrict voice traffic on messaging apps and remains open to industry proposals.