惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

WordPress大学
WordPress大学
Microsoft Security Blog
Microsoft Security Blog
Security Archives - TechRepublic
Security Archives - TechRepublic
V
Visual Studio Blog
宝玉的分享
宝玉的分享
IT之家
IT之家
人人都是产品经理
人人都是产品经理
T
The Blog of Author Tim Ferriss
I
InfoQ
B
Blog RSS Feed
T
Threatpost
博客园_首页
M
MIT News - Artificial intelligence
Spread Privacy
Spread Privacy
cs.CL updates on arXiv.org
cs.CL updates on arXiv.org
Know Your Adversary
Know Your Adversary
U
Unit 42
Engineering at Meta
Engineering at Meta
C
Cyber Attacks, Cyber Crime and Cyber Security
月光博客
月光博客
Scott Helme
Scott Helme
T
Tor Project blog
有赞技术团队
有赞技术团队
AWS News Blog
AWS News Blog
让小产品的独立变现更简单 - ezindie.com
让小产品的独立变现更简单 - ezindie.com
Last Week in AI
Last Week in AI
S
Schneier on Security
Vercel News
Vercel News
博客园 - Franky
C
Cybersecurity and Infrastructure Security Agency CISA
L
LINUX DO - 热门话题
NISL@THU
NISL@THU
L
LangChain Blog
爱范儿
爱范儿
Google DeepMind News
Google DeepMind News
The GitHub Blog
The GitHub Blog
雷峰网
雷峰网
Latest news
Latest news
C
CXSECURITY Database RSS Feed - CXSecurity.com
Hugging Face - Blog
Hugging Face - Blog
Exploit-DB.com RSS Feed
Exploit-DB.com RSS Feed
www.infosecurity-magazine.com
www.infosecurity-magazine.com
G
GRAHAM CLULEY
S
Security Affairs
A
About on SuperTechFans
K
KPMG report finds enterprise disconnect between AI and its ROI | CIO
大猫的无限游戏
大猫的无限游戏
W
WeLiveSecurity
Cisco Talos Blog
Cisco Talos Blog
罗磊的独立博客

IC3.gov News

Internet Crime Complaint Center (IC3) Internet Crime Complaint Center (IC3) Internet Crime Complaint Center (IC3) Internet Crime Complaint Center (IC3) Internet Crime Complaint Center (IC3) Internet Crime Complaint Center (IC3) Internet Crime Complaint Center (IC3) Internet Crime Complaint Center (IC3) Internet Crime Complaint Center (IC3)
Internet Crime Complaint Center (IC3)
2026-06-27 · via IC3.gov News

The FBI and CISA are issuing this update to the , Public Service Announcement I-032026-PSA to provide additional information to the public and encourage device owners to take actions to protect themselves.

The FBI has identified multiple clusters of Russian Intelligence Services (RIS) cyber threat actors responsible for an ongoing commercial messaging application (CMA) phishing campaign against individuals of high intelligence value. Russian Federal Security Service (FSB) officers embedded with the FSB Border Guards and others working on behalf of the Russian military services continue to target current and former U.S. and international government officials, military personnel, political figures, journalists, and key officials located in Ukraine. RIS cyber threat actors have compromised individual CMA accounts, but not the CMA's encryption or the application itself. To date, this activity has been publicly tracked as UNC5792 and UNC4221.

RIS cyber threat actors continue to masquerade as automated CMA support accounts in updated phishing messages but have evolved their tactics to attempt to elicit victims' Backup Recovery Keys. RIS cyber threat actors continue to elicit victims' verification codes and account PINs (see Figure 1). If a targeted user backs up their CMA messages as directed in Figure 1 and later provides their Backup Recovery Key (see Figure 2), RIS cyber threat actors can view the account's historical messages, private and group messages, and take over the victim's account.

If a victim inadvertently shares their Backup Recovery Key, that same key remains valid even if they create a new account following the compromise using the same phone number. Consequently, the actor could potentially use the compromised key to take over the new account in the future as well.

To mitigate this risk, the user must generate a new Backup Recovery Key within the Settings control; this action will invalidate the previous key for all future backup downloads. However, please note that this does not prevent the actor from having already downloaded a backup of the original account.

For additional details on how cyber threat actors gain unauthorized access to CMA accounts and guidance to protect yourself from phishing campaigns, see the March 2026 Public Service Announcement I-032026-PSA.

Report It

If you or someone you know has fallen victim to this phishing campaign, file a complaint with IC3, report it to your local FBI field office, to CISA via the agency's Incident Reporting System or its 24/7 Operations Center (report@cisa.gov) or by calling 1-844-Say-CISA (1-844-729-2472). For additional information, see the FBI's guidance on Spoofing and Phishing. Additionally, see CISA's "Spyware Allows Cyber Threat Actors to Target Users of Messaging Applications | CISA," "Phishing Guidance: Stopping the Attack Cycle at Phase One" and "Mobile Communications Best Practice Guidance."

Signal is here

Recently, attempts to hack users of our messenger with the connection of third-party devices to the account have become more frequent.

An investigation conducted jointly with the US government and European partners revealed that the attacks on accounts were carried out by hackers from Iran and post-Soviet countries.

In this regard, Signal updates Terms of Service & Privacy Policy, and introduces Mandatory Two-factor Verification for users.

Not to lose your messages and media, set up your Signal Backup (Settings -> Backups -> Enable backups -> View recovery key -> Copy to clipboard -> Next -> Enter the recovery key -> Next -> Continue -> Choose your backup plan).

Click the "Accept" button in the pop-up and stay tuned for security updates on our messenger.

Stay safe and thank you for using the most secure messenger with end-to-end encryption.

If you have any questions, send /help

Figure 1: Sample Phishing Message 1

Action Required: Data Recovery Needed

Your Signal Account data (messages and media) is at risk of permanent loss due to a sync issue.

To avoid losing your messages and media:

  1. Go to Settings -> Backups -> Configure -> Enable Backups -> View Recovery Key.
  2. Copy the recovery key to your clipboard.
  3. Paste the key into this chat.

This links your existing backup to your account. Failure to do this may result in losing access to your account and all stored data.

Figure 2: Sample Phishing Message 2