Russian intelligence agencies attacked the messaging apps used by government officials and military personnel in Ukraine
Russian intelligence agencies carried out systematic cyberattacks on the messaging apps of officials, military personnel, politicians, and activists from Ukraine, Europe, and the United States.
According to Ukrainian intelligence, the attacks were aimed at gaining access to confidential military, political, and economic information, as well as stealing users’ personal data.
The SBU notes that Russian cyber groups used various hacking methods, including:
phishing SMS messages purportedly from “customer support”;
impersonating official bots and services;
and psychological pressure through mass messages sent in the morning when users are less attentive.
Such messages often contained fake requests to verify accounts or change access settings.
The SBU emphasized that the attacks are aimed not only at government agencies and the military, but also at ordinary Ukrainian accounts, which could become part of a broader data collection scheme.
Citizens are advised to follow basic cyber hygiene rules:
check active sessions in messaging apps and log out of unknown connections;
enable two-factor authentication;
use complex PINs and passwords;
do not share verification codes or access keys;
do not click on suspicious links, even if they come from people you know;
do not open unknown files or scan QR codes from unverified sources.
The SBU emphasizes that cyber threats from Russia remain systemic and target a wide range of users.
This was reported by the SBU, which uncovered these activities in collaboration with the U.S. FBI.
Previously, Russian hackers had compromised the accounts of real users on the social network Bluesky and published disinformation on their behalf.
As a reminder, the Russian hacking group Fancy Bear, which is linked to Russian military intelligence, hacked more than 280 email accounts belonging to government and military institutions in NATO countries and the Balkans.
Prior to this, hackers gained access to data from the booking website Booking.com, the company reported. The attackers were able to obtain information about customers’ reservations, and some users received emails on Sunday notifying them of a possible data breach.
