Signal messenger accused of inaction in the face of Russian cyber threats
12 March 2025 09:42
The National Security and Defense Council of Ukraine has accused the Signal messenger of refusing to cooperate with law enforcement agencies, which complicates the fight against enemy cyberattacks. This was reported by the specialized publication Dev.ua, according to
The statement was made by Deputy Secretary of the National Security and Defense Council Serhiy Demediuk during an international cybersecurity forum in Kyiv.
As explained by the NSDC, after the arrest of Pavel Durov in Paris, Telegram began to cooperate with government and law enforcement agencies, which forced Russian cybercriminals to switch to Signal. The lack of interaction between the messenger and law enforcement makes it difficult to detect and neutralize attacks.
“The company’s inaction impairs its ability to counter Russian threats. We hope that Signal will heed our call,” emphasized Sergiy Demediuk.
The forum is also discussing how to improve coordination between countries in the field of cyber defense, as well as the need to focus not only on defense but also on active measures to counter threats. According to the experts, it should take no more than 40 minutes to effectively stop hackers’ activities, which requires a prompt response and coordinated action by the international community.
Signal messenger was attacked by Russian hackers
Google’s Threat Intelligence Group reported that the APT44 hacker group (also known as Sandworm) and other hackers with ties to Russia have invented new ways to spy on Signal accounts used by the Ukrainian military and government officials.
As noted in a study by the Google Threat Intelligence Group, this is often done through malicious QR codes, as well as through devices captured on the battlefield. Google recommended that all Signal users update the app to the latest version.
20% of cyberattacks are now directed at Ukraine
The current stage of cyber warfare is marked by high-quality phishing campaigns targeting specific individuals of interest to Russia. This was stated at an international forum on cybersecurity by Serhiy Prokopenko, head of the National Coordination Center for Cybersecurity.
According to him, attacks are carried out not only on computers but also on mobile devices of the Ukrainian military and high-ranking officials. This allows access to critical data.
In addition, cyberattacks are being coordinated with military and information operations. For example, after massive missile attacks on Ukrainian cities, the next day there are reports of massive mining of infrastructure. Russia is also actively conducting disinformation campaigns, trying to create an image of Ukraine as an aggressor.
The role of cybercriminals, who are used by the Kremlin to its advantage, has increased significantly. For example, attacks on Ukrainian financial institutions are often carried out by groups that used to steal money and now work in the interests of Russian special services.
Ukraine will cooperate with the European Cyber Competence Center
The memorandum signed by the parties envisages strengthening collective cybersecurity, data exchange and joint counteraction to cyber threats.
The NSDC and the European Cyber Competence Center agreed to actively cooperate in detecting, analyzing and preventing cyber threats, which will help strengthen the cyber resilience of Ukraine and the European Union in the face of growing cyber threats.
