B
ä»é±äž
FBIãšCISAã¯ããã·ã¢ã®è«å ±æ©é¢ïŒRISïŒãSignalãWhatsAppã®ããã¯ã¢ãããªã«ããªããŒãæšçãšãããã£ãã·ã³ã°æ»æãè¡ã£ãŠãããšèŠåããŸãã
ð äžèšã§ãããš
FBIãšCISAã¯ããã·ã¢ã®è«å ±æ©é¢ïŒRISïŒãSignalãWhatsAppã®ããã¯ã¢ãããªã«ããªããŒãæšçãšãããã£ãã·ã³ã°æ»æãè¡ã£ãŠãããšèŠåããŸãããæ»æè
ããã®ããŒãå
¥æãããšãã¢ã«ãŠã³ãã®ããã¯ã¢ããã埩å
ããŠã¡ãã»ãŒãžå±¥æŽãé²èŠ§ããã¢ã«ãŠã³ããä¹ã£åãããšãå¯èœã§ããäžåºŠæµåºããããŒã¯ãåãé»è©±çªå·ã§æ°ããã¢ã«ãŠã³ããäœæããŠãæå¹ã§ãããèšå®ããæ°ããããŒãçæããŠå€ãããŒãç¡å¹åããå¿
èŠããããŸãã
ð該åœå€å®
- æ¥åã§ã¡ãã»ãŒãžã¢ããªã®ãSignalããå©çšããŠãã
- Signalã®ãããã¯ã¢ãã埩æ§ããŒïŒRecovery KeyïŒããä¿åã»ç®¡çããŠãã
- SignalãWhatsAppãå©çšããŠãããäžå¯©ãªã¡ãŒã«ãã¡ãã»ãŒãžããèªå°ããããµã€ãã«æ å ±ãå ¥åããå¿åœããããã
äžèšãããã«ã該åœããªã â é芳ã§OK
â
該åœæã®å¯Ÿå¿
äžå¯©ãªã¡ãã»ãŒãžãããªã«ããªããŒãå
±æããªãããšãäžãäžæµåºããçããããå Žåã¯ãSignalã®èšå®ããæ°ãããªã«ããªããŒãçæããå€ãããŒãç¡å¹åããŠãã ããã
ð§ ã¡ãŒã«æ¡ãèŠã (瀟å¡åã + 管çè åã)
â ïž ãã㯠AI ãçæããåèäŸã§ããé
ä¿¡åã«å¿
ãå
容ãã確èªã®ããã貎瀟ã®ç¶æ³ã«åãããŠç·šéããŠãå©çšãã ãããå®éã®è¢«å®³ç¶æ³ãèªç€Ÿã®å©çšç°å¢ãèžãŸããå€æã¯ã貎瀟ã®ã»ãã¥ãªãã£è²¬ä»»è
ã«ã確èªãã ããã
件å: ã泚æåèµ·ãã¡ãã»ãŒãžã¢ããªïŒSignal/WhatsAppïŒã®ãªã«ããªããŒå
±æã«é¢ãã泚æã«ã€ããŠ
ãç²ãããŸã§ããæ å ±ã·ã¹ãã æ åœã§ãã
ãã·ã¢ã®æ»æè ããSignalãWhatsAppã®ãããã¯ã¢ãããªã«ããªããŒããçã¿åºããã¢ã«ãŠã³ããä¹ã£åãæ»æãè¡ã£ãŠããããšãå ±åãããŸããã
ãååããé¡ããããããš:
1. ã¢ããªã®ããªã«ããªããŒãããããã¯ã¢ããããŒããããããªãçç±ããã£ãŠã第äžè ã«æããªãã§ãã ããã
2. äžå¯©ãªã¡ãŒã«ãã¡ãã»ãŒãžã«èšèŒããããªã³ã¯ãããããŒã®å ¥åãæ±ããããå Žåã¯çµ¶å¯Ÿã«å¿ããªãã§ãã ããã
察å¿æé: æ¬æ¥äžïŒç¢ºèªããé¡ãããŸãïŒ
ãç²ãããŸã§ããæ å ±ã·ã¹ãã æ åœã§ãã
ãã·ã¢ã®æ»æè ããSignalãWhatsAppã®ãããã¯ã¢ãããªã«ããªããŒããçã¿åºããã¢ã«ãŠã³ããä¹ã£åãæ»æãè¡ã£ãŠããããšãå ±åãããŸããã
ãååããé¡ããããããš:
1. ã¢ããªã®ããªã«ããªããŒãããããã¯ã¢ããããŒããããããªãçç±ããã£ãŠã第äžè ã«æããªãã§ãã ããã
2. äžå¯©ãªã¡ãŒã«ãã¡ãã»ãŒãžã«èšèŒããããªã³ã¯ãããããŒã®å ¥åãæ±ããããå Žåã¯çµ¶å¯Ÿã«å¿ããªãã§ãã ããã
察å¿æé: æ¬æ¥äžïŒç¢ºèªããé¡ãããŸãïŒ
Subject: [Security Alert] Warning Regarding Signal/WhatsApp Recovery Keys
Hi everyone,
It has been reported that attackers are attempting to steal "Backup Recovery Keys" for Signal and WhatsApp to take over user accounts.
What we need you to do:
1. Never share your app recovery keys or backup keys with anyone, regardless of the reason.
2. Do not enter your recovery keys into any website or link provided in suspicious messages.
Deadline: Immediate
Hi everyone,
It has been reported that attackers are attempting to steal "Backup Recovery Keys" for Signal and WhatsApp to take over user accounts.
What we need you to do:
1. Never share your app recovery keys or backup keys with anyone, regardless of the reason.
2. Do not enter your recovery keys into any website or link provided in suspicious messages.
Deadline: Immediate
件å: ãå
±æããã·ã¢ç³»APTã«ããSignal/WhatsAppãªã«ããªããŒæšçæ»æã«ã€ããŠ
ãç²ãããŸã§ãããã·ã¢ã®è«å ±æ©é¢ïŒRISïŒã«é¢é£ããã¢ã¯ã¿ãŒïŒUNC5792, UNC4221ïŒã«ããæ°ææ³ã«é¢ããæ å ±å ±æã§ãã
â æŠèŠ
æ»æè ããã£ãã·ã³ã°ãéããŠSignalã®ããã¯ã¢ãããªã«ããªããŒãçªåããã¢ã«ãŠã³ãã®å®å šãªä¹ã£åãããã³ã¡ãã»ãŒãžå±¥æŽã®åŸ©å ãè¡ããã£ã³ããŒã³ã芳枬ãããŠããŸããç¹çãã¹ãã¯ãåäžé»è©±çªå·ã§ã¢ã«ãŠã³ããåäœæããŠãæ§ããŒãæå¹ã§ãããèšå®ããæ瀺çã«æ°ããŒãçæããªãéããªã¹ã¯ãç¶ç¶ããããšã§ãã
â 圱é¿ç¯å²
- Signal, WhatsApp å©çšãŠãŒã¶ãŒ
â 察å¿æé
1. ãŠãŒã¶ãŒã«å¯Ÿãããªã«ããªããŒã第äžè ã«å ±æããªãããåšç¥åŸ¹åºããã
2. ããŒæµåºã®çãããããŠãŒã¶ãŒã«ã¯ãèšå®ã¡ãã¥ãŒããæ°ãããªã«ããªããŒãçæãããæ§ããŒãç¡å¹åãããã
â åèæ å ±
- FBI/CISA Advisory PSA I-062626-PSA
察å¿åªå 床: é«
察å¿æé: éããã«
ãç²ãããŸã§ãããã·ã¢ã®è«å ±æ©é¢ïŒRISïŒã«é¢é£ããã¢ã¯ã¿ãŒïŒUNC5792, UNC4221ïŒã«ããæ°ææ³ã«é¢ããæ å ±å ±æã§ãã
â æŠèŠ
æ»æè ããã£ãã·ã³ã°ãéããŠSignalã®ããã¯ã¢ãããªã«ããªããŒãçªåããã¢ã«ãŠã³ãã®å®å šãªä¹ã£åãããã³ã¡ãã»ãŒãžå±¥æŽã®åŸ©å ãè¡ããã£ã³ããŒã³ã芳枬ãããŠããŸããç¹çãã¹ãã¯ãåäžé»è©±çªå·ã§ã¢ã«ãŠã³ããåäœæããŠãæ§ããŒãæå¹ã§ãããèšå®ããæ瀺çã«æ°ããŒãçæããªãéããªã¹ã¯ãç¶ç¶ããããšã§ãã
â 圱é¿ç¯å²
- Signal, WhatsApp å©çšãŠãŒã¶ãŒ
â 察å¿æé
1. ãŠãŒã¶ãŒã«å¯Ÿãããªã«ããªããŒã第äžè ã«å ±æããªãããåšç¥åŸ¹åºããã
2. ããŒæµåºã®çãããããŠãŒã¶ãŒã«ã¯ãèšå®ã¡ãã¥ãŒããæ°ãããªã«ããªããŒãçæãããæ§ããŒãç¡å¹åãããã
â åèæ å ±
- FBI/CISA Advisory PSA I-062626-PSA
察å¿åªå 床: é«
察å¿æé: éããã«
Subject: [Intel] Russian APT Targeting Signal/WhatsApp Recovery Keys
Hi team,
Sharing intelligence regarding a campaign by Russian Intelligence Services (RIS) actors UNC5792 and UNC4221.
â Overview
Attackers are using phishing to coax targets into handing over Signal Backup Recovery Keys. This allows them to restore backups, read message histories, and maintain persistence. Notably, the key remains valid even if the user creates a new account with the same phone number.
â Scope
- Users of Signal and WhatsApp
â Mitigation Steps
1. Educate users to never share recovery keys via any channel.
2. For compromised accounts, instruct users to generate a new key in Settings to invalidate the previous one.
â Reference
- FBI/CISA Advisory PSA I-062626-PSA
Priority: High
Deadline: Immediate
Hi team,
Sharing intelligence regarding a campaign by Russian Intelligence Services (RIS) actors UNC5792 and UNC4221.
â Overview
Attackers are using phishing to coax targets into handing over Signal Backup Recovery Keys. This allows them to restore backups, read message histories, and maintain persistence. Notably, the key remains valid even if the user creates a new account with the same phone number.
â Scope
- Users of Signal and WhatsApp
â Mitigation Steps
1. Educate users to never share recovery keys via any channel.
2. For compromised accounts, instruct users to generate a new key in Settings to invalidate the previous one.
â Reference
- FBI/CISA Advisory PSA I-062626-PSA
Priority: High
Deadline: Immediate