Last week, Prime Minister Ismail Sabri Yaakob lost control of his Telegram account after it was hacked by unknown attackers. Foreign Affairs Minister Saifuddin Abdullah was hit shortly after.
Telegram is an instant messaging service. The two leaders joined an increasing number of prominent individuals who recently fell victim to hackers, who seem to be more active now.
While there are several ways this could have happened, experts say one common way hackers gain access is through simple trickery.
Cybersecurity expert Suresh Ramasamy told Malaysiakini that most of the cases saw hackers gaining control of their victims’ Telegram accounts by simply tricking them to reveal their access PIN codes.
Hackers use a feature in the Telegram application to migrate data to a new device, such as when one changes phones.
The hacker uses the victim’s phone number to register Telegram on the new device and only a PIN code is the last defence against complete data migration.
“The user (hacker) then requests a PIN code (from the victim) to register a new device. The PIN is then used on the new device to move all data and details to this new device.
“The attacker in this case forces the code insurance on the old device and tricks the user into revealing this PIN,” he said.
According to Suresh, such hacking activity is not exclusive to Telegram and does happen to all messaging platforms, including WhatsApp.
The rise in the number of cases involving Telegram could be due to the application gaining more popularity over WhatsApp.
He said users should be aware of the use of the PIN code and be careful when approached by any strangers with a request for such information from them.
Another expert, Khairil Yusof of technology NGO Sinar Project, concurred.
He said users should use the same logic in protecting their banking information, which is to never divulge their PIN, password, or code to unknown parties.
According to Khairil, hackers would usually ask their victims to forward the PIN code to them or will ask for a screenshot of the victim's app to view the code.
Telegram users should also enable two-factor authentication that uses a locally generated one-time password, or OTP, using an application on their phone such as Google Authenticator, he said.
“This would require the attacker to have physical access to your phone to get access to the time-sensitive codes which expire after a short period of time.
“For now, ensuring two-factor authentication should keep things safe from most remote attackers,” Khairil said.
There is also a more complex method to hack messaging applications like Telegram, he revealed, which bypasses the human element and directly hacks the victim's phone or computer.
“The attacker would try to get access to the phone or devices, for example, by attaching files that contain viruses or security exploits that would allow them to have remote access to those phones or devices.
“Or a link to install apps that have security vulnerabilities,” Khairil told Malaysiakini.
The expert pointed out that very large Telegram groups usually would see many unknown people sending files and links, and warned that users should be wary about opening files from unknown senders.
Detrimental to national security
However, unlike the average user, the implications of cabinet members having their messaging accounts hacked are far more serious.
Suresh said when a user loses control of a Telegram account, all the data shared via that account is compromised.
“Depending on the type of attack, it may not just be limited to Telegram but also to other apps as well. For a start, all Telegram data is compromised.
“Chats, pictures and even passwords… if Telegram was used to communicate passwords.”
This is more damaging and can be detrimental to the nation if the account belongs to a country leader or someone who holds a high position of authority.
These people, Suresh said, should be using a secured environment and devices for their communication.
“For example, corporations use MDM (mobile device management) with their own communications suite… and avoid public services.
“This prevents such attacks as you have a highly managed and secured environment that prevents outsiders from peering/hacking into the systems,” he said.
Last week, Ismail Sabri reportedly lost control of his Telegram and Signal messaging application accounts to hackers.
Several hours later, Saifuddin also tweeted that a similar incident happened to his Telegram account and urged anyone who receives a message from the account to ignore it and lodge a report with authorities.
Prior to this, Umno president Ahmad Zahid Hamidi's messaging accounts were also reportedly hacked, in February.
Meanwhile, the Malaysian Communications and Multimedia Commission (MCMC) when contacted said it received 1,795 complaints regarding cyber incidents as of July this year.
The complaints included cases of unauthorised access to social media and personal messaging accounts.
The commission also advised the public to secure their accounts, including by activating two-factor authentication. - Mkini
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.