The severity is HIGH due to the potential for widespread exploitation targeting government officials, military personnel, and journalists. Real-world exploitability is high as phishing remains a prevalent attack vector, with no specific patches available.
Russian state-sponsored hackers are targeting Signal and WhatsApp users through phishing campaigns, leading to account takeovers. Attackers exploit legitimate authentication features by tricking users into sharing verification codes and PINs.
Affected Systems
- Signal
Affected Versions: All versions of Signal and WhatsApp that support SMS-based verification and device linking functionality
Remediation
- Disable automatic login prompts for Signal Security Support or any other unrecognized services within the app settings.
- Regularly review linked devices in both Signal and WhatsApp accounts to ensure no unauthorized access points exist.
- Do not share verification codes or PINs with anyone, including through unsolicited messages claiming to be from support.
Stack Impact
This does not directly affect nginx, docker, linux kernel, openssh, curl, openssl, python, or homelab components. However, it impacts messaging apps used for secure communications.