



{"id":32764,"date":"2022-05-11T12:18:18","date_gmt":"2022-05-11T12:18:18","guid":{"rendered":"https:\/\/media.am\/?p=32764"},"modified":"2022-05-14T12:32:39","modified_gmt":"2022-05-14T12:32:39","slug":"telegram-and-other-messengers-are-at-risk-in-armenia","status":"publish","type":"post","link":"https:\/\/media.am\/en\/critique\/2022\/05\/11\/32764\/","title":{"rendered":"Telegram And Other Messengers Are At Risk In Armenia"},"content":{"rendered":"<p><span data-contrast=\"auto\">A few days ago, information was spread that <\/span><a href=\"https:\/\/www.panorama.am\/am\/news\/2022\/05\/03\/%D6%83%D5%B8%D6%80%D5%B1%D5%A1%D5%A3%D5%A5%D5%BF-%D5%AD%D5%B8%D6%80%D5%B0%D5%B8%D6%82%D6%80%D5%A4\/2676486\" target=\"_blank\" rel=\"noopener noreferrer\"><span data-contrast=\"none\">attempts were being made to hack into the Telegram accounts<\/span><\/a><span data-contrast=\"auto\"> of opposition figures (the names are not published). Then more interesting details appeared: These are at least <\/span><a href=\"https:\/\/twitter.com\/RubenMuradyan\/status\/1521497115075264513\" target=\"_blank\" rel=\"noopener noreferrer\"><span data-contrast=\"none\">three Telegram accounts<\/span><\/a><span data-contrast=\"auto\"> that have been stolen. And then they spread links that were supposed to take victims to websites, infecting them with Predator spyware.<\/span><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335559739&quot;:160,&quot;335559740&quot;:259}\">\u00a0<\/span><\/p>\n<p><span data-contrast=\"auto\">This one paragraph contains a wealth of interesting information, so let&#8217;s turn it over and understand what is important today.<\/span><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335559739&quot;:160,&quot;335559740&quot;:259}\">\u00a0<\/span><\/p>\n<ol>\n<li><span data-contrast=\"auto\"> How do they hack into Telegram?<\/span><\/li>\n<\/ol>\n<p><span data-contrast=\"auto\">There is basically one common and easy (for power structures) form. The attacker&#8217;s SIM card is cloned. (The original in such a case is deactivated). Then the attacker puts the victim&#8217;s number on his phone, activates Telegram, receives the activation code via SMS, and voila, the victim&#8217;s account is connected to their phone. We know of cases when the activation SMS was extorted in another way in Armenia, even <\/span><a href=\"https:\/\/cyberhub.am\/hy\/blog\/2020\/04\/05\/sms_2fa_sedrak_mkrtchyan\/\" target=\"_blank\" rel=\"noopener noreferrer\"><span data-contrast=\"none\">without deactivating the victim&#8217;s number<\/span><\/a><span data-contrast=\"auto\">.<\/span><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335559739&quot;:160,&quot;335559740&quot;:259}\">\u00a0<\/span><\/p>\n<p><span data-contrast=\"auto\">Other messengers like WhatsApp, Facebook Messenger, Signal, Viber, etc. can be hacked in the same way. Although, the etceteras are not so important anymore, as these alone already include the main active messengers in Armenia.<\/span><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335559739&quot;:160,&quot;335559740&quot;:259}\">\u00a0<\/span><\/p>\n<p><span data-contrast=\"auto\">b\u2024 Why break into Messenger if it is often not possible to read the previous correspondence?<\/span><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335559739&quot;:160,&quot;335559740&quot;:259}\">\u00a0<\/span><\/p>\n<p><span data-contrast=\"auto\">The very latest case shows that there can be indirect problems. For example, the victim of an attack could be an intermediary through whom other people could be infected with spyware.<\/span><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335559739&quot;:160,&quot;335559740&quot;:259}\">\u00a0<\/span><\/p>\n<p><span data-contrast=\"auto\">That is, someone&#8217;s account is hacked, then an infected link is sent on their behalf to the people who need to be followed. And the targets, receiving the link from a close and reliable acquaintance, will most likely follow the link.<\/span><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335559739&quot;:160,&quot;335559740&quot;:259}\">\u00a0<\/span><\/p>\n<p><span data-contrast=\"auto\">c\u2024 It is also important to understand what spyware they are.<\/span><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335559739&quot;:160,&quot;335559740&quot;:259}\">\u00a0<\/span><\/p>\n<p><span data-contrast=\"auto\">Let me remind you that a few months ago there was talk about dozens of infections in Armenia through the famous <\/span><a href=\"http:\/\/media.am\/en\/critique\/2021\/11\/25\/30693\/\" target=\"_blank\" rel=\"noopener noreferrer\"><span data-contrast=\"none\">Pegasus<\/span><\/a><span data-contrast=\"auto\"> program. However, in this case, there was no clear client. There was a possibility that the infections were coming from neighboring Azerbaijan or Turkey (in the case of Pegasus, most likely, it was about several waves of infections, with different customers).<\/span><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335559739&quot;:160,&quot;335559740&quot;:259}\">\u00a0<\/span><\/p>\n<p><span data-contrast=\"auto\">But now we are talking about the Predator spyware program. In this case, we have the first evidence that the buyer and user is the <\/span><a href=\"https:\/\/citizenlab.ca\/2021\/12\/pegasus-vs-predator-dissidents-doubly-infected-iphone-reveals-cytrox-mercenary-spyware\/\" target=\"_blank\" rel=\"noopener noreferrer\"><span data-contrast=\"none\">Armenian government<\/span><\/a><span data-contrast=\"auto\">.<\/span><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335559739&quot;:160,&quot;335559740&quot;:259}\">\u00a0<\/span><\/p>\n<p><span data-contrast=\"auto\">d\u2024 What can be done to prevent such an attack?<\/span><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335559739&quot;:160,&quot;335559740&quot;:259}\">\u00a0<\/span><\/p>\n<p><span data-contrast=\"auto\">This is important not only for politicians but also for journalists, activists, and human rights activists. It is necessary to activate two-stage protection in messengers.<\/span><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335559739&quot;:160,&quot;335559740&quot;:259}\">\u00a0<\/span><\/p>\n<p><span data-contrast=\"auto\">It is very easy to do in Telegram. You need to enter the settings, then select the security section, and from there 2-factor authentication and activate the password. After that, even if someone extorts the activation code via SMS, they will not be able to install your Telegram account on their device without a password.<\/span><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335559739&quot;:160,&quot;335559740&quot;:259}\">\u00a0<\/span><\/p>\n<p><span data-contrast=\"auto\">The same goes for other messengers. In the case of Facebook Messenger, it is a common Facebook account. Unfortunately, Viber has a less responsible manufacturer that still does not provide two-stage activation, which means that this messenger is not secure.<\/span><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335559739&quot;:160,&quot;335559740&quot;:259}\">\u00a0<\/span><\/p>\n<p><span data-contrast=\"auto\">Although the manufacturer has promised to finally turn on the two-phase in the coming weeks, until then, Viber is worth using only to send water meter data.<\/span><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335559739&quot;:160,&quot;335559740&quot;:259}\">\u00a0<\/span><\/p>\n<p style=\"text-align: right\"><b><span data-contrast=\"auto\">Samvel Martirosyan<\/span><\/b><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335551550&quot;:3,&quot;335551620&quot;:3,&quot;335559739&quot;:160,&quot;335559740&quot;:259}\">\u00a0<\/span><\/p>\n","protected":false},"excerpt":{"rendered":"<p>A few days ago, information was spread that attempts were being made to hack into the Telegram accounts of opposition figures (the names are not published). Then more interesting details appeared: These are at least three Telegram accounts that have been stolen. And then they spread links that were supposed to take victims to websites,<a class=\"moretag\" href=\"https:\/\/media.am\/en\/critique\/2022\/05\/11\/32764\/\"> Read the full article&#8230;<\/a><\/p>\n","protected":false},"author":3,"featured_media":32727,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"ngg_post_thumbnail":0,"footnotes":""},"categories":[16,212],"tags":[],"class_list":["post-32764","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-critique","category-featured-post","author_posts-samvel-martirosyan"],"acf":[],"_links":{"self":[{"href":"https:\/\/media.am\/en\/wp-json\/wp\/v2\/posts\/32764","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/media.am\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/media.am\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/media.am\/en\/wp-json\/wp\/v2\/users\/3"}],"replies":[{"embeddable":true,"href":"https:\/\/media.am\/en\/wp-json\/wp\/v2\/comments?post=32764"}],"version-history":[{"count":1,"href":"https:\/\/media.am\/en\/wp-json\/wp\/v2\/posts\/32764\/revisions"}],"predecessor-version":[{"id":32765,"href":"https:\/\/media.am\/en\/wp-json\/wp\/v2\/posts\/32764\/revisions\/32765"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/media.am\/en\/wp-json\/wp\/v2\/media\/32727"}],"wp:attachment":[{"href":"https:\/\/media.am\/en\/wp-json\/wp\/v2\/media?parent=32764"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/media.am\/en\/wp-json\/wp\/v2\/categories?post=32764"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/media.am\/en\/wp-json\/wp\/v2\/tags?post=32764"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}