Notices where this attachment appears
-
Embed this notice
Michał "rysiek" Woźniak · 🇺🇦 (rysiek@mstdn.social)'s status on Wednesday, 19-Feb-2025 22:30:11 JST 
Michał "rysiek" Woźniak · 🇺🇦
Technical details in the report:
https://cloud.google.com/blog/topics/threat-intelligence/russia-targeting-signal-messengerThe tl;dr is:
Signal uses https://signal[.]group/#hash-fragment links in QR codes that allow people to join groups. Group identifier is in the hash-fragment.
The link loads in a browser first. A bit of JS redirects it to a sgnl://signal[.]group/hash-fragment link that is then handled directly by Signal app on mobile.
Malicious QR codes use a different domain (list in the report) and redirect to a sgnl://linkdevice URL instead.
GNU social JP is a social network, courtesy of GNU social JP管理人. It runs on GNU social, version 2.0.2-dev, available under the GNU Affero General Public License.
All GNU social JP content and data are available under the Creative Commons Attribution 3.0 license.