Telegram CEO Pavel Durov’s Arrest Upends Kremlin Military Communications

Telegram founder and CEO Pavel Durov was arrested Saturday night by French authorities on allegations that his social media platform was being used for child pornography, drug trafficking and organized crime. The move sparked debate over free speech worldwide from prominent anti-censorship figures including Elon Musk, Robert F. Kennedy. Jr. and Edward Snowden. However, “the immediate freakout came from Russia,” reports Politico. “That’s because Telegram is widely used by the Russian military for battlefield communications thanks to problems with rolling out its own secure comms system. It’s also the primary vehicle for pro-war military bloggers and media — as well as millions of ordinary Russians.” From the report: “They practically detained the head of communication of the Russian army,” Russian military blogger channel Povernutie na Z Voine said in a Telegram statement. The blog site Dva Mayora said that Russian specialists are working on an alternative to Telegram, but that the Russian army’s Main Communications Directorate has “not shown any real interest” in getting such a system to Russian troops. The site said Durov’s arrest may actually speed up the development of an independent comms system. Alarmed Russian policymakers are calling for Durov’s release.

“[Durov’s] arrest may have political grounds and be a tool for gaining access to the personal information of Telegram users,” the Deputy Speaker of the Russian Duma Vladislav Davankov said in a Telegram statement. “This cannot be allowed. If the French authorities refuse to release Pavel Durov from custody, I propose making every effort to move him to the UAE or the Russian Federation. With his consent, of course.” Their worry is that Durov may hand over encryption keys to the French authorities, allowing access to the platform and any communications that users thought was encrypted.

French President Emmanuel Macron said Monday that the arrest of Durov was “in no way a political decision.” The Russian embassy has demanded that it get access to Durov, but the Kremlin has so far not issued a statement on the arrest. “Before saying anything, we should wait for the situation to become clearer,” said Kremlin spokesperson Dmitry Peskov. However, officials and law enforcement agencies were instructed to clear all their communication from Telegram, the pro-Kremlin channel Baza reported. “Everyone who is used to using the platform for sensitive conversations/conversations should delete those conversations right now and not do it again,” Kremlin propagandist Margarita Simonyan said in a Telegram post. “Durov has been shut down to get the keys. And he’s going to give them.”

Read more of this story at Slashdot.

Samsung TVs Will Get 7 Years of Free Tizen OS Upgrades

Samsung Electronics said it will provide Tizen OS updates for its newer TVs for at least seven years, starting with models released in March this year and some 2023 models. Business Korea reports: [Yoon Seok-woo, President of Samsung Electronics’ Visual Display Business Division] emphasized that the seven-year free upgrade for Tizen applied to AI TVs would help Samsung widen the market share gap with Chinese competitors. Tizen, an in-house developed OS, has been applied to over 270 million Samsung smart TVs as of last year, making it the world’s largest smart TV platform and a key player in leading the Internet of Things (IoT) era. “AI TV will act as the hub of the AI home, connecting other AI appliances like refrigerators and air conditioners,” Yoon explained. “We will expand the AI home era by enabling users to monitor and control peripheral devices through the TV even when it is off or when the user is away.” This connectivity is a key differentiator from Chinese competitors, according to Yoon.

In the first half of this year, Samsung Electronics maintained the top spot in the global TV market with a 28.8% market share by revenue. However, the combined market share of Chinese companies TCL and Hisense has reached 22.1%, indicating fierce competition.

Read more of this story at Slashdot.

Hackers Have Found an Entirely New Way To Backdoor Into Microsoft Windows

A university in Taiwan was breached with “a previously unseen backdoor (Backdoor.Msupedge) utilizing an infrequently seen technique,” Symantec reports.

The most notable feature of this backdoor is that it communicates with a command-and-control server via DNS traffic… The code for the DNS tunneling tool is based on the publicly available dnscat2 tool. It receives commands by performing name resolution… Msupedge not only receives commands via DNS traffic but also uses the resolved IP address of the C&C server (ctl.msedeapi[.]net) as a command. The third octet of the resolved IP address is a switch case. The behavior of the backdoor will change based on the value of the third octet of the resolved IP address minus seven…

The initial intrusion was likely through the exploit of a recently patched PHP vulnerability (CVE-2024-4577). The vulnerability is a CGI argument injection flaw affecting all versions of PHP installed on the Windows operating system. Successful exploitation of the vulnerability can lead to remote code execution.
Symantec has seen multiple threat actors scanning for vulnerable systems in recent weeks. To date, we have found no evidence allowing us to attribute this threat and the motive behind the attack remains unknown.

More from The Record:
Compared to more obvious methods like HTTP or HTTPS tunneling, this technique can be harder to detect because DNS traffic is generally considered benign and is often overlooked by security tools.
Earlier in June, researchers discovered a campaign by suspected Chinese state-sponsored hackers, known as RedJuliett, targeting dozens of organizations in Taiwan, including universities, state agencies, electronics manufacturers, and religious organizations. Like many other Chinese threat actors, the group likely targeted vulnerabilities in internet-facing devices such as firewalls and enterprise VPNs for initial access because these devices often have limited visibility and security solutions, researchers said.
Additional coverage at The Hacker News.

Thanks to Slashdot reader joshuark for sharing the article.

Read more of this story at Slashdot.

Major Backdoor In Millions of RFID Cards Allows Instant Cloning