BTC $68279.0927
ETH $3629.5433
BNB $418.8260
SOL $133.0943
XRP $0.6497
stETH $3620.7348
ADA $0.7707
DOGE $0.1827
AVAX $43.0376
DOT $9.8988
wstETH $4204.4051
TRX $0.1402
LINK $20.4333
WETH $3627.8562
MATIC $1.1461
WBTC $68015.7231
UNI $12.3628
BCH $469.5171
LTC $88.8112
IMX $3.1360
ICP $13.3800
CAKE $3.3523
ETC $35.9657
FIL $10.0244
LEO $4.8744
ATOM $12.4782
TON $2.7811
HBAR $0.1174
RNDR $7.3750
KAS $0.1614
INJ $40.6866
DAI $0.9990
OKB $56.8390
VET $0.0495
PEPE $0.0000
XLM $0.1458
FDUSD $0.9965
STX $3.0333
XMR $148.4317
WEMIX $2.7041
LDO $3.2821
NEAR $4.3354
GRT $0.3080
ARB $1.9787
THETA $2.3471
APEX $2.6824
BSV $115.5449
BTC $68279.0927
ETH $3629.5433
BNB $418.8260
SOL $133.0943
XRP $0.6497
stETH $3620.7348
ADA $0.7707
DOGE $0.1827
AVAX $43.0376
DOT $9.8988
wstETH $4204.4051
TRX $0.1402
LINK $20.4333
WETH $3627.8562
MATIC $1.1461
WBTC $68015.7231
UNI $12.3628
BCH $469.5171
LTC $88.8112
IMX $3.1360
ICP $13.3800
CAKE $3.3523
ETC $35.9657
FIL $10.0244
LEO $4.8744
ATOM $12.4782
TON $2.7811
HBAR $0.1174
RNDR $7.3750
KAS $0.1614
INJ $40.6866
DAI $0.9990
OKB $56.8390
VET $0.0495
PEPE $0.0000
XLM $0.1458
FDUSD $0.9965
STX $3.0333
XMR $148.4317
WEMIX $2.7041
LDO $3.2821
NEAR $4.3354
GRT $0.3080
ARB $1.9787
THETA $2.3471
APEX $2.6824
BSV $115.5449
  • Catalog
  • Blog
  • Tor Relay
  • Jabber
  • One-Time notes
  • Temp Email
  • What is TOR?
  • We are in tor
  • Vulnerabilities in Signal messenger allow hackers to read deleted messages


    Cybersecurity researcher John Jackson found that flaws in the app allow an attacker to view deleted attachments in messages.

    During the experiment, it turned out that the Signal messenger saves all sent attachments in the C:\Users\foo\AppData\Roaming\Signal\attachments.noindex\*\ directory. If the user deletes an attachment from a chat, it is automatically removed from the directory. But if someone replied to a message with an attachment, then the deleted image remains in the catalog in clear text.

    In other words, an attacker who can access these files will not even need to decrypt them. In addition, there is no regular cache cleaning in the folder, so undeleted files simply lie in this folder in unencrypted form.

    Moreover, a cybercriminal can change the file stored in the cache. However, it will not be replaced automatically by the interlocutors, as each Signal Desktop client has its own local cache. If the victim, after replacing the file, sends the existing thread to other chats, then it will contain the already modified attachment, and not the original one.

    By going to the "attachments.noindex" folder on the victim's machine, the hacker needs to make a copy of the file into which they can inject a malicious shellcode. Copying the PDF filename overwrites it with a malicious PDF that looks like the victim's original file. When sending the document, the victim will see the same file name and preview, but this PDF already contains malware.

    The vulnerabilities have been assigned IDs CVE-2023-24068 and CVE-2023-24069. At the moment, the rating and additional information about the shortcomings is unknown.

    Author DeepWeb
    Canadian firm announces readiness for commercial production of psilocybin mushrooms
    LockBit group claims responsibility for cyberattack on US TV channel

    Comments 0

    Add comment