SiribClone Cyber Spies Are Attacking Russian Military Personnel

Cybersecurity experts have identified a new cyber espionage group called SiribClone. This group is targeting Russian military personnel, attempting to access their Telegram accounts and install malware on their devices. The attackers are mainly distributing viral files disguised as document archives or photo-sharing applications. According to Ixbt.com reports .

The SiribClone group uses several strategies to achieve its goals. A special malware called SiribGrabber has been developed for computer users, which steals personal, technical, and geographic information. Additionally, hackers are deceiving users through fake websites and ZIP archives to gain access to systems.

Social engineering methods are being used for mobile devices. Hackers pose as girls on dating apps to communicate with military personnel, offering them to download a spyware app called SafeLoveStealer. This app secretly transmits audio, video, and geolocation data to a server.

Furthermore, phishing pages are being used to hijack Telegram accounts. Experts note that hackers monitor messages in stolen accounts in real time through a special interface. Brief information about each victim is kept, including notes on their military ranks and service locations.