Russia used social engineering to breach messaging accounts, Ukraine says

Ukraine's Security Service (SBU) has detailed a prolonged Russian intelligence operation that targeted prominent messaging accounts through social engineering. The scheme involved operatives posing as technical support representatives to trick users into surrendering login credentials.

The campaign, described as long-running, leveraged the impersonation of trusted support channels to bypass security measures. While the SBU did not disclose the full scope of affected accounts, the method suggests a patient, persistent effort to infiltrate communications of high-value individuals.

Attackers crafted convincing personas and scenarios, likely using publicly available information to appear legitimate. The SBU's warning indicates that even informed users were susceptible when contacted by individuals posing as service providers, a common vector that exploits trust rather than technical vulnerabilities.

No specific technical indicators of compromise or exploited systems were detailed in the statement. The SBU urged heightened vigilance and recommended enabling multi-factor authentication—a defense that would not prevent credential theft but could limit account takeover if implemented properly.

Attribution of such operations remains challenging outside official intelligence channels. The SBU's announcement serves as both a warning and a framing of Russian tactics in the ongoing information conflict, though independent verification of the operation's scale and targets is limited.