Cybercriminals lure Russian troops with fake dating profiles

Staff Editor 2026-06-12
Cybercriminals lure Russian troops with fake dating profiles

Cybercriminals lure Russian troops with fake dating profiles

https://www.escudodigital.com/en/cybersecurity/cybercriminals-lure-russian-troops-with-fake-dating-profiles.html

Publish Date: 2026-06-12 01:05:00

Source Domain: www.escudodigital.com

A cyberespionage group that had not been documented until now is trying to compromise mobile phones, computer equipment, and Telegram accounts of Russian military personnel by posing as women seeking romantic relationships.

According to researchers from the Russian cybersecurity firm F6, this threat actor, which is called ‘SiribClone,’ has been active since last summer and has primarily targeted its social engineering attacks against members of the Russian armed forces located in border regions and combat zones.

The goal of these hackers would be to gather intelligence by stealing files, monitoring communications, and collecting sensitive military information from Kremlin troops on the front lines, according to The Record Media.

After pretending to be women looking for a relationship (and even volunteers offering humanitarian aid) to start conversations, the cybercriminals end up persuading soldiers to download malicious apps or enter their Telegram credentials on malicious websites.

‘Before you know it,’ you have spyware on your phone

Victims are directed to click on links that hide malware under various pretexts. In some cases, they claim to have developed a new app and ask users to test it. Other example is a request to exchange intimate photos through what appears to be a secure messaging app.

However, in reality, they lead them to download a spyware tool for Android that researchers have named ‘SafeLoveStealer,’ which had not been documented until now.

This malware is capable of stealing photos, videos, documents, location, and localization data from infected devices, while allowing attackers remote access to the microphone and recording conversations.

SiribClone also operates phishing websites that resemble Telegram pages, community invitations from Pavel Durov’s platform, or medical tests. The attackers use two-factor verification to take control of compromised equipment.

The campaign was detected between January and…

Source

More Stories

How executive AI habits challenge cybersecurity policies

How executive AI habits challenge cybersecurity policies

Staff Editor 2026-06-12
PRITS urges monitoring of accounts following Evertec cybersecurity incident

PRITS urges monitoring of accounts following Evertec cybersecurity incident

Staff Editor 2026-06-12
Cybersecurity and AI threats are intensifying corporate litigation exposure across key US industries in 2026, new Norton Rose Fulbright survey finds | United States | Global law firm

Cybersecurity and AI threats are intensifying corporate litigation exposure across key US industries in 2026, new Norton Rose Fulbright survey finds | United States | Global law firm

Staff Editor 2026-06-12

Terms and Conditions - Privacy Policy