{"id":270865,"date":"2026-06-12T01:05:00","date_gmt":"2026-06-12T05:05:00","guid":{"rendered":"https:\/\/news-you-need.com\/index.php\/2026\/06\/12\/cybercriminals-lure-russian-troops-with-fake-dating-profiles\/"},"modified":"2026-06-12T01:50:16","modified_gmt":"2026-06-12T05:50:16","slug":"cybercriminals-lure-russian-troops-with-fake-dating-profiles","status":"publish","type":"post","link":"https:\/\/news-you-need.com\/index.php\/2026\/06\/12\/cybercriminals-lure-russian-troops-with-fake-dating-profiles\/","title":{"rendered":"Cybercriminals lure Russian troops with fake dating profiles"},"content":{"rendered":"<p><a href=\"https:\/\/www.escudodigital.com\/en\/cybersecurity\/cybercriminals-lure-russian-troops-with-fake-dating-profiles.html\">Cybercriminals lure Russian troops with fake dating profiles<\/a><\/p>\n<p><a href=\"https:\/\/www.escudodigital.com\/en\/cybersecurity\/cybercriminals-lure-russian-troops-with-fake-dating-profiles.html\">https:\/\/www.escudodigital.com\/en\/cybersecurity\/cybercriminals-lure-russian-troops-with-fake-dating-profiles.html<\/a><\/p>\n<p>Publish Date: <a href=\"publish_date]\">2026-06-12 01:05:00<\/a><\/p>\n<p>Source Domain: <a href=\"www.escudodigital.com\">www.escudodigital.com<\/a><\/p>\n<p>A cyberespionage group that had not been documented until now is trying to compromise mobile phones, computer equipment, and Telegram accounts of Russian military personnel by <strong>posing as women seeking romantic relationships.<\/strong><\/p>\n<p>According to researchers from the Russian cybersecurity firm F6, this threat actor, which is called <strong>&#8216;SiribClone,&#8217; <\/strong>has been active since last summer and has primarily targeted its social engineering <strong>attacks against members of the Russian armed forces located in border regions and combat zones.<\/strong><\/p>\n<p>The goal of these hackers would be <strong>to gather intelligence by stealing files, monitoring communications, and collecting sensitive military information<\/strong> from Kremlin troops on the front lines, according to The Record Media.<\/p>\n<p>After pretending to be women looking for a relationship (and even volunteers offering humanitarian aid) to start conversations, the cybercriminals end up <strong>persuading soldiers to download malicious apps or enter their Telegram credentials on malicious websites.<\/strong><\/p>\n<h2>&#8216;Before you know it,&#8217; you have spyware on your phone<\/h2>\n<p>Victims are directed to click on links that hide malware under various pretexts. In some cases, they claim to have developed a new app and ask users to test it. Other example is a request <strong>to exchange intimate photos through what appears to be a secure messaging app.<\/strong><\/p>\n<p>However, in reality, they lead them to download a spyware tool for Android that researchers have named <strong>&#8216;SafeLoveStealer,&#8217; <\/strong>which had not been documented until now.<\/p>\n<p>This malware is capable of stealing photos, videos, documents, location, and localization data from infected devices, while allowing attackers remote access to the microphone and recording conversations.<\/p>\n<p>SiribClone also operates phishing websites that resemble Telegram pages, community invitations from Pavel Durov&#8217;s platform, or medical tests. The attackers use two-factor verification to take control of compromised equipment.<\/p>\n<p>The campaign was detected between January and&#8230;<\/p>\n<p><a href=\"https:\/\/www.escudodigital.com\/en\/cybersecurity\/cybercriminals-lure-russian-troops-with-fake-dating-profiles.html\">Source<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Cybercriminals lure Russian troops with fake dating profiles https:\/\/www.escudodigital.com\/en\/cybersecurity\/cybercriminals-lure-russian-troops-with-fake-dating-profiles.html Publish Date: 2026-06-12 01:05:00 Source Domain:&#8230;<\/p>\n","protected":false},"author":1,"featured_media":270868,"comment_status":"closed","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/d3fkdmlbzjtjd3.cloudfront.net\/articulos\/articulos-80472.jpg","fifu_image_alt":"","footnotes":""},"categories":[15],"tags":[32,25,34],"class_list":["post-270865","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity","tag-malware","tag-phishing","tag-threat-actor"],"_links":{"self":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/270865"}],"collection":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/comments?post=270865"}],"version-history":[{"count":1,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/270865\/revisions"}],"predecessor-version":[{"id":270869,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/270865\/revisions\/270869"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/media\/270868"}],"wp:attachment":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/media?parent=270865"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/categories?post=270865"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/tags?post=270865"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}