The Phone of an Australian Minister Has Been Hacked, as a Report Reveals a Hong Kong Connection
A second senior Australian government minister has reported that his mobile phone was hacked via the Telegram messaging app, with a media report claiming that the phishing scam was designed to obtain the contact information of pro-democracy activists in Hong Kong.
The office of Health Minister Greg Hunt said via email on Thursday that “a cyber security attempt to impersonate the minister has been referred to the Australian Federal Police and investigations are underway.” This follows Finance Minister Simon Birmingham's declaration on Monday that he had been hacked.
The Australian newspaper confirmed late Wednesday that someone impersonating Birmingham was provided with the contact information of pro-democracy Hong Kong residents, with one of the recipients being asked, "Do you have any contacts in Hong Kong?"
The individual handed over personal information about Hong Kong residents without realizing they were communicating with a cyber-hacker, the newspaper said, citing an unidentified source.
On Tuesday, Birmingham testified before a parliamentary committee that the hacker obtained access to contacts on his government phone who used the Telegram app. He added that another request had been made by the individual posing as the minister for money to be transferred to a bank account outside Australia.
“The AFP is attempting to determine how some data was secured and is attempting to convince Telegram to shut down the false account,” Birmingham said in a transcript sent from his office.
The Australian Federal Police warned on Thursday that the phishing operation, which was first reported to authorities on March 18, originated with WhatsApp.
According to the alert, the scam "appear[s] as a request from a trusted colleague." Victims were contacted via WhatsApp and instructed to download Telegram for 'further communication.'"
Additionally, the WhatsApp message requested that the recipient forward the two-factor authentication codes to the sender upon installing Telegram, which should have raised red flags with recipients. Two-factor authentication adds another layer of protection to users' computers and online accounts, preventing unauthorized entry. In most instances, the codes will arrive directly on a person's phone, alerting them of an account violation if they are unaware of the operation.
The Australian Signals Directorate did not respond to a request for comment about the scam. Telegram has not responded to a request for comment sent through its website on Sunday or via its mobile app on Thursday.
The office of Prime Minister Scott Morrison said Monday that it would not comment on police matters, and calls for comment from other senior ministers on whether they were targeted have gone unanswered.