WhatsApp and its parent Meta asked a judge to award them a total win against spyware maker NSO Group as punishment for discovery violations in a years-long case accusing the Israeli company of violating anti-hacking laws. From a report: NSO Group violated the Federal Rules of Civil Procedure, repeatedly ignoring the court's orders and its discovery obligations, according to a motion for sanctions filed Wednesday in the US District Court for the Northern District of California. "NSO's discovery violations were willful, and unfairly skew the record on virtually every key issue in the case, from the merits, to jurisdiction, to damages, making a full and fair trial on the facts impossible," they said. Judge Phyllis J. Hamilton should award the companies judgment as a matter of law or, "if the court finds that the limited discovery produced in this case does not suffice," enter default judgment against NSO, WhatsApp and Meta wrote.

The social media platforms first filed their complaint in October 2019, accusing NSO of using WhatsApp to install NSO spyware on the phones of about 1,400 WhatsApp users. The move follows Apple asking a court last month to dismiss its three-year-old hacking lawsuit against spyware pioneer NSO Group, arguing that it might never be able to get the most critical files about NSO's Pegasus surveillance tool and that its own disclosures could aid NSO and its increasing number of rivals.

An anonymous reader quotes a report from Ars Technica: Attackers are actively exploiting a critical vulnerability in mail servers sold by Zimbra in an attempt to remotely execute malicious commands that install a backdoor, researchers warn. The vulnerability, tracked as CVE-2024-45519, resides in the Zimbra email and collaboration server used by medium and large organizations. When an admin manually changes default settings to enable the postjournal service, attackers can execute commands by sending maliciously formed emails to an address hosted on the server. Zimbra recently patched the vulnerability. All Zimbra users should install it or, at a minimum, ensure that postjournal is disabled.

On Tuesday, Security researcher Ivan Kwiatkowski first reported the in-the-wild attacks, which he described as "mass exploitation." He said the malicious emails were sent by the IP address 79.124.49[.]86 and, when successful, attempted to run a file hosted there using the tool known as curl. Researchers from security firm Proofpoint took to social media later that day to confirm the report. On Wednesday, security researchers provided additional details that suggested the damage from ongoing exploitation was likely to be contained. As already noted, they said, a default setting must be changed, likely lowering the number of servers that are vulnerable. [...]

Proofpoint has explained that some of the malicious emails used multiple email addresses that, when pasted into the CC field, attempted to install a webshell-based backdoor on vulnerable Zimbra servers. The full cc list was wrapped as a single string and encoded using the base64 algorithm. When combined and converted back into plaintext, they created a webshell at the path: /jetty/webapps/zimbraAdmin/public/jsp/zimbraConfig.jsp. Proofpoint went on to say: "Once installed, the webshell listens for inbound connection with a pre-determined JSESSIONID Cookie field; if present, the webshell will then parse the JACTION cookie for base64 commands. The webshell has support for command execution via exec or download and execute a file over a socket connection."

After fifteen years of fighting to make the web safer and more accessible, the World Wide Web Foundation is shutting down. From a report: In a letter shared via the organization's website, co-founders Sir Tim Berners-Lee -- inventor of the World Wide Web -- and Rosemary Leith explain that the organization's mission has been somewhat accomplished and a new battle needs to be waged. When the foundation was founded in 2009, just over 20 percent of the world had access to the web and relatively few organizations were trying to change that, say Sir Tim and Leith. A decade and a half later, with nearly 70 percent of the world online, there are many similar non-governmental organizations trying to make the web more accessible and affordable.

The two founders thank their supporters over the years who "have enabled us to move the needle in a big way" with regard to access and affordability. But the issues facing the web have changed, they insist, and the foundation believes other advocacy groups can take it from here. Chief among the more pressing problems, claim Sir Tim and Leith, is the social media business model that commoditized user data and concentrates power with platforms, contrary to Sir Tim's original vision for the web. To address that threat, Sir Tim intends to dismantle his foundation so he can focus on decentralized technology. "We, along with the Web Foundation board, have been asking ourselves where we can have the most impact in the future," the authors say. "The conclusion we have reached is that Tim's passion on restoring power over and control of data to individuals and actively building powerful collaborative systems needs to be the highest priority going forward. In order to best achieve this, Tim will focus his efforts to support his vision for the Solid Protocol and other decentralized systems."

schwit1 shares a report from The Independent: Thousands of Bank of America customers reported trouble accessing their bank accounts Wednesday afternoon as the financial institution faced a widespread outage. On social media, customers said they could not view their account balances. Those who could view their accounts said they were met with an alarming $0 balance. For many, a "Connection Error" message popped up while trying to log into the banking app. The message said it was "unable to complete your request" and asked the user to "try again later."

By 1:15 p.m. Eastern Time, nearly 20,000 customers said they were having trouble, according to Downdetector, which reports web outages. That number dropped before rising again around 2:45 p.m. ET. It is unclear what caused the outage

Apple's iOS 18 update has introduced changes to contact sharing that could significantly impact social app developers. The new feature allows users to selectively share contacts with apps, rather than granting access to their entire address book. While Apple touts this as a privacy enhancement, developers warn it may hinder the growth of new social platforms. Nikita Bier, a start-up founder, called it "the end of the world" for friend-based social apps. Critics argue the change doesn't apply to Apple's own services, potentially giving the tech giant an unfair advantage.

Russian authorities are considering a ban on Discord, citing unspecified legal violations. According to the Russian daily newspaper Kommersant, the ban may happen "in the coming days." PC Gamer reports: The opening salvo has already been fired. The Russian state media regulator Roskomnadzor has issued five separate rulings relating to Discord since September 20, which can all now be used as justification for an upcoming ban. Say what you will about authoritarian regimes, but they love their bureaucracy. Kommersant quotes an anonymous official source as saying the ban is being considered for violations of Russian law: needless to say, these violations have not been detailed, nor are likely to be.

Russian users have also complained about periodic outages on Discord over September, with many resorting to VPNs, and both the web and mobile versions of the platform affected. Should the ban become a reality, the big losers will be Russian players and developers, with no obvious domestic replacement. "The problem is that for Russian developers, communication with the community, including the international one, and technical support are implemented through Discord," said Vasily Ovchinnikov, head of Russia's Organization for the Development of the Video Game Industry. Today, a Moscow court fined Discord 3.5 million roubles ($37,675) for, apparently, failing to restrict access to banned information.

Reddit has implemented new restrictions on moderators' ability to alter community visibility settings, the social media platform announced Monday. Moderators must now obtain admin approval before switching subreddits between public, private, or NSFW status.

The move comes in response to last year's widespread protests against API pricing changes, during which thousands of subreddits went private, disrupting platform accessibility. Reddit VP Laura Nestler stated the policy aims to prevent actions that "deliberately cause harm" and protect the site's long-term health.

Meta has been fined $101.5 million by the Irish Data Protection Commission (DPC) for storing over half a billion user passwords in plain text for years, with some engineers having access to this data for over a decade. The issue, discovered in 2019, predominantly affected non-US users, especially those using Facebook Lite. AppleInsider reports: Meta Ireland was found guilty of infringing four parts of GDPR, including how it "failed to notify the DPC of a personal data breach concerning storage of user passwords in plain text." Meta Ireland did report the failure, but only some months after it was discovered. "It is widely accepted that user passwords should not be stored in plaintext, considering the risks of abuse that arise from persons accessing such data," said Graham Doyle, Deputy Commissioner at the DPC, in a statement about the fine. "It must be borne in mind, that the passwords the subject of consideration in this case, are particularly sensitive, as they would enable access to users' social media accounts."

Other than the fine and an official reprimand, the full extent of the DPC's ruling is yet to be released publicly. The details published so far do not reveal whether the passwords included any of US users as well as ones in Ireland or across the rest of the European Union. It's most likely that the issue concerns only non-US users, however. That's because in 2019, Facebook told CNN that the majority of the plain text passwords were for a service called Facebook Lite, which it described as being a cut-down service for areas of the world with slower connectivity.

Meta Platforms' claims that Facebook doesn't polarize Americans came under new doubt as the journal Science raised questions about a prominent research paper the tech giant has cited to support its position. WSJ: In an editorial Thursday, Science said that Meta's emergency efforts to calm its platforms in the wake of the 2020 election may have swayed the conclusions of the paper, which the journal published in July 2023. The editorial, titled "Context matters in social media," was prompted by a letter that Science also published presenting new criticism of the paper. Because the study of Facebook's algorithms relied on data provided by Meta when it was undertaking extraordinary efforts to restrain incendiary political content, the letter's authors argue that the paper may have overstated the case that social media algorithms didn't contribute to political polarization.

Such criticisms of peer-reviewed research often appear below papers in academic journals, but Science's editors felt their editorial was needed to more prominently caveat this original paper's conclusions, said Holden Thorp, Science's editor in chief. "It was incumbent on us to come up with a way somehow that people who would come to the paper would know of these concerns,â Thorp said in an interview. While no correction was warranted, he said, "There's an election coming up, and we care about people citing this paper." Meta said it had been transparent with researchers about its actions during the time of the study, and the company and its research partners say it had no control over the Science paper's conclusions. Meta called debates of the sort aired on Thursday as part of the research process.

"The Federal Trade Commission is cracking down on 'automation' companies that launch and manage online businesses on behalf of customers in exchange for an upfront investment," reports CNBC's Annie Palmer. "The latest case targets Ascend Ecom, which ran an e-commerce money-making scheme, primarily on Amazon." The FTC accuses the e-commerce company of defrauding consumers of at least $25 million through false claims, deceptive marketing practices, and attempts to suppress negative reviews. From the report: Jamaal Sanford received a disturbing email in May of last year. The message, whose sender claimed to be part of a "Russian shadow team," contained Sanford's home address, social security number and his daughter's college. It came with a very specific threat. The sender said Sanford, who lives in Springfield, Missouri, would only only be safe if he removed a negative online review. "Do not play tough guy," the email said. "You have nothing to gain by keeping the reviews and EVERYTHING to lose by not cooperating."

Months earlier, Sanford had left a scathing review for an e-commerce "automation" company called Ascend Ecom on the rating site Trustpilot. Ascend's purported business was the launching and managing of Amazon storefronts on behalf of clients, who would pay money for the service and the promise of earning thousands of dollars in "passive income." Sanford had invested $35,000 in such a scheme. He never recouped the money and is now in debt, according to a Federal Trade Commission lawsuit unsealed on Friday. His experience is a key piece of the FTC's suit, which accuses Ascend of breaking federal laws by making false claims related to earnings and business performance, and threatening or penalizing customers for posting honest reviews, among other violations. The FTC is seeking monetary relief for Ascend customers and to prevent Ascend from doing business permanently.

An anonymous reader quotes a report from 404 Media: After a horseback riding accident left him paralyzed from the waist down in 2009, former jockey Michael Straight learned to walk again with the help of a $100,000 ReWalk Personal exoskeleton. Earlier this month, that exoskeleton broke because of a malfunctioning piece of wiring in an accompanying watch that makes the exoskeleton work. The manufacturer refused to fix it, saying the machine was now too old to be serviced, and Straight once again couldn't walk anymore. "After 371,091 steps my exoskeleton is being retired after 10 years of unbelievable physical therapy," Straight posted on Facebook on September 16. "The reasons [sic] why it has stopped is a pathetic excuse for a bad company to try and make more money. The reason it stopped is because of a battery in the watch I wear to operate the machine. I called thinking it was no big deal, yet I was told they stopped working on any machine that was 5 years or older. I find it very hard to believe after paying nearly $100,000 for the machine and training that a $20 battery for the watch is the reason I can't walk anymore?"

Straight's experience is a nightmare scenario that highlights what happens when companies decide to stop supporting their products and do not actively support independent repair. It's also what happens without the protection of right to repair legislation that requires manufacturers to make repair parts, guides, and tools available to the general public. Specifically, a connection wire became desoldered from the battery in a watch that connects to the exoskeleton: "It's not the actual battery, but it's the little green connection piece we need to be the right fit and that's been our problem," Straight posted on Facebook. Straight's personal exoskeleton was broken for two months, he said in a video on Facebook. He was eventually able to get the device fixed after attention from an article in the Paulick Report, a website about the horse industry, and a spot on local TV. "It took me two months, and I got no results," he said in the video. With social media and news attention, "it only took you all four days, and look at the results," he said earlier this week while standing in the exoskeleton. "This is the dystopian nightmare that we've kind of entered in, where the manufacturer perspective on products is that their responsibility completely ends when it hands it over to a customer. That's not good enough for a device like this, but it's also the same thing we see up and down with every single product," Nathan Proctor, head of citizen rights group US PIRG's right to repair project told 404 Media. "People need to be able to fix things, there needs to be a plan in place. A $100,000 product you can only use as long as the battery lasts, that's enraging. We should not have to tolerate a society where this happens."

"We have all this technology we release into the wild and it changes people's lives, but there's no long-term thinking. Manufacturers currently have no legal obligation to support the equipment indefinitely and there's no requirements that they publish sufficient documentation to allow others to do it," Proctor said. "We need to set minimum standards for documentation so that, even if a company goes bankrupt or falls off the face of the earth, a technician with sufficient knowledge can fix it."

Evan Prodromou, co-author of the ActivityPub protocol, has launched The Social Web Foundation to address the challenges of the ActivityPub ecosystem and foster the growth of the Fediverse. The foundation aims to support developers, organizations, and governments through advocacy, educational materials, and infrastructure, while maintaining a decentralized approach to improving the social web. We Distribute reports: "I wish I would've started it five years ago," Evan explains in a call, "We're seeing growth of ActivityPub in the commercial sector, we want to help guide that work, especially for devs that don't know how to engage with the Fediverse, or the work that happens in private spaces. As we're seeing a lot of growth, it's important to help push that growth forward, we're really filling in the crack no other organization is doing." The foundation launches with a dedicated team of three: Evan Prodromou is the Research Director, Mallory Knodel serves as the Executive Director, and Tom Coates acts as Product Director. The trio brings a wealth of knowledge regarding protocol development, open source development, technology policy, and product development for the Web.

In terms of fulfilling its goals, the organization has a few specific areas of focus: People, Policy, Protocol, and Plumbing. The SWF has deemed these areas as critical to their mission statement, and will start with these core focuses. [...] At launch, The Social Web Foundation has announced 12 partner organizations, who serve as a pool of knowledge, resources, and stakeholders. The majority of these entities are either building for the Fediverse directly, or providing infrastructure and services indirectly. Aside from Meta being an early supporter, one surprise is the inclusion of The Ford Foundation, a social justice organization dedicated to supporting next-generation solutions for the social good. At time of launch, the SWF will have access to more than 20 dedicated advisors, who will guide the organization on current problem areas their own efforts are facing, and provide insights on how to move forward and make progress. "The Fediverse is too big and too diverse for anyone to claim to speak for the Fediverse. That's not what we want to do or who we want to be," Evan says, "We may do things that people on the network disagree with, like encouraging media organizations to join the network, but what we want to do is help the mission of growing and improving the Fediverse over time."

OpenAI is rolling out its advanced voice interface for ChatGPT to all Plus and Team subscribers in the U.S., the company said Tuesday. The feature, unveiled four months ago, lets users speak to the AI chatbot instead of typing. Five new voices join the lineup, expanding user options. OpenAI claims improved accent recognition and smoother conversations since initial testing. VentureBeat adds: OpenAI's foray into adding voices into ChatGPT has been controversial at the onset. In its May event announcing GPT-4o and the voice mode, people noticed similarities of one of the voices, Sky, to that of the actress Scarlett Johanssen. It didn't help that OpenAI CEO Sam Altman posted the word "her" on social media, a reference to the movie where Johansson voiced an AI assistant. The controversy sparked concerns around AI developers mimicking voices of well-known individuals.

An anonymous reader shares a report: The Pacific country of Kiribati might be surrounded by water, but on land its population is running dry. The ocean around them is steadily encroaching, contaminating underground wells and leeching salt into the soil. "Our waters have been infected," climate activist and law student Christine Tekanene says. "Those who are affected, they now can't survive with the water that changed after sea level rise." The freshwater crisis is just one of the many threats driven by rising seas in Kiribati. Its people live on a series of atolls, peaking barely a couple of metres above a sprawling tract of the Pacific Ocean. As global temperatures rise and ice sheets melt, Kiribati -- and other low-lying nations like it -- are experiencing extreme and regular flooding, frequent coastal erosion and persistent food and water insecurity.

This week the United Nations general assembly will hold a high-level meeting to address the existential threats posed by sea level rise as the issue climbs the international agenda; last year the UN security council debated it for the first time. Wednesday's meeting aims to build political consensus on action to address the widespread social, economic and legal consequences of rising seas. Samoa's UN representative, Fatumanava Dr Pa'olelei Luteru, says the upcoming UN meeting is long overdue and "extremely important" for island nations. "Economically, militarily, we're not powerful," says Luteru, who also serves as the current chair of the Alliance of Small Island States (AOSIS). "At least within the context of the UN and the multilateral system we have the possibility and the opportunity to engage and achieve some of the things that are a priority for us."

Speaking of California, its governor Gavin Newsom has signed into law a a bill that requires schools to limit or ban the use of smartphones, amid a growing consensus that excess usage can increase the risk of mental illness and impair learning. From a report: Thirteen other states this year have banned or restricted cellphones in school or recommended local educators do so, after Florida led the way by banning phones in class in 2023, according to Education Week. California, with nearly 5.9 million public school students, has followed the lead of its own Los Angeles County, whose school board banned smartphones for its 429,000 students in June.

That same month U.S. Surgeon General Vivek Murthy called for a warning label on social media platforms, akin to those on cigarette packages, likening the problem to a mental health emergency. Murthy cited a study in the medical journal JAMA showing adolescents who spend more than three hours a day on social media may be at heightened risk of mental illness, while referring to a Gallup poll showing the average teen spends 4.8 hours per day on social media. California's bill, which passed 76-0 in the state assembly and 38-1 in the senate, requires school boards or other governing bodies to develop a policy to limit or prohibit student use of smartphones on campus by July 1, 2026, and update the policy every five years.

The government of Bhutan is currently holding over $828 million in bitcoin, according to onchain data by Arkham Intelligence. From a report: "Unlike most governments, Bhutan's BTC does not come from law enforcement asset seizures, but from bitcoin mining operations, which have ramped up dramatically since early 2023," the crypto intelligence firm explained. Crypto intelligence firm Arkham highlighted the Kingdom of Bhutan's bitcoin holdings on social media platform X last week. Bhutan is a small, landlocked kingdom located in the eastern Himalayas, bordered by China to the north and India to the south. The country currently has a population of less than 800,000 people. We learned last year that Bhutan had been secretly mining bitcoin using its abundant hydroelectric resources since around 2019. The operation, which began when bitcoin was priced at approximately $5,000, aims to harness the country's vast renewable energy reserves to power mining rigs.

Hydroelectricity already accounts for 30% of Bhutan's GDP and powers nearly all of its 800,000 residents. The government claimed last year that mining profits are used to subsidize power and hardware costs. This revelation makes Bhutan one of the few countries globally to run a state-owned bitcoin mine, alongside El Salvador.

At over $800 million in Bitcoin holdings, the reserve accounts for nearly a third of Bhutan's 2022-calculated GDP.

In the antitrust trial alleging Google had an ad-selling monopoly, "government lawyers have said some of their strongest evidence is in Google's own internal communications," reports the Wall Street Journal: [In 2010] a new crop of ad-tech companies were threatening Google's bottom line. "One way to make sure we don't get further behind in the market is picking up the one with the most traction and parking it somewhere..." [wrote YouTube Chief Executive Neal Mohan, who previously ran Google's display-ads business]. Google ended up buying one such company, AdMeld, for $400 million in 2011. Google shut down AdMeld two years later, after incorporating some of the startup's technology into its ad exchange, known commonly as AdX.

The Justice Department argued that AdMeld was part of a larger trend: Google acquiring nascent rivals to corner the market and then locking customers into using its products by conditioning access to one software tool on them paying for another... In a 2016 email introduced by the government, Google executive Jonathan Bellack asked colleagues: "Is there a deeper issue with us owning the platform, the exchange, and a huge network? The analogy would be if Goldman or Citibank owned the NYSE [New York Stock Exchange]...." The Justice Department also cited a 2018 email from another then-executive, Chris LaSala, who raised concerns internally over the 20% cut that Google takes from many of its AdX customers, saying Google was extracting "irrationally high rent" from users. "I don't think there is 20% of value in comparing two bids," wrote LaSala. "AdX is not providing additional liquidity to the market. It is simply running the auction."

Another former Google executive, Eisar Lipkovitz, testified that Google's omnipresence in ad-tech gives rise to conflicts of interest. Lipkovitz was rebuffed when he tried to get Google to lower the cut it took from AdX, he testified in a prerecorded deposition. The Justice Department finished presenting its case on Friday. Other witnesses included Google customers. One was Stephanie Layser, a former News Corp executive, who said she felt she had no choice but to use Google technology because the search giant has such market power that switching to another ad server would have meant losing out on millions in advertising revenue.
Google's lawyer countered that "There will be no witness in this case who can say with clarity where this industry is going in the next five years."

Or, as the Wall Street Journal puts it, "It makes no sense to focus on display ads, Google argues, when the industry is shifting to apps, social media and streaming services. Far from monopolizing the space, Google is actually losing ground, Google lawyer Karen Dunn said in her opening trial statement..."

X's struggles in Brazil got this update from the Guardian Wednesday: In a statement tweeted from X's global government affairs account, the company said the restoration of service was an "inadvertent and temporary" side-effect of switching network providers.
But Friday "After defying court orders in Brazil for three weeks, Mr. Musk's social network, X, has capitulated," writes the New York Times. "In a court filing on Friday night, the company's lawyers said that X had complied with orders from Brazil's Supreme Court in the hopes that the court would lift a block on its site."

"The company's lawyers said X had complied with the court's orders — blocking designated accounts, paying fines, and naming a new formal representative in the country," writes TechCrunch (citing reporting by the New York Times): In a filing of its own, the Supreme Court reportedly responded by telling X it had not provided the proper paperwork and giving it five days to do so....

X came back online in Brazil earlier this week, although Cloudflare CEO Matthew Prince told TechCrunch that the timing of the company's recent switch to Cloudflare infrastructure is just a "coincidence." During the ban, Brazilian users sought out social media alternatives, leading to dramatic growth at Bluesky and Tumblr.
The New York Times believes "The moment showed how, in the yearslong power struggle between tech giants and nation-states, governments have been able to keep the upper hand."

Although I'm curious about that missing paperwork...

Meta (the parent company of Facebook, Instagram, and Threads) announced Monday that Russian state media outlets like RT are now "banned from our apps globally for foreign interference activity," reports CNN.

CNN adds that Meta is alleging that the "Kremlin-controlled networks" have "engaged in deceptive influence operations and attempted to evade detection... Prior to Monday's ban, RT had 7.2 million followers on Facebook and 1 million followers on Instagram." The move comes days after the US Justice Department announced charges against two RT employees for funneling nearly $10 million into a US company, identified by CNN as Tenet Media, to create and amplify content that aligned with Russian interests. The covert influence campaign was aimed at the American public ahead of the 2024 US presidential election, US officials said.
Last week the U.S. State department "revealed declassified U.S. intelligence findings that suggest RT is fully integrated into Russia's intelligence operations around the world," CNN reported earlier" In addition to its covert influence operations, the leaders of RT also administered an online crowdfunding effort to supply military equipment to Russian soldiers in Ukraine, Blinken alleged. The crowdfunding effort supplied "sniper rifles, suppressors, body armor, night vision equipment, drones, radio equipment, personal weapon sights, diesel generators" to Russian soldiers fighting in Ukraine, according to Blinken.

The goal of the U.S. announcement — and private discussions with allied diplomats — is to make sure that countries know that RT and Russian intelligence agencies are working together to sow division and harm democratic processes, while simultaneously making it much more difficult for RT to operate globally, a senior administration official said...

Asked for comment by CNN, RT responded with a mocking email that read in part: "We've been broadcasting straight out of the KGB headquarters all this time."
More from Reuters: U.S. Secretary of State Antony Blinken said on Friday that countries should treat RT's activities as they do covert intelligence operations... In briefing materials shared with Reuters, Meta said it had seen Russian state-controlled media try to evade detection in their online activities in the past and expected them to continue trying to engage in deceptive practices going forward.
A YouTube spokesperson told Reuters they've also terminated over 230 channels affiliated with Kremlin-controlled outlets — channels which were previously only blocked from viewers.

YouTube "began blocking Russian state-sponsored news channels globally in 2022," reports NBC News, "including those tied to RT and Sputnik. Over the years, according to YouTube, the platform has blocked thousands of channels and millions of videos." James Rubin, coordinator for the State Department's Global Engagement Center, said RT is "where propaganda, disinformation and lies are spread to millions, if not billions, of people around the world."

Ukraine has banned use of Telegram on official devices used by state officials, military personnel and critical workers because it believes its enemy Russia can spy on both messages and users, a top security body said on Friday. Reuters: The National Security and Defence Council announced the restrictions after Kyrylo Budanov, head of Ukraine's GUR military intelligence agency, presented the Council with evidence of Russian special services' ability to snoop on the platform, it said in a statement. But Andriy Kovalenko, head of the security council's centre on countering disinformation, posted on Telegram that the restrictions apply only to official devices, not personal phones.

Telegram is heavily used in both Ukraine and Russia and has become a critical source of information since the Russian invasion of Ukraine in February 2022. But Ukrainian security officials had repeatedly voiced concerns about its use during the war. Based in Dubai, Telegram was founded by Russian-born Pavel Durov, who left Russia in 2014 after refusing to comply with demands to shut down opposition communities on his social media platform VKontakte, which he has sold.