Author:
Google Hangouts and Microsoft teams getting Suspicious Test Message: News of harassment of internet users is coming to the fore every day. This time the users of Google Hangouts and Microsoft Teams faced this kind of discomfort. Recently, Google Hangouts and Microsoft Team users around the world received a strange message that read 'Test Notification !!!!'.
Apparently, this seems like a simple spam message. Although Sophos Naked Security Agency said it was not a serious or alarming matter. Because it did not ask the user to click on any link or take any action. However, a security researcher known as 'Abbs' thinks that it is possible to damage millions of devices by sending this kind of fake message together.
Abs noticed that some of the mainstream Android applications use Google's Firebase cloud messaging or FCM's notification interface. Such a fake message can be sent by sending a special type of HTTP request to the service interface of that FCM. The whole process is implemented using "topics".
According to reports, 'topic' is a kind of server-side attribute. For example, an application uses a specific 'topic' and sends a notification to each user at the same time. Users do not have to send separate notifications. It is believed that this method has been used to send spam messages to users of Google Hangouts or Microsoft team.
That's the decent thing to do, and it should end there. The company later tweeted that the source of the problem had been isolated.
 |
| Google Hangouts and Microsoft teams getting Suspicious Test Message |
Apparently, this seems like a simple spam message. Although Sophos Naked Security Agency said it was not a serious or alarming matter. Because it did not ask the user to click on any link or take any action. However, a security researcher known as 'Abbs' thinks that it is possible to damage millions of devices by sending this kind of fake message together.
Abs noticed that some of the mainstream Android applications use Google's Firebase cloud messaging or FCM's notification interface. Such a fake message can be sent by sending a special type of HTTP request to the service interface of that FCM. The whole process is implemented using "topics".
According to reports, 'topic' is a kind of server-side attribute. For example, an application uses a specific 'topic' and sends a notification to each user at the same time. Users do not have to send separate notifications. It is believed that this method has been used to send spam messages to users of Google Hangouts or Microsoft team.
That's the decent thing to do, and it should end there. The company later tweeted that the source of the problem had been isolated.
We're investigating an issue where users are receiving Test notifications on their mobile devices. Further updates will be provided under the SI TM221041 in your admin center.
