The FBI and the US Cybersecurity and Infrastructure Security Agency (CISA) have published a joint statement: hackers linked to Russian intelligence services have gained access to thousands of accounts on Signal and other commercial messengers.
The FBI and the US Cybersecurity and Infrastructure Security Agency (CISA) have published a joint statement: hackers linked to Russian intelligence services have gained access to thousands of accounts on Signal and other commercial messengers.
According to the agencies, the targets of the attacks are current and former US government officials, military personnel, politicians and journalists. At the same time, according to Reuters, the Signal encryption was not broken — the attacks were carried out through social engineering. Hackers posed as security service employees and forced victims to transmit verification codes.
This is a classic scheme that does not require any technical vulnerabilities. The attacker writes to the victim, introduces himself as the Signal security service or another trusted organization, and asks to confirm the account — to send a code from SMS or a QR code to connect an additional device. The victim opens access to his account himself.
That’s why Signal emphasizes that their infrastructure and encryption system are secure. The problem is not the product — the problem is the people.
Earlier this month, Dutch intelligence agencies reported a similar global campaign — the same actors, the same methods, but a broader geography: Signal and WhatsApp, government officials and intelligence targets around the world.
In response to the report from the Netherlands, Signal explained that the attacks were carried out through sophisticated phishing campaigns that tricked users into sharing sensitive information, while stressing that its infrastructure and encryption system remained secure.
Never share your verification codes with anyone, even those who claim to be support. Signal never asks for a verification code in private messages. Enable a registration PIN in Signal settings to prevent your account from being re-registered on another device without your knowledge.
