A new hacking campaign is targeting users of Signal, with attackers impersonating the app's support team to steal chat backups. The campaign was highlighted by Washington Post analyst Josh Rogin, who shared a screenshot of a deceptive message claiming users' backed-up chats were at risk of being permanently lost. Victims are urged to provide their recovery key to avoid losing access to their accounts and stored data.
Many activists, particularly those opposed to the Chinese Communist Party, have reported receiving similar phishing attempts. Mohammed Al-Maskati, director of Access Now’s Digital Security Helpline, noted that two victims shared these messages, which indicates the attack may be broader than just targeting specific groups. The exact effectiveness of the campaign remains uncertain.
Signal's president, Meredith Whittaker, stated that the company is actively working on monitoring and mitigation strategies. Users are reminded that Signal will not initiate contact or request sensitive information such as recovery keys or registration codes, emphasizing the need for vigilance against such scams.