New phishing campaign targets Signal users to steal chat backup recovery keys
By
Lorenzo Franceschi-Bicchierai
15h ago· 4 min readenNews
90/100
Golden Brown
Bagelometer↗
A five-star bake. Worth schmearing, sharing, saving.
Score90TypenewsSentimentnegative
Summary
Hackers are targeting Signal users in a new phishing campaign that attempts to steal their chat backups. The attackers pose as Signal's support team, warning victims that their backed-up chats and media are at risk of permanent loss due to a sync issue, and trick them into sharing their recovery key. This key can then be used to access online backups containing past messages. The campaign was highlighted by Washington Post analyst Josh Rogin, who shared a screenshot of the attack.
Key quotes
· 3 pulledOn Wednesday, Washington Post analyst Josh Rogin posted a screenshot of a new kind of attack against Signal users
hackers pretend to be the app's support team and warn the target that their backed-up chats and media are 'at risk of permanent loss due to a sync issue'
the target needs to share the recovery key that is used to access their online backups in the chat with the hackers
A new hacking campaign is trying to trick Signal users to give up their secret recovery key, which can be used to access online backups containing past messages.
