Summary: Mandiant has raised concerns over multiple Russian hacking groups exploiting Signal Messenger’s “linked devices” feature to intercept communications by tricking users into linking their devices. This method allows attackers to receive real-time copies of messages without breaching encryption. The misuse of this feature poses significant risks to users, especially military personnel, politicians, journalists, and activists.
Affected: Signal Messenger, users of Signal Messenger
Keypoints :
- Russian APT groups exploit Signal’s “linked devices” feature to secretly monitor communications.
- Attackers trick users into scanning malicious QR codes, enabling them to add their own devices as linked endpoints.
- This method of attack is low-visibility, making it difficult for users to detect unauthorized device access.
- Similar tactics are being employed against other messaging apps like WhatsApp and Telegram.
- Mandiant advises users to take precautions, including regular audits of linked devices and maintaining updated messaging applications.