Summary: Russian threat actors are exploiting the Signal messaging app’s “Linked Devices” feature through phishing campaigns to gain unauthorized access to user accounts. They use various tactics, including creating malicious QR codes and altering legitimate group invite pages, to trick victims into linking their accounts to attacker-controlled devices. As these compromises can often go unnoticed, users are advised to adopt security measures to protect themselves.
Affected: Signal messaging app
Keypoints :
- Russian state-aligned groups are using device-linking phishing techniques to compromise Signal accounts.
- Malicious QR codes and fake group invitations are common methods employed by attackers.
- Users are encouraged to update the app and follow security best practices to mitigate risks.