The FBI and CISA warn that Russian intelligence-linked operators have shifted their Signal phishing campaign to trick victims into revealing their Signal Backup Recovery Key, enabling access to backup message history and potential account takeover. The updated advisory identifies UNC5792 and UNC4221, highlights high-value targets including U.S. and international officials, and recommends generating a new recovery key immediately if exposed. #UNC5792 #UNC4221 #Signal #CISA #FBI #RewardsforJustice
Keypoints
- FBI and CISA updated their warning about phishing against Signal accounts.
- Attackers now trick victims into sharing their Signal Backup Recovery Key.
- UNC5792 and UNC4221 are tied to the Russian intelligence-linked campaign.
- The campaign targets officials, military personnel, journalists, and Ukraine-related figures.
- Users should never share recovery keys and should remove unknown linked devices.
Read More: https://thehackernews.com/2026/06/fbi-warns-russian-intelligence-hackers.html