Hackers Attacking Signal Users to Steal Backups in New Wave of Attacks
\n \t
\n
<\/BR>
\n
\n \t
\n
<\/BR><\/p>\n
A new wave of phishing attacks is targeting users of Signal, the encrypted messaging app trusted by journalists, activists, and privacy-conscious individuals worldwide. <\/p>\n
Hackers are impersonating Signal\u2019s support team and tricking users into handing over their backup recovery keys, which can unlock entire archives of private chat history. The campaign has raised serious concern among cybersecurity researchers<\/a> and digital rights organizations.<\/p>\n The attack begins with a text message sent directly inside Signal. The message claims to be from \u201cSignal Support\u201d and warns the recipient that their chats and media are \u201cat risk of permanent loss due to a sync issue\u201d. <\/p>\n Victims are then told to share their 64-character recovery key to fix the problem. That key, once handed over, can give attackers full access to years of stored messages, photos, and documents.<\/p>\n TechCrunch\u00a0said in a report<\/a> shared with Cyber Security News (CSN) that the campaign was first publicly flagged after Josh Rogin<\/a>, a Washington Post analyst, posted a screenshot of the fake message on May 27, 2026. <\/p>\n Rogin warned his followers to ignore the message and noted that many anti-CCP activists had already received the same phishing attempt.<\/p>\n