Summary: Multiple Russia-aligned threat actors are exploiting the Signal messaging app to gain unauthorized access to user accounts through malicious QR codes and phishing tactics. These codes, disguised as legitimate invites or alerts, allow attackers to link their devices to victims’ accounts, enabling real-time eavesdropping on conversations. The ongoing threat to secure messaging applications is highlighted by recent findings from Google and Microsoft regarding similar tactics across various platforms.
Affected: Signal messaging app and its users
Keypoints :
- Threat actors, including UNC5792 and UNC4221, are using malicious QR codes to compromise Signal accounts.
- The QR codes can mimic legitimate group invites or security alerts, linking attacker-controlled devices to victims’ accounts.
- This marks a significant concern for secure messaging applications, with increasing emphasis on close-access operations and phishing strategies.
Source: https://thehackernews.com/2025/02/hackers-exploit-signals-linked-devices.html
Views: 7
简体中文
Nederlands
Français
Bahasa Indonesia
日本語
Português