Close Menu
Most Read

FBI: Russian Hackers Target Signal Backup Recovery Keys

Staff WriterBy No Comments2 Mins Read1 Views

Essential Insights

  1. Russian threat actors now target Signal accounts by social engineering, convincing users to hand over Backup Recovery Keys, allowing account takeover and message theft.
  2. Attackers impersonate Signal support, instructing targets to enable backups and share their Recovery Key, bypassing encryption but exploiting user trust.
  3. The campaign has expanded from one-time codes to stealing entire account archives, compromising high-value individuals like officials, journalists, and military personnel.

Threat, Techniques, and Targets

The FBI and CISA have issued an update about Russian intelligence hackers targeting Signal accounts. These hackers now trick users into giving their Backup Recovery Keys. Once they get the key, they can access backups and message histories. They can also take over the account. The hackers are linked to Russian intelligence groups, including FSB officers. They target high-value individuals like government officials, military members, politicians, journalists, and Ukrainian officials. The hackers often send messages pretending to be Signal support. They ask users to turn on backup features, open Recovery Keys, and share them. This tactic is specific to Signal and has been active since early 2025. The hackers also used other tricks in the past, like asking for verification codes or sending fake group invite links.

Impact, Security, and Guidance

The main impact is that attackers can access private messages and take control of accounts if users share their Recovery Keys. This can lead to spying or leaks of sensitive information. The security of Signal accounts relies on users being careful about sharing recovery information. Since the hackers use social engineering, users might be tricked into revealing their keys. To stay safe, users should treat any suspicious message from “Signal support” as dangerous. They should never share Recovery Keys, verification codes, or PINs in chats. It is also important to check linked devices and remove any unknown ones. If someone might have shared their Recovery Key, they should generate a new one immediately. For detailed steps and help, users should get guidance from Signal or relevant security authorities.

Discover More Technology Insights

Explore the future of technology with our detailed insights on Artificial Intelligence.

Access comprehensive resources on technology by visiting Wikipedia.

ThreatIntel-V1

Share.
Avatar photo

John Marcelli is a staff writer for the CISO Brief, with a passion for exploring and writing about the ever-evolving world of technology. From emerging trends to in-depth reviews of the latest gadgets, John stays at the forefront of innovation, delivering engaging content that informs and inspires readers. When he's not writing, he enjoys experimenting with new tech tools and diving into the digital landscape.

Related Posts

Comments are closed.