How can users protect themselves from phishing attacks on Signal?

Avoid clicking suspicious links, never enter personal data on untrusted sites, enable two-factor authentication, and keep the app updated. Always verify the source of messages requesting sensitive information.

Who is behind the attacks on Signal users?

According to the FBI and CISA, the campaign is attributed to hackers linked to Russian intelligence agencies, aiming to access confidential communications for espionage or data leaks.

← All news

Security

Russian Hackers Target Signal Users via Backup Recovery Keys

June 28, 2026

Photo: BleepingComputer

Quick answer

Russian hackers linked to intelligence agencies are using phishing to steal Signal backup recovery keys, enabling access to users' message histories.

The Federal Bureau of Investigation (FBI) and the U.S. Cybersecurity and Infrastructure Security Agency (CISA) have issued a joint warning about a new wave of phishing attacks targeting Signal messenger users. The attackers, allegedly linked to Russian intelligence, have shifted tactics to steal backup recovery keys.

These keys allow users to restore access to their message history when reinstalling the app or switching devices. If successful, hackers can view all of a victim’s conversations, including previously deleted messages. Experts note that the campaign has become more targeted, employing social engineering techniques to deceive users.

U.S. authorities advise Signal users to exercise caution when receiving messages requesting sensitive information. Users should verify sender authenticity and avoid clicking suspicious links. Enabling multi-factor authentication and keeping the app updated are also strongly recommended.

Cybersecurity experts emphasize that such attacks may be part of a broader intelligence-gathering campaign. Users are encouraged to stay informed about emerging threats and follow basic security practices when using messaging apps.

Common questions

What are Signal backup recovery keys and why are they important?: Signal backup recovery keys are used to restore access to message history when reinstalling the app or switching devices. Without them, users lose access to past conversations.
How can users protect themselves from phishing attacks on Signal?: Avoid clicking suspicious links, never enter personal data on untrusted sites, enable two-factor authentication, and keep the app updated. Always verify the source of messages requesting sensitive information.
Who is behind the attacks on Signal users?: According to the FBI and CISA, the campaign is attributed to hackers linked to Russian intelligence agencies, aiming to access confidential communications for espionage or data leaks.

Dzen feed: /feed/dzen.xml · RSS: /feed.xml