Hackers target Signal users to steal backups in new attack wave
Hackers are abusing Signal’s in‑app messaging to trick users into giving up their backup recovery keys, allowing attackers to unlock years of supposedly private conversations in a new phishing wave.
The campaign uses messages that appear to come from “Signal Support” and warn of imminent data loss. However, they are fraudulent and designed to steal victims’ encrypted chat backups.
Victims receive a direct message from an account named “Signal Support,” marked with a “Name not verified” warning and generic safety tips inside the app.
Read more at GB Hackers