THE FBI has issued a new alert regarding Russian intelligence operations targeting Signal messaging applications by stealing Backup Recovery Keys. This updated advisory reveals that the focus has shifted from obtaining SMS verification to acquiring these keys, enabling attackers to access users' message histories and gain long-term control over accounts. Phishing messages impersonate Signal support, guiding victims through the process of sharing their Recovery Keys.
Unlike stolen verification codes, Recovery Keys remain effective indefinitely, making these operations particularly damaging. The advisory underscores that despite these vulnerabilities, Signal's encryption remains intact, emphasizing that the primary threat lies in user habits regarding key sharing. Recommendations for Signal users, particularly in sensitive roles, include scrutinizing any in-app messages purporting to be from Signal support and generating new Recovery Keys if compromised.