Close Menu
TechTost
  • AI
  • Apps
  • Crypto
  • Fintech
  • Hardware
  • Media & Entertainment
  • Security
  • Startups
  • Transportation
  • Venture
  • Recommended Essentials
What's Hot

Hacktivists call out Trump by hacking and defacing US military websites

Final extension: Startup Battlefield Australia applications now close on 20 July

Meta just released a new AI generator, Muse Image, and users are already pulling back from using their photos

Facebook X (Twitter) Instagram
  • About Us
  • Contact Us
  • Privacy Policy
  • Terms and Conditions
  • Disclaimer
Facebook X (Twitter) Instagram
TechTost
Subscribe Now
  • AI

    Meta just released a new AI generator, Muse Image, and users are already pulling back from using their photos

    8 July 2026

    Claude Cowork expands to mobile and web

    7 July 2026

    The ‘first’ ransomware attack run by AI still needed a human

    7 July 2026

    If you use Google, you train its AI. See how you can opt out.

    6 July 2026

    Amazon will stop accepting new customers for Mechanical Turk

    6 July 2026
  • Apps

    Discord admits AI moderation bug unfairly banned users for innocuous images

    8 July 2026

    X adds a video editor to encourage creators to post original content, not stolen reposts

    7 July 2026

    You can now adjust the pace and expressiveness of Siri in the latest iOS 27 beta

    7 July 2026

    Apple is bringing back card payments for Apple Account purchases in India after a four-year hiatus

    6 July 2026

    WhatsApp now allows you to reserve usernames

    5 July 2026
  • Crypto

    Venice AI goes unicorn with $65M Series A as first privacy AI platform takes off

    1 July 2026

    Crypto Exchange OKX wants AI agents to hire and pay each other

    30 June 2026

    Startup Battlefield 200 applications close today

    27 May 2026

    5 days left: Save up to $410 on Disrupt 2026 passes

    25 May 2026

    As crypto cools, a16z crypto raises $2.2 billion in capital

    6 May 2026
  • Fintech

    India’s payments chief believes artificial intelligence will play a big part in the next era of digital payments development

    28 June 2026

    Early Bird pricing ends tonight for the Founder Summit

    26 June 2026

    4 days left to save up to $190 on Founder Summit 2026

    23 June 2026

    Robinhood’s note on 10% layoffs shows that blaming AI doesn’t cut it

    17 June 2026

    Anthropic’s latest spat with the Trump administration may actually help it, sales figures suggest

    17 June 2026
  • Hardware

    US investors will soon have access to SK Hynix, another memory maker driving the AI ​​boom

    7 July 2026

    Smart glasses maker Even Realities hits $1 billion valuation with $150 million in funding led by Meituan, Tencent

    6 July 2026

    5 office gadgets that can make your work day better

    6 July 2026

    IQM, Europe’s first public quantum company, admits that the future of the technology is uncertain

    3 July 2026

    Thiel Capital’s Jack Selby commits stakes in hot startups like Etched through Arizona connections

    3 July 2026
  • Media & Entertainment

    Netflix is ​​dealing with shorter video content with its new set of publisher deals with Variety and others

    8 July 2026

    Netflix invented binge watching. Now he may be over it.

    7 July 2026

    New Google ad imagines a Declaration of Independence written with the help of artificial intelligence

    4 July 2026

    Cloudflare’s new policy pushes AI companies to pay for publishers’ content

    1 July 2026

    Watch out, Amazon: The Kobo eReader now has a Goodreads rival

    29 June 2026
  • Security

    Hacktivists call out Trump by hacking and defacing US military websites

    8 July 2026

    Canada’s spy agency says it hacked drug traffickers, extremists and a ransomware gang last year

    6 July 2026

    Politician who investigated abuses of wiretapping software on his phone with Pegasus spyware

    3 July 2026

    The US government says it’s been hacked — again

    2 July 2026

    In major privacy victory, Supreme Court rules that geo-trafficking warrants are protected by privacy rights

    29 June 2026
  • Startups

    Final extension: Startup Battlefield Australia applications now close on 20 July

    8 July 2026

    Savi’s app aims to protect consumers from realistic AI scams like kidnappers demanding ransom

    7 July 2026

    Station F emerges as a launch pad for Europe’s hottest AI startups

    6 July 2026

    Your Brand Deserves Its Own Stage — TechCrunch Disrupt 2026 Side Events

    4 July 2026

    The browser wars aren’t about search anymore — here are the best alternatives to Chrome and Safari

    3 July 2026
  • Transportation

    This startup brings dealers together to bid on your used car

    7 July 2026

    Chevy built an all-American EV truck — why isn’t anyone buying it?

    3 July 2026

    Rivian raises EV sales forecast as second-quarter production ramps up

    3 July 2026

    Lucid Motors CFO steps down as new CEO continues leadership shakeup

    2 July 2026

    Tesla begins testing Cybercab without pedals or steering wheel in Austin

    2 July 2026
  • Venture

    What are bending spoons? The little-known owner of AOL and Vimeo who is now public

    5 July 2026

    After $18B IPO, Bending Spoons Founder Says Success Comes From Minimizing Luck

    2 July 2026

    Bending Spoons defies SaaS slump, up 40% on first day of trading

    2 July 2026

    The DeepMind trio that created a poker AI is now making money for quantitative hedge funds

    1 July 2026

    Patronus AI lands $50 million to create ‘digital worlds’ that stress-test AI agents

    26 June 2026
  • Recommended Essentials
TechTost
You are at:Home»Security»Hackers are trying to steal Signal users’ backups in new wave of phishing attacks
Security

Hackers are trying to steal Signal users’ backups in new wave of phishing attacks

techtost.comBy techtost.com28 May 202604 Mins Read
Share Facebook Twitter Pinterest LinkedIn Tumblr Email
Hackers Are Trying To Steal Signal Users' Backups In New
Share
Facebook Twitter LinkedIn Pinterest Email

Hackers are targeting Signal users in an attempt to steal their chat backups as part of a new hacking campaign, according to TechCrunch.

On Wednesday, Washington Post analyst Josh Rogin posted a screenshot of a new kind of attack against Signal users, where hackers pretend to be the app’s support team and warn the target that their backed-up chats and media are “at risk of permanent loss due to a sync issue.” To avoid this, the message said, the target must share the recovery key used to access their online backups in conversation with the hackers.

“This links your existing backup to your account. If you don’t do this, you may lose access to your account and all saved data,” read the message purporting to be from an account called Signal Support.

This is a phishing attempt. If you get this message on Signal, don’t follow the instructions. Many anti-CCP activists have also received this phishing attempt. Attention and awareness. pic.twitter.com/8J1YDcpUAX

— Josh Rogin (@joshrogin) May 27, 2026

Rogin said several anti-China Communist Party activists have received this malicious message.

Mohamed Al-Maskati, director of Access Now’s Digital Security Helpline, which investigates cyberattacks against journalists, dissidents and human rights activists, told TechCrunch that two people shared similar messages with him. Al-Maskati said the two are not Chinese activists. This suggests that the hacking campaign could be more widespread and target other communities, or there could be different groups of hackers using the same strategy.

It is unclear how effective the hacking campaign was. Al-Maskati said that stealing the victim’s recovery keys for chat backups is only one step in the attack, and that the hackers still need to gain access to the victim’s account.

Generally, this type of attack relies on phishing targets, which means tricking them into sharing some important and private information with hackers. In this particular case, hackers pretend to be Signal’s support team to exploit the target’s trust in the app and the organization behind it.

It is important to note that Signal he says “will never reach” users first and he will never ask for your registration code, PIN or recovery key. This means that any chat pretending to be from “Signal Support” is actually from malicious hackers. The organization has publicly warned for exactly this type of attack last month.

Contact us

Do you have more information about these attacks against Signal users? Or other similar attacks? From a non-working device, you can contact Lorenzo Franceschi-Bicchierai securely on Signal at +1 917 257 1382 or via Telegram and Keybase @lorenzofb or via email.

While there have been several hacker campaigns impersonating Signal’s support in recent months, this is a new type of attack because it targets specific backups, which may contain a victim’s past chats, photos and documents.

Previous hacking campaigns targeting Signal users have attempted to hack into a victim’s account and then impersonate them, often with the possible goal of stealing the victim’s contacts or starting conversations with other people as if they were the account owner. In these cases, hackers do not have access to previous messages, as the attacks rely on rewriting the victim’s account on a device they control. Because of the way Signal is designed, older messages don’t show up on the new device.

Hackers can take over Signal accounts, for example, by stealing someone’s phone number. However, Signal offers security features that protect against this attack, such as Registration lockwhich prevents attackers from linking a target’s number to a new device unless they steal the target’s PIN.

In this scenario, one way to view older messages would be to access the victim’s online backup, which requires the recovery key.

Last year, Signal released secure backupsa new option that allows users to upload their account contents to Signal’s servers, which are encrypted with a recovery key that the organization says is “never shared with Signal’s servers” and “never leaves” the users’ device. Slogan he says Users should store the recovery key safely in a notebook or password manager.

“Without the unique recovery key, no one (including Signal) can read, decrypt or restore any of the data in your Secure Backup Archive,” Signal said.

This means that only the user can access their file in a scenario where they register their account on a new phone, download the encrypted backup from Signal’s servers, and then decrypt it with the recovery key.

Signal did not respond to a request for comment.

When you purchase through links in our articles, we may earn a small commission. This does not affect our editorial independence.

attacks backups cyber security Exclusive hacker hackers Hacking phishing privacy signal slogan steal surveillance Users wave
Share. Facebook Twitter Pinterest LinkedIn Tumblr Email
Previous ArticleAt Disrupt 2026: Databricks co-founder on what’s killing AI business deals
Next Article Vertu wants CEOs to run companies from a foldable AI starting at $6,880
bhanuprakash.cg
techtost.com
  • Website

Related Posts

Hacktivists call out Trump by hacking and defacing US military websites

8 July 2026

Meta just released a new AI generator, Muse Image, and users are already pulling back from using their photos

8 July 2026

Discord admits AI moderation bug unfairly banned users for innocuous images

8 July 2026
Add A Comment

Leave A Reply Cancel Reply

Don't Miss

Hacktivists call out Trump by hacking and defacing US military websites

8 July 2026

Final extension: Startup Battlefield Australia applications now close on 20 July

8 July 2026

Meta just released a new AI generator, Muse Image, and users are already pulling back from using their photos

8 July 2026
Stay In Touch
  • Facebook
  • YouTube
  • TikTok
  • WhatsApp
  • Twitter
  • Instagram
Fintech

India’s payments chief believes artificial intelligence will play a big part in the next era of digital payments development

28 June 2026

Early Bird pricing ends tonight for the Founder Summit

26 June 2026

4 days left to save up to $190 on Founder Summit 2026

23 June 2026
Startups

Final extension: Startup Battlefield Australia applications now close on 20 July

Savi’s app aims to protect consumers from realistic AI scams like kidnappers demanding ransom

Station F emerges as a launch pad for Europe’s hottest AI startups

© 2026 TechTost. All Rights Reserved
  • About Us
  • Contact Us
  • Privacy Policy
  • Terms and Conditions
  • Disclaimer

Type above and press Enter to search. Press Esc to cancel.