Russian intelligence hackers use social engineering to steal Signal backup keys (opens in new tab)

Russian intelligence services are conducting a sophisticated phishing campaign to steal Signal Backup Recovery Keys from high-value targets. The FBI and CISA report that attackers impersonate official support accounts to trick users into enabling cloud backups and sharing their 30-digit recovery codes. This social engineering tactic bypasses end-to-end encryption by allowing hackers to restore a victim's entire message history onto an attacker-controlled device. <a href="