Hackers Target Signal Users to Steal Backups in New Attack Wave

Hackers are conducting a coordinated phishing campaign via Signal in-app messages impersonating “Signal Support” to pressure users into copying and pasting their Secure Backups recovery keys into chats; possession of those keys enables attackers to decrypt years of stored messages and media. Reported victims include journalists, dissidents, and activists; Signal reiterates it will never request recovery keys and advises users to block/report such accounts and protect their accounts with PINs, registration lock, and device-change alerts.