Signal confirms hack claims are part of disinformation campaign
Encrypted messaging app Signal has not been hacked, the app maker has confirmed. As signal usage in Eastern Europe increases, rumors had begun to circulate that the encrypted messaging app had been hacked.
But as misinformation about the Russia-Ukraine conflict escalates, Signal says the hack rumors are part of a “coordinated misinformation campaign.”
Signal wrote in a tweet: “We have had an increase in usage in Eastern Europe and rumors are circulating that Signal has been hacked and compromised. This is untrue. The signal is not hacked. We believe these rumors are part of a coordinated misinformation campaign intended to encourage people to use less secure options.”
“We’re seeing these rumors pop up in messages relayed on several different apps,” Signal added. “These rumors are often attributed to official government sources and read ‘attack on the Signal platform.’ This is false and Signal is not under attack.”
Misinformation is a weapon in itself. As Signal says, the goal of the disinformation campaign appears to be to discredit the encrypted messaging app as a safe way to communicate during the Russia-Ukraine conflict.
If people migrated away from secure apps like Signal to, say, Telegram, which is less secure and not encrypted by default, it’s possible communications could be compromised.
In an age where misinformation is rife, it’s important to check everything you read and hear and never share anything you’re not sure is true. “Right now, Signal remains an unbiased platform, and attackers will try anything to try to reduce trust,” said Jake Moore, Global Cyber Security Advisor at ESET.
When communicating highly sensitive information, you should avoid unencrypted apps such as Facebook Messenger, and instead use secure apps such as Signal and WhatsApp.
Some people prefer not to use WhatsApp, because it is owned by Facebook. Although WhatsApp is end-to-end encrypted and secure, for this reason you may want to use Signal instead, or other secure apps like Threema.
Signal security – something to remember
But as a technical YouTuber Naomi Wu points out, while Signal hasn’t been hacked, that doesn’t mean it’s completely infallible. End-to-end encryption protects the information that passes between devices, so no one can read your messages, including Signal. But ill-intentioned nation-state adversaries can still bypass end-to-end encrypted apps if they compromise the device itself. This has happened before, for example with Pegasus spyware.
“While Signal is probably the best app-based option in this situation, it’s important to keep in mind that the Ukrainians are up against a nation-state adversary with a known ability to remotely compromise mobile devices — and no end-to-end encrypted messenger app can defend itself against that threat model, says Wu.
Stay safe by using Signal
But Signal itself hasn’t been hacked and Wu says people should still use the app. If you suspect your device has been compromised, she advises: “Switch to a clean device and SIM card not associated with your name, or consider using false information to test the security of communications.”
Restarting your phone can in some cases temporarily remove spyware access to your device.
In general, to keep your communications secure, always make sure you update your iPhone or Android device to the latest software. That – in addition to using apps like Signal – will help keep your communications safe.