While many of the attacks observed so far have primarily focused on Ukraine-related targets, the Google researchers expect other threat groups to adopt similar techniques in the future, especially since other secure messaging apps have similar device-linking features. The Signal team added features in the latest releases to help protect against such attacks, so users are advised to update to the latest version as soon as possible.
Attack on Signal employs device linking as a backdoor
Signal is an open-source messaging application that uses end-to-end encryption (E2EE) for text messages as well as voice and video calls. In fact, the Signal developers are viewed as pioneers in the E2EE space, their Signal cryptographic protocol, which has been independently audited by academic researchers, being adopted by other apps over the years including Meta’s WhatsApp, Google Allo (discontinued), Google Messages, and Microsoft’s Skype (in private conversations mode).
The security audits, the code quality, and the open-source nature of both the app and the protocol have earned Signal the trust of many security researchers, journalists, political activists, politicians, military personnel, and of course, criminal groups. This has made the app a target for oppressive governments, law enforcement agencies, commercial surveillance companies, and intelligence agencies.
