© Unsplash
Signal indicates that it was the victim of a computer attack. By trapping the employees of one of Signal’s partners, a hacker managed to hack into a user’s account. A total of 1,900 accounts were affected by the operation, says the alternative to WhatsApp.
Instant messaging Signal was the victim of a computer hack perpetrated through its partner Twilio. In a blog post published this Monday, August 15, 2022, Signal warns 1,900 users of its application. A malicious actor “could have attempted to re-register your number on another device or learn that your number had been registered on Signal”.
Concretely, the hacker could have used the user’s account on another smartphone. He would then have been able to send or receive messages with the user’s account. Three specific numbers were targeted by the hacker. According to Signal, only one account was hacked during the maneuver.
However, “message history, contact lists, profile information, blocked people and other personal data” were not affected. As Signal reminds us, all this data is stored locally on the user’s smartphone, which reduces the amount of potentially endangered information.
On the same theme: iMessage, WhatsApp, Telegram, Signal… A document reveals the data that the FBI can siphon
How a Hacker Tackled Signal
According to the email, the attack is based on the recent theft of Twilio’s data. Based in the United States, this cloud communication platform provides phone number verification services to Signal and other messaging apps.
A few days ago, Twillio was the target of a massive phishing attack. After trapping several employees, malicious actors accessed the data of 125 customers. The company points to “a sophisticated attack” aimed at obtaining the credentials that allow access to its internal systems.
To deceive Twillio employees, the hackers pretended to be the firm’s IT department. By text message, they tricked employees into believing that “their password had expired, their schedule had changed,” and that they had to log in by clicking on a link. This is where the trap closed. The hackers obtained the credentials entered on the dummy address.
“Our security team revoked access to compromised employee accounts to mitigate the attack,” says Twillio, claiming to have blocked the hackers.
Signal warns the 1900 affected users
Signal is currently notifying the 1,900 affected users by SMS. Encrypted messaging, an alternative from the giant WhatsApp, recommends victims to re-register their account through the Android or iOS application.
“For the 1,900 potentially affected users, we are de-registering Signal on all devices currently in use (or to which an attacker has registered them) and will require them to re-register,” Signal said.
To protect against other possible attacks, Signal advises its users to enable record locking. This option requires the user to provide a PIN code to re-register on another device. The measure thus bars the access of pirates.
Signal