Russia-linked hackers exploit Signal's QR code feature to target users
- Russia-aligned hackers are using social engineering tactics to manipulate Signal app users.
- Fake QR codes are being circulated to link devices under false pretenses.
- Users must exercise heightened caution to protect their accounts against these threats.
In February 2025, it was reported that Russia-aligned hackers are increasingly targeting users of the encrypted messaging app Signal as part of ongoing efforts to circumvent surveillance related to the invasion of Ukraine. These hackers have been using social engineering techniques to manipulate users into linking their Signal accounts across multiple devices via fraudulent QR codes. This behavior is part of a broader trend that shows that as Signal gains popularity for secure communication, it simultaneously becomes a target for various threat actors seeking to undermine its encryption. The QR codes are designed to appear as legitimate group invites or alerts, further complicating users' ability to discern genuine communications from malicious attempts.