Russian hackers are breaking into Signal group chats, according to a Pentagon memo obtained by NPR. The memo was sent on March 18—three days after the US bombed Yemen and five days after top Trump officials accidentally included a journalist on a Signal chat group about it.
“A vulnerability has been identified in the Signal messenger application,” the memo says. At issue is Signal’s “linked devices” feature, which allows a user to access their account on multiple devices. Russian hackers are reportedly taking advantage of this to add Signal accounts to their own devices and eavesdrop on what should be encrypted conversations. “This allows the group to view every message sent by the unwitting user in real time,” says the memo.
The Best Amazon Spring Sale Deals You Can Get Now
*Deals are selected by our commerce team
The Pentagon memo provides steps to “safeguard your Signal application,” and reiterates the government’s Signal policy. It permits the use of Signal for discussions about unclassified information but the app is “NOT approved to process or store nonpublic unclassified information,” it says. All uses must “abide by DoD and NSA/CSS policy.”
In February, Google’s Threat Intelligence Group warned about vulnerabilities with Signal, and outlined how a “linked devices” attack works.
“Because linking an additional device typically requires scanning a quick-response (QR) code, threat actors have resorted to crafting malicious QR codes that, when scanned, will link a victim’s account to an actor-controlled Signal instance,” Google says. “If successful, future messages will be delivered synchronously to both the victim and the threat actor in real-time, providing a persistent means to eavesdrop on the victim’s secure conversations without the need for full-device compromise.”
Google expects Signal breaches to “grow in prevalence in the near-term,” related to the war in Ukraine and “regions outside the Ukrainian theater of war.” Other similar apps, such as WhatsApp and Telegram, are also being actively targeted with similar techniques.
In response to the March 18 memo, Signal told NPR it wasn’t “aware of any vulnerabilities or supposed ones that we haven’t addressed publicly.”
Regarding the Signal chat among Trump officials, Secretary of Defense Pete Hegseth insisted that “nobody was texting war plans.”
Recommended by Our Editors
Typically, sensitive conversations take place in a secure room that top-ranking officials have in their offices and homes, called a Sensitive Compartmented Information Facility (SCIF).
In a hearing today on Capitol Hill, CIA Director John Ratcliffe and Director of National Intelligence Tulsi Gabbard, both of whom were on the “war plans” Signal chat, claimed they did not discuss classified information.
Democratic senators pushed them to release the full chat transcript. “If there was no classified material, share it with the committee,” said Senate Intelligence Ranking Member Mark Warner. “You can’t have it both ways. These are important jobs. This is our national security.”
Like What You’re Reading?
This newsletter may contain advertising, deals, or affiliate links.
By clicking the button, you confirm you are 16+ and agree to our
Terms of Use and
Privacy Policy.
You may unsubscribe from the newsletters at any time.
About Emily Forlini
Senior Reporter
