A devastating new threat has emerged, with Russian intelligence hackers using sophisticated tactics to compromise encrypted messaging service Signal’s backup recovery keys. The warning comes from the FBI, which has issued an alert to its partners and affiliates detailing the highly targeted attacks. If successful, these attacks could potentially allow hackers to access users’ sensitive communications.
The attacks work by exploiting a vulnerability in Signal’s backup recovery mechanism, which is designed to help users regain access to their accounts if they lose their phone or device. However, Russian intelligence hackers have been using artificial intelligence (AI) and machine learning models to discover previously unknown software vulnerabilities. These AI-driven discoveries are then used to create highly targeted exploits, allowing the attackers to gain unauthorized access to Signal’s backup recovery keys.
The victims of these attacks include a number of high-profile targets, including government officials, journalists, and business leaders. The FBI has confirmed that at least 10 individuals have had their encrypted messages accessed by Russian hackers. The full extent of the breach is not yet known, but experts warn that it could be much larger. Signal’s encryption mechanism uses end-to-end encryption to protect users’ communications, making them virtually unbreakable – unless, of course, attackers gain access to the decryption keys.
The FBI warning highlights the growing threat posed by highly targeted attacks using AI-driven vulnerability discovery. Russian intelligence hackers have been quietly honing their skills in this area for some time now, and it appears that they are increasingly focusing on compromising encryption mechanisms as a means of gaining access to sensitive information. This is particularly concerning given the increasingly complex global cybersecurity landscape.
The fact that these attackers were able to discover previously unknown vulnerabilities using AI models underscores the growing importance of integrating such technologies into our own security strategies. It also serves as a stark reminder that no system or mechanism can be considered truly secure without continuous testing and evaluation. As we navigate this rapidly evolving threat landscape, it’s essential for organizations and individuals alike to stay vigilant and adapt their defenses accordingly.
For users, the takeaway is clear: if you rely on encrypted messaging services like Signal, make sure you’re taking steps to protect your backup recovery keys. This includes using strong passwords and enabling two-factor authentication whenever possible. Additionally, be cautious of unsolicited contact from unknown parties claiming to offer assistance with account recovery or other related issues – these may be phishing attempts designed to gain access to your encrypted communications.
Source: The Hacker News — 2026-06-26