Russian state-associated hacker groups targeted the encrypted messaging service Signal using a sophisticated QR code phishing technique, compromising the privacy of Ukrainian users including military personnel. Exploiting legitimate features, the attackers sent phishing messages that tricked victims into scanning malicious QR codes, which linked their devices to ones controlled by the attackers. This breach allowed eavesdroppers to receive a real-time copy of every message sent or received by the victim. Google's threat intelligence team identified the issue, leading Signal to implement an update enhancing security measures such as additional user confirmation and biometric authentication to thwart this espionage tactic.
Source: https://www.wired.com/story/russia-signal-qr-code-phishing-attack/
"id": "sig000022025",
"linkid": "signal-peak-ventures",
"type": "Cyber Attack",
"date": "2/2025",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization’s existence"