A Fake Signal App Was Planted On Google Play By China-Linked Hackers
A fake Signal app was recently planted on Google Play by Chinese linked hackers.
For those who use this communications application, be aware.
"The standard version of Signal allows users to link the mobile app to their desktop or Apple iPad. The malicious Signal Plus Messenger abused that feature by automatically connecting the compromised device to the attacker’s Signal in the background, so all messages were passed onto their account, Stefanko told Forbes. That happens “without the user noticing anything or accepting any notification, it is all done in silence,” he said. According to Stefanko, who published a blog see below and a YouTube video see below on the machinations of the attack, this was the first documented case of spying on a victim’s Signal via secret “autolinking.”"