Signal denies it has been hacked

WhatsApp and Signal app icons
(Image credit: Michele Ursi / Shutterstock)

Mobile messaging app Signal has said it has not been compromised following reports that the service had been hacked.

The encrypted instant messaging app, which has seen a surge in popularity recently due to its offer of a more secure way to stay in contact with friends and family, forecfully declared it had not been affected by any attacks.

"We've had an uptick in usage in Eastern Europe & rumors are circulating that Signal is hacked & compromised," the company tweeted. "This is false. Signal is not hacked. We believe these rumors are part of a coordinated misinformation campaign meant to encourage people to use less secure alternatives."

TechRadar needs you!

We're looking at how our readers use VPNs with different devices so we can improve our content and offer better advice. This survey shouldn't take more than 60 seconds of your time, and entrants from the UK and US will have the chance to enter a draw for a £100 Amazon gift card (or equivalent in USD). Thank you for taking part.

>> Click here to start the survey in a new window <<

"Rumors"

"We’re seeing these rumors appear in messages forwarded on several different apps," a separate tweet added. "These rumors are often attributed to official government sources and read “attacks on Signal platform.” This is false and Signal is not under attack."

The declaration comes as the Russian invasion of Ukraine continues, with misinformation and untruths linked to the conflict being shared on social media and online.

Several major cyberattacks are also thought to have taken down Ukrainian and Russian government websites, along with banking and media services on both sides.

Signal has seen user numbers soar in recent months as customers look for a more secure way to message and stay in touch. Signal is available for Windows, macOS, Linux (Debian-based distros), iOS and Android, and offers mobile and desktop versions.

The app says it keeps messages secure using end-to-end encryption using its own Signal Protocol, which means no one other than the sender and the intended recipient is able to see messages. 

Signal also allows users to choose how long messages and conversations are available for, meaning you can create self-destructing messages that are rendered completely inaccessible – by anyone – after a period of your choosing.

The encryption keys are stored on users' phones and computers, never on servers, and to avoid the potential risk (albeit a very small one) of spoofing, you'll be warned if the security key of anyone you are talking with changes.

Via Reuters

Mike Moore
Deputy Editor, TechRadar Pro

Mike Moore is Deputy Editor at TechRadar Pro. He has worked as a B2B and B2C tech journalist for nearly a decade, including at one of the UK's leading national newspapers and fellow Future title ITProPortal, and when he's not keeping track of all the latest enterprise and workplace trends, can most likely be found watching, following or taking part in some kind of sport.