top | item 43106300

(no title)

The article says they phish people into linking adversarial devices to their Signal:

> [...] threat actors have resorted to crafting malicious QR codes that, when scanned, will link a victim's account to an actor-controlled Signal instance. If successful, future messages will be delivered synchronously to both the victim and the threat actor in real-time, [...]

discuss

Austiiiiii|1 year ago

There's a new feature to sync old messages that seems like it could potentially make that attack vector ten times worse:

https://www.bleepingcomputer.com/news/security/signal-will-l...

Would a malicious URL be able to activate this feature as part of the request?

inor0gu|1 year ago

Probably not, in any normal case a secondary device shouldn't have that kind of authority to dictate.

It is more concerning if the toggle is on by default and then you carelessly press next (on this or some other kind of phish).