Shared Security Podcast
Shared Security Podcast
Shared Security Podcast·Jul 13, 2026·15m·Episode #569

Signal Phishing and Russian Intelligence Targeting Messaging Apps

Show notes

Russian intelligence services are targeting Signal, WhatsApp, and Telegram users — not by breaking encryption, but by stealing accounts through phishing, QR code tricks, linked-device abuse, and backup recovery key theft. Tom and Kevin break down the FBI warning, the $10 million Rewards for Justice bounty, and the practical security lesson for anyone relying on encrypted messaging: your app can be secure while your account, endpoint, or recovery path is still the weak link.

They also discuss why QR-code phishing and linked-device abuse can bypass what users expect from encrypted messaging, why endpoint and account recovery hygiene matter as much as encrypted transport, what to do when "support" asks for recovery keys or codes, and Tom's personal career update joining Secure Ideas as Executive Director of Consulting.

Special thanks to Guardsquare for sponsoring this episode! Guardsquare is the leader in mobile application security, with multi-layered protection for your Android and iOS apps. Learn more at Guardsquare.com.

** Links mentioned on the show **

FBI IC3 PSA — Russian Intelligence Services Continue to Target Commercial Messaging Applications https://www.ic3.gov/PSA/2026/PSA260626

The Hacker News — FBI Warns Russian Intelligence Hackers Target Signal Backup Recovery Keys https://thehackernews.com/2026/06/fbi-warns-russian-intelligence-hackers.html

Infosecurity Magazine — FBI Sounds Alarm Over Russian Intelligence Signal Phishing https://www.infosecurity-magazine.com/news/fbi-alarm-russian-intelligence/

Rewards for Justice — UNC5792 https://rewardsforjustice.net/rewards/unc5792/

SecurityWeek — US Offers $10 Million Bounty for Russian State Hackers as Messaging App Attacks Evolve https://www.securityweek.com/us-offers-10-million-bounty-for-russian-state-hackers-as-messaging-app-attacks-evolve/

** Watch this episode on YouTube **

https://youtu.be/fxFfY_e_MOI

** Become a Shared Security Supporter **

Get exclusive access to bonus episodes, listen to new episodes before they are released, receive a monthly shout-out on the show, and get a discount code for 15% off merch at the Shared Security store. Become a supporter today by going to our YouTube channel's membership section: https://www.youtube.com/channel/UCg9CCDIYkDDqwEZ3UYaxjnA/join

** Thank you to our sponsors! **

SLNT

Visit https://slnt.com to check out SLNT's amazing line of Faraday bags and other products built to protect your privacy. As a listener of this podcast you receive 10% off your order at checkout using discount code "sharedsecurity".

** Subscribe and follow the podcast **

Subscribe on YouTube: https://www.youtube.com/c/SharedSecurityPodcast

Follow us on Bluesky: https://bsky.app/profile/sharedsecurity.bsky.social

Follow us on Mastodon: https://infosec.exchange/@sharedsecurity

Join us on Reddit: https://www.reddit.com/r/SharedSecurityShow/

Visit our website: https://sharedsecurity.net

Subscribe on your favorite podcast app: https://sharedsecurity.net/subscribe

Sign-up for our email newsletter to receive updates about the podcast, contest announcements, and special offers from our sponsors: https://shared-security.beehiiv.com/subscribe

Leave us a rating and review: https://ratethispodcast.com/sharedsecurity

Contact us: https://sharedsecurity.net/contact