TLDR: A new, widespread wave of cyberattacks is actively targeting Signal users, specifically aiming to compromise and steal account backups. Because Signal chats are end-to-end encrypted on device, hackers are shifting focus to where that data might be stored less securely (like cloud backups or via phishing/credential stuffing attacks to gain account access).
I wouldn’t call that “hacking”. That’s like calling someone who walks in after you leave the door unlocked a “lockpicker”.
“Phishing” would be a better word here. Hacking implies a security vulnerability in Signal.
Phishing actually is a core branch of hacking—specifically under Social Engineering. It’s not really like walking through an unlocked door; it’s more like a con artist dressing up as a locksmith and convincing the homeowner to hand over the keys.
Hacking applies to the entire attack surface, which includes the human element, further more there are whole phishing campaigns are heavily automated and often deliver stealer malware, making them a full cyber attack.
This wasn’t a technical compromise of Signal itself, but phishing/social engineering is still a form of hacking.
