Google revela cómo Rusia lo hackeó en Ucrania.

In February 2025, Google's Threat Intelligence Group (GTI) reported that Russian hackers had compromised Signal accounts in Ukraine using various methods. Russian hackers from the military intelligence service GRU, known as APT44, exploited the app's "linked devices" feature and tricked Ukrainian personnel into scanning malicious QR codes or clicking on links found in group invitations. These actions allowed the hackers to intercept messages in real time.

Despite being considered highly secure, Signal has not been authorized by the US government for use in national security or intelligence matters. However, weeks after Google's report, top US officials, including Vice President J.D. Vance, Secretary of State Mark Rubio, Defense Secretary Pete Hegseth, and National Security Advisor Mike Waltz, used Signal to discuss operational plans to attack the Houthis in Yemen.

In one of the worst security breaches in years, Waltz added Atlantic editor-in-chief Jeffrey Goldberg to the Signal group where officials discussed the operation. Hegseth also shared full operational plans, including detailed information about weapons, targets, and the timing of attacks. This leak could have been damaging if the information fell into the wrong hands.

The Signal app was not hacked and its end-to-end encryption was also not broken. However, the misuse of the app by US officials and the possibility of hackers manipulating users into giving access to their accounts makes its use highly problematic.

Google's report highlighted that the tactics and methods used to target Signal could extend beyond Ukraine to other regions and actors as well. Other messaging apps such as WhatsApp and Telegram, which have similar functionality, could also become targets of similar lures.

The misuse of Signal by US officials has raised concerns about the security of sensitive communications. Such discussions are typically conducted on secure in-house devices and networks authorized by the US federal government. Attendees are typically required to keep their phones outside the room during such meetings. Signal's use violates these security protocols.

Adding a journalist to a Signal group chat, even inadvertently, could result in prosecution under the Espionage Act if the information is leaked. Even if Goldberg did not make the operational plan public, someone aligned with an adversary could have done so, potentially hindering the operation or risking the exposure of spies or intelligence sources.

Google's findings underscore the importance of secure communication channels in military and intelligence operations. While Signal is considered a benchmark for secure, end-to-end encrypted messaging, its security could be compromised if users are manipulated into giving up access to their accounts.

The president of the Signal app, Meredith Whittaker, defended the security of the app, emphasizing its open-source nature and privacy-preserving technology. However, the potential for US authorities to abuse Signal and manipulate users into giving access highlights the need to exercise caution and follow established security protocols.