Tue Apr 01 16:00:00 UTC 2025: **NSA Warns of User Errors Exposing Secure Messaging Apps Like Signal, WhatsApp**
WASHINGTON – The US National Security Agency (NSA) has issued a warning to iPhone and Android users regarding the security of popular messaging apps like Signal, WhatsApp, and Telegram. While the apps themselves offer end-to-end encryption, the NSA emphasizes that user behavior poses a significant vulnerability. A recent incident involving Russian hackers targeting Ukrainian officials via Signal highlighted this risk. The attack exploited user vulnerabilities, not flaws in the app itself.
The NSA’s warning focuses on two key areas: “Linked Devices” and “Group Links.” “Linked Devices” allows users to access their messages across multiple devices; however, unauthorized linking can compromise security. “Group Links,” used to invite members to group chats, can be hijacked, potentially allowing attackers to link their devices and access conversations.
The NSA advises users to regularly check their “Linked Devices” settings in both Signal and WhatsApp, removing any unrecognized devices. For Group Links, users should disable them in Signal or avoid using them for sensitive conversations in WhatsApp, setting the group to allow only admins to add members. The agency also recommends setting strong PINs, enabling screen locks, and avoiding sharing contact or status information broadly.
While end-to-end encryption protects messages during transmission, the NSA stresses that individual devices remain vulnerable to compromise via spyware or user error. The agency’s advice echoes concerns raised by other cybersecurity agencies, who have emphasized the importance of using end-to-end encrypted messaging apps but also highlighted the need for users to practice strong security habits. The recent update allowing iPhone users to set WhatsApp as their default messaging app does not eliminate these user-related risks. The NSA and other experts emphasize the importance of keeping phones updated, avoiding risky apps, and exercising caution with links and attachments.
First Piper 