The popular encrypted messaging app Signal denied claims of an alleged zero-day vulnerability in its platform. The company launched an investigation into the claims after they have seen the vague viral reports alleging a zero-day vulnerability.
“PSA: we have seen the vague viral reports alleging a Signal 0-day vulnerability. After responsible investigation *we have no evidence that suggests this vulnerability is real* nor has any additional info been shared via our official reporting channels.” reads the tweet published by the company.
The company also added that it has checked with the U.S. Government to determine if they were aware of a zero-day exploit for their platform.
Rumors circulated over the weekend about a zero-day flaw in the Signal platform that could be exploited to take over the target device. Some researchers reported that the flaw affected the link preview feature of the mobile app and urged users to disable it. Researchers fear that commercial surveillance vendors could be aware of a zero-day vulnerability in the Signal app that allowed their spyware to completely control the target devices.
(SecurityAffairs – hacking, Signal)