The FBI exploited an iOS notification feature to recover deleted Signal messages. Learn how this vulnerability works and how to protect your privacy.
© A. Krivonosov
The U.S. Federal Bureau of Investigation managed to recover deleted messages from the Signal messenger by exploiting a specific feature of iOS. It turns out that the system stores the content of push notifications in the device's internal memory, allowing access to parts of conversations even after the app is deleted.
This method came to light during an investigation related to an incident at a migrant detention center in Texas. Despite Signal's high level of protection and end-to-end encryption, investigators were able to extract incoming messages because notifications with text were preserved at the operating system level.
Signal's developers aren't directly responsible for this vulnerability, as the issue is tied to iOS architecture. Even if the messenger's settings hide notification text, the system may continue storing fragments of them, creating a potential privacy risk.
Investigators note that access was only possible to incoming messages, while sent data remained unavailable. Still, this case serves as one of the first confirmations that even secure messengers can be vulnerable due to operating system quirks.
Experts emphasize that similar problems could affect other apps, not just Signal. They recommend users limit notification content or disable notifications entirely to reduce the risk of personal information leaks.