ASA-2019-00154 – Signal Private Messenger: Internationalized domain name (IDN) homograph attacks

Signal Desktop and Android are vulnerable to an IDN homograph attack when displaying messages containing URLs. Homograph attack is a security vulnerability that can deceive users into thinking they are visiting a certain website when in fact they are directed to a different, but homograph, domain name. This type of vulnerability can be used to weaponize social engineering, significantly increasing the chances for a successful attack.