Given it's usage in the past, Signal and it's developers have definitely been a target before now. Not to mention by law enforcement and forensic companies like Cellebrite, which lead to them hitting back in a rather amusing blog post a while back:

https://signal.org/blog/cellebrite-vulnerabilities/