alt Hacker News> Do you have reason to think there is not confirmation?
The reason is just that in the article it says:
> threat actors have resorted to crafting malicious QR codes that, when scanned, will link a victim's account to an actor-controlled Signal instance
That phrasing suggests to me that the scanning of the QR code, on its own, performs the linking. That may not be the case, but if so I'd say the wording is misleading or at least imprecise.
In fairness, I think it's misleading to you due to the details you are interested in. They don't say otherwise and they can't lay out every detail that anyone might be interested in; it's not an RFC.