Russian Hackers Target Dutch WhatsApp & Signal Users

by Daniel Perez - News Editor
0 comments

Russian Hackers Target Signal and WhatsApp Users in Global Cyber Campaign

Russian state-backed hackers are conducting a widespread cyber campaign to gain access to Signal and WhatsApp accounts belonging to government officials, military personnel, journalists, and other individuals of interest, Dutch intelligence agencies have warned. The campaign relies on social engineering tactics rather than technical exploits of the messaging apps themselves.

Details of the Cyber Campaign

The Dutch General Intelligence and Security Service (AIVD) and the Defence Intelligence and Security Service (MIVD) confirmed the ongoing operation, which aims to compromise accounts by tricking users into revealing security verification codes and PINs. The hackers are primarily using phishing and social engineering techniques, according to TechCrunch.

Methods Used by Hackers

  • Signal Support Impersonation: Hackers are posing as Signal support chatbots, contacting users directly with claims of suspicious activity, potential data leaks, or unauthorized access attempts. They then request verification codes and PINs to “resolve” the issue. AIVD reports this is the most frequently observed method.
  • Exploiting Linked Devices: The campaign also leverages the “linked devices” feature in both Signal and WhatsApp. Once an account is compromised, hackers can access incoming messages, including those in group chats. AIVD confirms hackers likely gained access to sensitive information through this method.

Why Signal?

Despite the end-to-end encryption offered by Signal, the Dutch services believe Russia’s focus on the app stems from its reputation for reliability and independence. This makes it a popular choice for secure government communication, but also an attractive target for malicious actors seeking sensitive information. AIVD stated that Signal’s good reputation is a key factor.

What Happens After a Compromise?

Once hackers gain access to an account, they can read messages and potentially access contacts. While users can re-register their phone number and regain access to their chat history, the Dutch services warn that this does not guarantee the account is secure. Hackers may still have access to the account through linked devices or other means. TechCrunch highlights the potential for a false sense of security after re-registration.

Official Statements

“It is not the case that Signal or WhatsApp as a whole have been compromised. Individual user accounts are being targeted,” stated Director-General of the AIVD, Simone Smit, according to Help Net Security. Vice Admiral Peter Reesink, Director of the MIVD, emphasized that chat applications like Signal and WhatsApp are not suitable for classified or sensitive information, despite their encryption.

How to Protect Yourself

  • Be wary of unsolicited messages, even those appearing to be from official support channels.
  • Never share verification codes or PINs with anyone.
  • Monitor group chats for duplicate identities, which could indicate a compromised account.

As of March 9, 2026, Dutch intelligence agencies are continuing to investigate the extent of the cyber campaign and are working to mitigate its impact. Reddit users are also discussing the issue and sharing information.

Related Posts

Leave a Comment