Russian Hackers Target Signal & WhatsApp Accounts of Officials & Journalists

by Anika Shah - Technology
0 comments

Russian Hackers Target Signal and WhatsApp Accounts in Global Cyber Campaign

Russian state-backed hackers are conducting a widespread cyber campaign to infiltrate Signal and WhatsApp accounts belonging to officials, military personnel, and journalists worldwide, according to intelligence agencies in the Netherlands. The campaign aims to gain access to sensitive information exchanged through these encrypted messaging platforms.

Campaign Tactics and Methods

The hackers are employing several tactics to compromise accounts. A primary method involves posing as Signal support chatbots to trick users into revealing their verification and PIN codes, granting the attackers control of the accounts [Reuters]. They are also exploiting the “linked devices” feature within Signal and WhatsApp, allowing them to remotely access messages and group chats without the user’s knowledge [AIVD].

Targets and Impact

Dutch government employees have been specifically targeted and, in some instances, compromised as part of this operation [DutchNews.nl]. Individuals of interest to Russian authorities, including journalists, are also potential targets. The Dutch intelligence services (AIVD and MIVD) believe the campaign has already resulted in the attackers gaining access to sensitive information [AIVD].

Security Concerns with Encrypted Messaging Apps

While Signal and WhatsApp offer end-to-end encryption, Dutch intelligence officials caution that these apps are not suitable for transmitting classified, confidential, or sensitive government information. Vice Admiral Peter Reesink, Director of the MIVD, emphasized that “chat applications such as Signal and WhatsApp…are not channels for classified, confidential or sensitive information” [AIVD]. Signal is a particular target due to its reputation as a secure communication platform widely used by governments [AIVD].

Identifying Potential Compromises

Authorities advise users to be vigilant for signs of account compromise, such as contacts appearing twice in their contact list or numbers listed as “deleted accounts” [AIVD].

Company Responses

WhatsApp stated that users should never share their six-digit verification code with anyone and that the company is continuously developing measures to protect users from online threats [Reuters]. Signal was not immediately available for comment [Reuters].

Related Posts

Leave a Comment