Published on
Russian hackers have breached thousands of accounts on widely used messaging apps belonging to US government officials, military personnel, politicians, and journalists, according to US intelligence agencies.
The attackers impersonate official support accounts on popular messaging platforms, luring users to click malicious links or share sensitive information, such as verification codes or PINs.
In a joint statement, the US Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) said last week that the scheme is designed to trick a user into clicking on a link or sharing verification codes or PINs.
In one example, an account called “Signal Support” warns a user that a suspicious login attempt has been detected and instructs them to reply with a verification code.
The hackers can then force the victims out of their accounts. Hackers may impersonate them, send phishing links in messages to their contacts to continue the attacks, the statement said.
The FBI and CISA suggest treating unknown messages with suspicion by blocking and reporting them immediately and enabling security features on their messaging apps.
Euronews Next contacted the messaging apps Signal and WhatsApp, but did not receive immediate replies.
The warning follows similar alerts earlier this month from agencies in Portugal and the Netherlands, which say the Kremlin infiltrated WhatsApp and Signal accounts of government officials, diplomats and military personnel.
Russia has a keen interest in Signal because of its “good reputation,” as a secure and reliable independent communication channel for officials that use end-to-end encryption, the Dutch General Intelligence and Security Services (MIVD and AIVD) said in a statement earlier this month.
Last week, France’s Cyber Crisis Coordination Center (C4) also issued an alert about the same targets on messaging platforms.
Signal wrote on X earlier this month that its infrastructure had not been compromised in the attacks. It reminded users that app support will “never initiate contact via in-app messages, SMS or social media” to ask for a verification code.
“While we build robust technical safeguards, user vigilance is ultimately the best defence against phishing,” Signal wrote. “Please stay alert, and never share your SMS verification code or Signal PIN with anyone.”
