Russian-backed Hackers Target Signal and WhatsApp Accounts of Key Figures

Severity: High (Score: 77.0)

Sources: Devdiscourse

Summary

Russian-backed hackers have launched a global cyber campaign aimed at compromising Signal and WhatsApp accounts of officials, military personnel, and journalists. The Dutch intelligence agencies, AIVD and MIVD, issued warnings about the campaign's potential to breach sensitive information. Attack methods include sophisticated social engineering tactics, such as impersonating a Signal Support chatbot to extract security codes from users. Additionally, the hackers exploit the 'linked devices' feature in Signal, which may alert users to breaches if contacts appear as 'deleted accounts.' The Dutch authorities have released a cyber advisory urging users to avoid using these apps for sensitive communications. The campaign poses a significant risk to personal accounts and secure group chats, potentially exposing sensitive data. As of March 12, 2026, the situation remains critical, with ongoing efforts to enhance security measures. Key Points: • Russian-backed hackers are targeting Signal and WhatsApp accounts of key figures. • Attack methods include social engineering and exploiting Signal's linked devices feature. • Dutch intelligence agencies have issued advisories urging caution with these apps.

Key Entities

• Phishing (attack_type)
• T1566 - Phishing (mitre_attack)
• Signal (company)
• WhatsApp (platform)