State-Sponsored Phishing Campaign Targets Signal Users

State-Sponsored Phishing Campaign Targets Signal Users

First seen 22 Apr 2026, 14:33 UTC www.verfassungsschutz.dewww.bsi.bund.de 71% similarity 80.0

Article Content

Browse articles
ThreatCluster

On April 22, 2026, the BSI and BfV reported an active phishing campaign targeting high-profile individuals in Germany via the Signal messaging app. The campaign, attributed to a likely state-sponsored actor, focuses on political, military, and diplomatic figures, as well as investigative journalists. Users are advised to take immediate action if they suspect their accounts have been compromised, including changing their PINs and enabling two-factor authentication. The phishing attempts exploit vulnerabilities in messaging services, allowing unauthorized access to private communications and potentially compromising entire chat groups. A joint interactive guide has been published to assist victims in assessing and mitigating risks. The campaign has reportedly gained momentum, indicating an ongoing threat to targeted individuals.

Key Points: • State-sponsored actors are conducting phishing attacks via Signal targeting high-profile individuals. • Immediate actions are recommended for users to secure their accounts against potential compromises. • A joint guide from BSI and BfV provides steps for victims to assess and mitigate risks.

ThreatCluster AI

Timeline

2026-02-06
BSI and BfV issue warning about phishing campaign on Signal.
2026-04-22
Current advisory issued detailing ongoing phishing threats.

Community

Browse all →