German security services have issued a renewed warning about phishing attacks targeting lawmakers and senior government officials via the Signal messaging application. The federal government suspects Russia is behind the campaign, identifying it as the work of a "state-controlled cyber actor."
Victims are reportedly tricked into entering PINs, clicking links, or scanning QR codes presented as Signal support messages. Successful attacks grant hackers access to messages, chat groups, photos, and files, allowing them to impersonate compromised users.
While official numbers are undisclosed, local media estimates suggest at least 300 political accounts may have been compromised. The targeted individuals include not only high-profile politicians but also civil servants, diplomats, military personnel, and journalists.
The Bundestag is currently discussing responses, with some advocating for restrictions on Signal's desktop version on parliamentary computers. Germany, a significant provider of military aid to Ukraine, has been a frequent target of cyberattacks and espionage since Russia's 2022 invasion.