Russia-Backed Hackers Target Officials and Journalists via Signal, WhatsApp

Russia-backed hackers have launched a global cyber campaign targeting officials, military personnel, and journalists by compromising their Signal and WhatsApp accounts. Dutch intelligence agencies, including the General Dutch Intelligence Agency (AIVD) and the Dutch Military Intelligence and Security Service (MIVD), revealed that users are tricked into divulging security verification and PIN codes through initiated chats, often impersonating Signal Support. This grants hackers access to personal accounts and sensitive information.

Targets include Dutch government employees and journalists. Despite end-to-end encryption, messaging apps like Signal and WhatsApp are prime targets for malicious actors seeking confidential data. WhatsApp stated users should never share their six-digit codes and is working to enhance protection. The agencies advised against using these apps for classified or sensitive information.

Indicators of compromise include contacts appearing twice or showing as 'deleted account.' Dutch authorities have issued advisories and are assisting colleagues to neutralize the threat.