U.S. intelligence agencies have issued a warning about Russian hackers targeting thousands of accounts on popular encrypted messaging apps Signal and WhatsApp. According to a joint statement from the Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA), the attackers have breached accounts belonging to U.S. government officials, military personnel, politicians, and journalists.
The hackers use sophisticated phishing techniques, impersonating official support accounts on the messaging platforms to trick users into clicking malicious links or sharing sensitive verification codes and PINs. In one documented example, an account posing as "Signal Support" warns users about suspicious login attempts and instructs them to reply with verification codes.
user vigilance is ultimately the best defence against phishing
Authorities emphasize that the attacks do not involve breaking the apps' encryption but rather rely on social engineering to gain access. Once compromised, hackers can read messages, access contact lists, and spread further attacks to new victims.
The warning follows similar alerts from intelligence agencies in Portugal, the Netherlands, and France, which have reported Kremlin-linked infiltration of government officials' accounts on these platforms. Signal has stated that its infrastructure has not been compromised and reminded users that legitimate support will never initiate contact to ask for verification codes.
FBI and CISA recommend users treat unknown messages with suspicion, block and report them immediately, enable security features on messaging apps, and never share verification codes or PINs with anyone.