{"id":4782,"date":"2026-03-10T12:36:46","date_gmt":"2026-03-10T12:36:46","guid":{"rendered":"https:\/\/ft365.org\/index.php\/2026\/03\/10\/russian-hackers-target-whatsapp-and-signal-accounts-of-global-military-and-government-officials\/"},"modified":"2026-03-10T12:36:46","modified_gmt":"2026-03-10T12:36:46","slug":"russian-hackers-target-whatsapp-and-signal-accounts-of-global-military-and-government-officials","status":"publish","type":"post","link":"https:\/\/ft365.org\/index.php\/2026\/03\/10\/russian-hackers-target-whatsapp-and-signal-accounts-of-global-military-and-government-officials\/","title":{"rendered":"Russian Hackers Target WhatsApp and Signal Accounts of Global Military and Government Officials"},"content":{"rendered":"
\n

\"Photo<\/p>\n<\/div>\n

\n

A global campaign by Russian nation state operatives to access targets\u2019 encrypted messaging apps has been uncovered by Dutch intelligence.<\/p>\n

Published on\u00a0March 9, a\u00a0joint missive from the Dutch domestic (AIVD) and military intelligence (MIVD) services warned that some of the country\u2019s government employees had already been victimized in the campaign.<\/p>\n

It claimed that military personnel, civil servants, journalists and \u201cother persons of interest\u201d may also be on the target list.<\/p>\n

The \u201clarge-scale\u201d campaign is focused on hacking individual Signal and WhatsApp accounts. Because these are end-to-end encrypted services, they\u2019re often favored by privacy and security-conscious users.<\/p>\n

\u201cDespite their end-to-end encryption option, messaging apps such as Signal and WhatsApp should not be used as channels for classified, confidential or sensitive information,\u201d warned MIVD director, vice-admiral Peter Reesink.<\/p>\n

Read more on Russian hacking of messaging services: Lookout Discovers New Spyware Deployed by Russia and China.<\/em><\/p>\n

The attacks take several forms. The most common involves adversaries impersonating a \u2018Signal Support chatbot\u2019 in unsolicited messages.<\/p>\n

According to screenshots posted by Signal, users receive a message from the fake bot claiming suspicious activity on their account and requesting that they enter their SMS verification code or Signal PIN.<\/p>\n

\u201cWe also want to emphasize that Signal Support will *never* initiate contact via in-app messages, SMS, or social media to ask for your verification code or PIN,\u201d Signal clarified in a series of social media posts. \u201cIf anyone asks for any Signal related code, it is a scam. We make this clear when users receive their SMS code during initial signup.\u201d<\/p>\n

Another method used by the Russian threat actors takes advantage of the \u201clinked devices\u201d function within Signal and WhatsApp. These attacks start with persuading the victim to scan a QR code or click on a link.<\/p>\n

Russian hackers were observed using similar techniques to spy on Ukrainian military and government officials\u00a0last year.<\/p>\n

How to Spot a Russian Hacker<\/strong><\/h2>\n

AIVD and MIVD have produced a handy guide to help keep high-value users of the messaging apps safe from such account hijacking attempts.<\/p>\n

They urged Signal users to check if contacts appear twice in their list of group members, which could indicate malicious activity.<\/p>\n

If out-of-band verification proves inconclusive, group admins should be contacted to remove both identical-looking accounts so that the real one can request to rejoin the group, the AIVD\/MIVD said.<\/p>\n

They also warned that nefarious actors may try to change the display name of a compromised account (e.g. to ‘Deleted account’) to remain unnoticed in chat groups. If members receive a notification of this change, it\u2019s likely to be a malicious act, the report claimed.<\/p>\n

Ben Clarke, SOC manager\u00a0at\u00a0CybaVerse, said informal use of platforms like WhatsApp means they\u2019re unlikely to have been audited by corporate IT security teams.<\/p>\n

\u201cThird party consumer-oriented platforms like Signal and WhatsApp are ultimately not developed with state-level usage in mind, and they lack the protocols and stringency that more bespoke systems are designed around,\u201d he continued.<\/p>\n

\u201cAttacking these third-party channels can be especially lucrative for state actors, who are able to dedicate the time and resources into crafting spear phishing campaigns that are tailored and highly relevant to small groups and specific individuals.\u201d<\/p>\n

Image credit:\u00a0miss.cabul \/ Shutterstock.com<\/em><\/p>\n<\/p><\/div>\n","protected":false},"excerpt":{"rendered":"

A global campaign by Russian nation state operatives to access targets\u2019 encrypted messaging apps has been uncovered by Dutch intelligence. Published on\u00a0March 9, a\u00a0joint missive from the Dutch domestic (AIVD) and military intelligence (MIVD) services warned that some of the country\u2019s government employees had already been victimized in the campaign. It claimed that military personnel<\/p>\n","protected":false},"author":2,"featured_media":4783,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-4782","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-uncategorized"],"featured_image_urls":{"full":["https:\/\/ft365.org\/wp-content\/uploads\/2026\/03\/4782-fa3684e9-8480-4929-95eb-02216bfdad83.jpg",300,300,false],"thumbnail":["https:\/\/ft365.org\/wp-content\/uploads\/2026\/03\/4782-fa3684e9-8480-4929-95eb-02216bfdad83-150x150.jpg",150,150,true],"medium":["https:\/\/ft365.org\/wp-content\/uploads\/2026\/03\/4782-fa3684e9-8480-4929-95eb-02216bfdad83.jpg",300,300,false],"medium_large":["https:\/\/ft365.org\/wp-content\/uploads\/2026\/03\/4782-fa3684e9-8480-4929-95eb-02216bfdad83.jpg",300,300,false],"large":["https:\/\/ft365.org\/wp-content\/uploads\/2026\/03\/4782-fa3684e9-8480-4929-95eb-02216bfdad83.jpg",300,300,false],"1536x1536":["https:\/\/ft365.org\/wp-content\/uploads\/2026\/03\/4782-fa3684e9-8480-4929-95eb-02216bfdad83.jpg",300,300,false],"2048x2048":["https:\/\/ft365.org\/wp-content\/uploads\/2026\/03\/4782-fa3684e9-8480-4929-95eb-02216bfdad83.jpg",300,300,false],"morenews-featured":["https:\/\/ft365.org\/wp-content\/uploads\/2026\/03\/4782-fa3684e9-8480-4929-95eb-02216bfdad83.jpg",300,300,false],"morenews-large":["https:\/\/ft365.org\/wp-content\/uploads\/2026\/03\/4782-fa3684e9-8480-4929-95eb-02216bfdad83.jpg",300,300,false],"morenews-medium":["https:\/\/ft365.org\/wp-content\/uploads\/2026\/03\/4782-fa3684e9-8480-4929-95eb-02216bfdad83.jpg",300,300,false],"crawlomatic_preview_image":["https:\/\/ft365.org\/wp-content\/uploads\/2026\/03\/4782-fa3684e9-8480-4929-95eb-02216bfdad83-146x146.jpg",146,146,true]},"author_info":{"display_name":"henry","author_link":"https:\/\/ft365.org\/index.php\/author\/henry\/"},"category_info":"Uncategorized<\/a>","tag_info":"Uncategorized","comment_count":"0","_links":{"self":[{"href":"https:\/\/ft365.org\/index.php\/wp-json\/wp\/v2\/posts\/4782","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/ft365.org\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/ft365.org\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/ft365.org\/index.php\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/ft365.org\/index.php\/wp-json\/wp\/v2\/comments?post=4782"}],"version-history":[{"count":0,"href":"https:\/\/ft365.org\/index.php\/wp-json\/wp\/v2\/posts\/4782\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/ft365.org\/index.php\/wp-json\/wp\/v2\/media\/4783"}],"wp:attachment":[{"href":"https:\/\/ft365.org\/index.php\/wp-json\/wp\/v2\/media?parent=4782"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/ft365.org\/index.php\/wp-json\/wp\/v2\/categories?post=4782"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/ft365.org\/index.php\/wp-json\/wp\/v2\/tags?post=4782"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}