Signal Warns Users of Russia-Backed Hacking Campaign

Signal has issued a warning to users about a Russia-backed hacking campaign targeting high-profile individuals on the messaging platform. According to Dutch intelligence agencies, the campaign involves sophisticated phishing techniques aimed at obtaining account details and verification codes from government officials, military personnel, and journalists.

The General Intelligence and Security Service (AIVD) and Military Intelligence and Security Service (MIVD) of the Netherlands reported that hackers are impersonating support staff to trick users into sharing their Signal PIN codes and SMS verification codes. This allows attackers to gain access to personal accounts and linked devices.

Signal has reiterated that its systems remain secure but is taking reports of such activity 'very seriously.' The company advises users not to share their PIN codes or verification codes with anyone, as these are crucial for securing their accounts. WhatsApp has issued similar warnings, emphasizing the importance of not sharing six-digit verification codes.

Muhammad Yahya Patel, a cybersecurity advisor at security firm Huntress, noted that hackers are increasingly targeting 'human bugs'—exploiting how users interact with apps rather than looking for vulnerabilities in code. Features like QR codes and text verification codes have become primary attack vectors.

Dutch intelligence services believe Russia targeted Signal due to its reputation as a highly secure app, making it popular among officials seeking secure communication channels. However, they caution that even end-to-end encryption cannot protect accounts if compromised through social engineering. MIVD director Peter Reesink advised against using messaging apps like Signal and WhatsApp for classified or sensitive information.