Russian government hackers targeting Signal and WhatsApp users, Dutch spies warn

Dutch intelligence has warned that Russian government hackers are targeting Signal and WhatsApp users, especially officials and journalists, using phishing techniques. Hackers impersonate support teams, potentially gaining access to personal accounts. Victims may be misled into thinking they’ve lost no data after being locked out. Reports highlight this is consistent with techniques used in the Ukraine conflict.

Key Points

• Dutch intelligence (MIVD, AIVD) reports a global hacking campaign against Signal and WhatsApp users.
• Targeted individuals include government officials, military personnel, and journalists.
• Hackers use social engineering and phishing instead of malware.
• In Signal, they impersonate support to request verification codes and PINs.
• Victims may regain access to chat history but might be unaware of compromised accounts.
• For WhatsApp, hackers exploit the 'Linked devices' feature to read past messages.
• Hackers use malicious QR codes and links to trick users into granting access.

Relevance

• This hacking campaign reflects ongoing cyber activities by Russian state actors, particularly in the context of the Ukraine conflict.
• Phishing and social engineering tactics have been on the rise globally, becoming primary concerns for IT security in 2025.
• Increased focus on privacy and security of messaging applications is aligned with current IT trends emphasizing user awareness and defensive strategies.

The reported hacking campaign underscores the vulnerabilities in widely-used messaging apps and highlights the ongoing threat of state-sponsored cyber activities, particularly amid geopolitical tensions. Users are urged to remain vigilant against these sophisticated phishing tactics.