Russian intelligence-linked hackers target Signal users, accessing thousands of accounts

Russian intelligence-linked hackers have launched a sophisticated phishing campaign targeting users of the encrypted messaging app Signal.

“The FBI has issued a public service announcement warning that Russian intelligence-linked threat actors are actively targeting users of encrypted messaging apps such as Signal and WhatsApp in phishing campaigns that have already compromised thousands of accounts”

Bleeping Computer

According to multiple sources, thousands of accounts have been compromised globally through this campaign.

Bleeping Computer

FBI Director Kash Patel confirmed that cyber actors associated with Russian Intelligence Services are systematically targeting individuals.

High-value targets include current and former US government officials, military personnel, political figures, and journalists.

The campaign represents a significant security breach affecting multiple countries worldwide.

Authorities report the attacks use deceptive social engineering tactics rather than technical vulnerabilities in the apps themselves.

The Russian hackers employ sophisticated social engineering techniques to bypass Signal's end-to-end encryption.

They primarily impersonate automated support accounts to trick users into compromising their own security.

Blockonomi

According to cybersecurity sources, attackers send messages masquerading as legitimate app support.

These messages request targets to click links, provide verification codes, or submit account PINs.

The phishing messages are carefully crafted to appear legitimate and urgent.

This creates a chain of trust-based attacks that are difficult for recipients to detect.

Once users perform these actions, hackers achieve 'full account takeover' without breaking encryption.

Once Russian hackers gain access to compromised Signal accounts, they gain comprehensive monitoring capabilities.

“FBI and the United States Cybersecurity and Infrastructure Security Agency (CISA) warned about a global campaign of cyberattacks linked to Russia that targets users of messaging apps”

Corrientes Te Informa

Multiple sources confirm attackers can view private messages and contact lists.

They can send messages as the legitimate user to their contacts.

Hackers conduct further phishing campaigns using the compromised account as a trusted source.

This creates a dangerous situation where victims' communications are silently monitored.

Their social networks are used to target additional victims.

Detection becomes more difficult as the campaign amplifies across multiple countries and organizational boundaries.

The international cybersecurity community has responded with coordinated warnings from multiple countries.

Dutch intelligence agencies were among the first to warn about similar account-hijacking operations.

Devdiscourse

They emphasized attacks rely on tricking users rather than exploiting technical vulnerabilities.

France's Cyber Crisis Coordination Center (C4) published an alert confirming the activity is widespread.

The campaign is ongoing across multiple countries according to international authorities.

Signal itself acknowledged the campaign on March 9.

Signal reassured users that encryption and infrastructure remain robust.

The platform urged vigilance against sophisticated phishing campaigns.

The timing of the Russian hacking campaign coincides with heightened concerns about secure communications.

“Russian-linked hackers phishing Signal users, other apps to hijack accounts, FBI warns U”

KRNV

Signal gained significant attention in US political circles during Trump's second term.

KRNV

Administration officials used the app to discuss potentially classified military operations.

This included air strikes against Yemen's Houthis in group chats accidentally shared with journalists.

This history makes Signal attractive for intelligence operations seeking government communications.

It highlights tension between secure messaging platforms and proper security protocols.

High-level officials handling classified information face particular security challenges.