According to recent alerts from Dutch intelligence agencies, Russian state-sponsored hackers are actively targeting users of Signal and WhatsApp, focusing primarily on government officials, military personnel, and journalists worldwide.
The Netherlands' Defence Intelligence and Security Service (MIVD) and the General Intelligence and Security Service (AIVD) have unveiled details of a "large-scale global" hacking initiative. These agencies have accused Russian state actors of employing phishing and social engineering tactics to compromise accounts on these popular messaging platforms, rather than utilizing traditional malware.
In their operations against Signal, hackers pose as the app's support team, contacting users with warnings about suspicious activity or potential data breaches. If users fall for these tactics, they are prompted to provide a verification code sent via SMS, which the hackers then use to register a new device and impersonate the target. This process effectively locks the user out of their account, although they can regain access by re-registering their number.
Notably, Signal stores chat histories locally on devices, which means that victims may mistakenly believe nothing has been compromised after regaining access. However, the Dutch intelligence report emphasizes that this assumption could be misleading.
Signal does not offer direct support through the app, and it's crucial to note that adding a new device typically does not grant access to previous messages. As such, users should remain vigilant and skeptical of unsolicited messages.
Additionally, hackers are attempting to deceive users on both applications into scanning malicious QR codes or clicking on harmful links. For instance, a hacker might send a QR code that appears to invite the victim to a chat group, but instead links the hacker's device to the victim's account.
In WhatsApp, the exploitation of the "Linked devices" feature poses further risks. If users are tricked successfully, hackers could gain access to previous messages without the victim realizing it, as they remain logged into their accounts. WhatsApp advises users to never share their six-digit verification codes with anyone.
While Meta, the parent company of WhatsApp, has refrained from commenting on these cyber threats, the Dutch authorities continue to highlight the importance of digital security in an increasingly interconnected world.
As cyber threats evolve, the necessity for robust security measures becomes paramount. This situation underscores the need for users to remain informed and vigilant, as the landscape of digital communication continues to change.
