German government warns of phishing attacks targeting lawmakers via Signal
German security services have warned of phishing attacks targeting lawmakers via the Signal messaging app, believed to be linked to Russian state-controlled cyber actors.
At least 300 political accounts were reportedly compromised, indicating a significant breach that poses risks to numerous high-profile figures and government integrity.
“The federal government is assuming that the phishing campaign targeting the Signal messaging service was presumably run from Russia,” stated a government source to AFP.
Key developments
German and foreign security services have warned of phishing attacks targeting lawmakers and senior officials via the Signal messaging app, linked to a “state-controlled cyber actor,” believed to be Russia.
Reports suggest that at least 300 accounts belonging to political figures were compromised, with the attackers impersonating Signal support to prompt users for sensitive information.
The Bundestag is discussing measures to address these incidents, with a proposal to potentially restrict the desktop version of Signal on official computers under consideration.
Germany suspects Russia of Signal phishing attacks targeting politicians
German and foreign security services have reissued a warning for phishing attacks targeting lawmakers and senior government officials via the Signal messaging application, in what is believed to be the work of a “state-controlled cyber actor”.
The German government believes Russia is behind the phishing attacks.
“The federal government is assuming that the phishing campaign targeting the Signal messaging service was presumably run from Russia,” a government source told press agency AFP.
Victims are reportedly sent messages from Signal support, which asks them to enter a PIN, open a link or scan a QR code. If the scam is successful, the hackers can gain access to messages, chat groups and photos and files shared by the user.
The attackers can also impersonate the person whose account has been compromised.
While the government has not elaborated on how many lawmakers were affected by the phishing campaign, local media estimate at least 300 accounts belonging to political figures were compromised.
Many users had made the move from WhatsApp to Signal following privacy concerns after WhatsApp said it would share metadata with parent company Meta, which owns Facebook and Instagram.
“The number of unreported cases will continue to rise in the coming days,” Konstantin von Notz, an MP who is deputy chief of the intelligence oversight committee told AFP.
“At present, no one can say with any certainty whether the integrity of MPs’ communications is still guaranteed,” he added.
In addition to high-profile politicians, civil servants, diplomats, military personnel and journalists were also targeted.
The Bundestag is now debating how to deal with the incidents. Vice-President of the German Bundestag Andrea Lindholz (CSU) rejects a ban on using Signal, and said she believes MPs are free to make their own decisions.
However, the question was raised whether the desktop version of the Signal app should be restricted on Bundestag computers.
Germany is Ukraine’s biggest provider of military aid and has frequently been the target of cyberattacks, as well as espionage and sabotage plots since Russia’s full-scale invasion of Ukraine in 2022.
Moscow has repeatedly denied involvement in any such actions.
Additional sources • AFP