Dutch intelligence agencies have raised concerns about a sophisticated cyber campaign orchestrated by Russian-backed hackers targeting Signal and WhatsApp accounts used by officials and journalists worldwide. The campaign, as reported by mint – technology, involves phishing techniques where hackers impersonate legitimate entities to deceive users into divulging sensitive information like SMS codes or PINs.
The Ministry of the Interior and Kingdom Relations of the Netherlands highlighted that Dutch government employees and other individuals deemed of interest to the Russian government, including journalists, may be potential targets of this cyber offensive.
The attackers exploit vulnerabilities within Signal and WhatsApp by posing as a genuine Signal support bot to manipulate users into providing verification codes, ultimately granting unauthorized access to the accounts. By coercing victims to input SMS verification codes or Signal PINs, hackers circumvent security measures, enabling complete control over the compromised accounts.
Furthermore, the threat actors employ deceptive tactics involving QR codes and malicious links disguised as group chat invitations to infiltrate users’ accounts surreptitiously. Despite the local chat history storage feature on Signal, victims may mistakenly believe their accounts are secure after re-registering, creating a false sense of safety.
It is crucial for users to remain vigilant against such cyber threats and exercise caution when prompted to disclose sensitive information, especially through unsolicited communications. By staying informed about cybersecurity best practices and scrutinizing unexpected requests for verification codes or personal data, individuals can fortify their defenses against malicious cyber activities.
Source: mint – technology