Germany suspects Russia is responsible for a series of phishing attacks targeting Signal accounts belonging to senior politicians, military personnel, and journalists, a German government spokesperson confirmed in April 2026. Federal prosecutors opened a preliminary investigation in mid-February 2026 into the alleged cyberattacks, which include an initial suspicion of espionage.
According to German magazine Der Spiegel, around 300 Signal accounts held by individuals in Germany’s political sphere were compromised. Targets included two government ministers. Victims received messages from a fake Signal security chatbot claiming suspicious activity had been detected on their accounts and urging immediate action. When users followed the instructions — entering a PIN or scanning a QR code — their Signal accounts were linked to an external device controlled by the attackers, giving hackers access to past and ongoing conversations, address books, and other stored data.
Germany’s domestic intelligence service BfV and federal cybersecurity authority BSI had issued a public warning about the phishing campaign in February 2026, describing it as “likely being carried out by a state-controlled cyber actor.” German authorities also personally contacted several politicians to warn them they may have been targeted.
The German government has not yet officially attributed the attacks to Russia, and federal prosecutors declined to name a specific country. The Russian embassy in Berlin did not respond to a request for comment. Moscow has repeatedly denied conducting espionage against other nations.
The suspected campaign is not isolated. In March 2026, Dutch intelligence services warned that Russian state hackers were running a “large-scale global cyber campaign” targeting Signal and WhatsApp accounts of government officials, military personnel, civil servants, and journalists — including Dutch government employees.
The attacks come amid sustained pressure on European governments from cyberattacks linked to Russia by Western officials, following Moscow’s full-scale invasion of Ukraine in February 2022. The scale of the Signal campaign — spanning multiple countries and hundreds of accounts — suggests this could represent a broader, coordinated intelligence-gathering effort targeting European political and military communications.
Source: mint – technology