Russia-Backed Hackers Breach Signal and WhatsApp Accounts of Officials and Journalists, Netherlands Warns



AMSTERDAM, March 9 – Russian-backed hackers have launched a global cyber campaign targeting Signal and WhatsApp accounts used by government officials, military personnel, and journalists, according to the General Dutch Intelligence Agency (AIVD) and the Dutch Military Intelligence and Security Service (MIVD).

The campaign involves tricking users into sharing security verification codes and PINs, often through chats that impersonate Signal Support chatbots. This allows hackers to gain control over personal accounts and group chats. Another method used is exploiting Signal’s “linked devices” function.

Authorities note that signs of a compromised account include duplicate contacts appearing in a user’s contact list or numbers showing up as “deleted account.” Dutch officials have issued a cyber advisory to government employees and offered guidance to remove the threat.

“The Russian hackers have likely gained access to sensitive information,” the agencies said, warning that targets include Dutch government employees and journalists. Messaging apps, while offering end-to-end encryption, are still vulnerable to social engineering attacks and should not be used to share classified, confidential, or sensitive information, said MIVD director Vice-Admiral Peter Reesink.

WhatsApp reminded users never to share their six-digit verification codes and said it continues to improve safeguards against online threats.

This warning underscores the ongoing risk of state-backed cyber attacks on secure communication channels.