New Delhi: The US’s Federal Bureau of Investigation (FBI) and Cybersecurity and Infrastructure Security Agency (CISA) have cautioned that Russian Intelligence Services (RIS) and its allies are involved in phishing campaigns that are targeting messaging applications like Signal.
“The FBI has identified cyber actors associated with Russian Intelligence Services targeting users of commercial messaging applications, including Signal,” FBI Director Kash Patel said in a statement posted on X.
“The campaign targets individuals of high intelligence value, including current and former U.S. government officials, military personnel, political figures, and journalists,” Patel added.
Phishing is a form of scam where attackers impersonate trusted entities—banks, colleagues, or brands—via email, text or phone to steal sensitive data like passwords, credit card numbers, or personal information.
While warning end users to take proper precautions, Patel asserted that RIS efforts resulted in unauthorised access to thousands of individual accounts, allowing the actors to view messages and contact lists, send messages to victims, and widen the phishing net.
Earlier this month, the Dutch Intelligence Agency (AIVD) and security services (MIVD) also alleged that Russian State hackers were engaging in a large-scale cyber campaign to gain access to Signal and WhatsApp accounts belonging to dignitaries, military personnel and civil servants.
General Intelligence and Security Service, Ministry of the Interior and Kingdom Relations, the Netherlands, said in a statement, “MIVD and AIVD can confirm that targets and victims of the campaign include Dutch government employees. The Dutch services also believe that other persons of interest to the Russian government, such as journalists, may possibly be targeted by this campaign.”
Also Read: ‘Possibly orchestrated’: Kyiv expresses ‘serious concern’ over terror charges against 6 Ukrainians
The phishing process
According to FBI and CISA, the Russian hackers’ phishing messages masquerade as automated support accounts of the messaging apps. The messages are tailored to deceive users into believing they are genuine. By clicking or providing the verification code, the hackers gain control over sensitive information.
Once access is obtained, hackers can use additional techniques, such as malware, to infect the targeted device.
According to FBI & CISA, phishing is one of the simplest yet effective means of cyber compromise. This process often renders other protective measures, including end-to-end encryption, ineffective.
While advising users, the statement noted, “Users are also reminded to use caution regarding the type of information disseminated and/or discussed on CMAs (commercial messaging apps). While encryption remains effective, phishing allows malicious actors to bypass the encryption entirely by gaining access to user accounts.”
The statement provided guidelines to users in case any suspicious activity is noticed. If the user feels uneasy, they should pause, stop interacting, and never share any sensitive information.
(Edited by Varnika Dhawan)
Also Read: Russia’s eyes for Iran: Moscow intel reportedly helping Tehran pick targets in Iran war