Russia hacking WhatsApp, Signal accounts of Dutch government officials
What's the story
The Dutch intelligence agencies have warned about a global cyber campaign launched by Russia-backed hackers. The campaign is aimed at breaching the Signal and WhatsApp accounts of government officials, military personnel, and journalists. The General Dutch Intelligence Agency (AIVD) and the Dutch Military Intelligence and Security Service (MIVD) issued a statement today alerting users to this threat.
Tactics
Hackers trick users into giving away security verification
The hackers have been tricking users in chats they start by asking them to give away their security verification and pin codes. This gives the attackers access to personal accounts and group chats. The AIVD and MIVD warned that "the Russian hackers have likely gained access to sensitive information," through this method.
Victims
Cyber campaign has targeted government employees, journalists
The cyber campaign has targeted Dutch government employees and journalists. The AIVD and MIVD noted that chat apps like Signal and WhatsApp are popular among government officials for sharing confidential or classified information. This makes them "the ideal place for malicious actors to try to capture sensitive information," the agencies said in their statement.
Response
WhatsApp warns users against sharing 6-digit codes
In light of the cyber campaign, WhatsApp has warned its users never to share their six-digit code with others. The company also said it is working on ways to protect people from online threats. However, Signal has not yet responded to the warnings.
Strategy
Hackers pretend to be Signal support chatbot
The hackers mostly pretend to be a Signal Support chatbot to trick their targets into giving away their codes. This then lets them take control of the accounts. Another method which is used by these hackers is via the 'linked devices' function within Signal, further complicating the security landscape for users.