Russian hackers targeting US officials on Signal, says FBI
What's the story
The Federal Bureau of Investigation (FBI) has issued a warning about Russian hackers targeting US officials and other high-profile individuals on the encrypted messaging app, Signal. The cyber actors associated with Russian Intelligence Services have compromised "thousands" of accounts globally. The campaign specifically targets current and former US government officials, military personnel, political figures as well as journalists.
Cyber tactics
Hackers using automated messages to trick users
A public service announcement by the FBI and CISA said that the Russian hackers are using a tactic of sending messages that appear to be from automated support accounts on commercial messaging apps. These messages trick users into taking certain actions, like clicking a link or sharing verification codes or account PINs. If these actions are taken, it could lead to a "full account takeover," the PSA warned.
Account takeover
Similar tactics can be used against other messaging apps
Once the Russian hackers gain access to an account on Signal, they can read messages and contact lists, send messages as the victim, and even conduct phishing attacks from their account. The FBI and CISA's announcement also warned that while these actors specifically target Signal accounts, they can use similar tactics against other commercial messaging apps too.
Prior warnings
NSA had warned about Signal risks
The National Security Agency (NSA) had already warned the Department of War about the risks associated with using Signal, particularly the threat posed by Russian hacking groups that actively target the app. Several top Donald Trump administration officials, including Vice President JD Vance and War Secretary Pete Hegseth, used the app to discuss military strikes against Houthi rebels in Yemen last year.