The Netherlands’ military intelligence service and domestic intelligence agency have issued a new cyber security warning concerning Signal and WhatsApp users. In the joint statement, it was stated that Russian-linked hacker groups carried out a wide-scale cyber attack activity around the world and especially targeted accounts belonging to high-level officials. It is stated that the main purpose of the campaign in question is to provide unauthorized access to accounts on these popular messaging platforms.
According to the information shared by the authorities, attacks affect not only individual users; It also includes government officials, military personnel and employees working in public institutions. For this reason, it is considered that the campaign may have sensitive consequences in terms of both diplomacy and security. In addition, the fact that the attack method is based on a very convincing social engineering technique causes the risk to grow even further.
Russian hackers target users with fake support bots
According to the statement of Dutch authorities, attackers use fake chat bots that pose as official support services of Signal and WhatsApp. Through these bots, messages are sent to the targeted people and the impression of technical support or security verification is created. However, the main purpose of the attack is to capture the PIN codes that ensure user account security.
If victims share these codes, attackers can access the relevant accounts and view incoming messages. In addition, in some cases, it becomes possible to completely take over accounts. Experts emphasize that such attacks can pose serious security risks, especially in messaging applications where sensitive information is shared.
However, it is known that similar cyber attacks have been detected in different countries before. For example, in the USA, in 2024, the Pentagon issued a warning to its personnel to be careful against the use of Signal. At that time, it was reported that groups thought to be linked to Russia were targeting platform users with phishing methods. Despite this, Signal continues to be used by many public officials and journalists due to its strong end-to-end encryption infrastructure.
On the other hand, experts particularly emphasize that the attacks are not directly caused by a vulnerability in the technical infrastructure of the applications. Instead, it is stated that attackers are trying to persuade users to share their security information by manipulating them. This shows that social engineering attacks are becoming increasingly sophisticated.
Cyber security researchers state that users should be careful about accounts that introduce themselves as support team in messaging applications. In addition, it is reminded that sensitive data such as verification codes, PIN information or login links should not be shared with third parties under any circumstances. In addition, it is recommended not to click on unknown links and to verify official support requests only through the application’s own channels.
In order not to miss the technology agenda, 📰 add it to Google News, 💬 join our WhatsApp channel, ▶ subscribe to YouTube, 📷 follow us on Instagram and 𝕏 X.