By Euronews
Published on •Updated
German and foreign security services have reissued a warning for phishing attacks targeting lawmakers and senior government officials via the Signal messaging application, in what is believed to be the work of a “state-controlled cyber actor”.
ADVERTISEMENT
ADVERTISEMENT
The German government believes Russia is behind the phishing attacks.
“The federal government is assuming that the phishing campaign targeting the Signal messaging service was presumably run from Russia,” a government source told press agency AFP.
Victims are reportedly sent messages from Signal support, which asks them to enter a PIN, open a link or scan a QR code. If the scam is successful, the hackers can gain access to messages, chat groups and photos and files shared by the user.
The attackers can also impersonate the person whose account has been compromised.
While the government has not elaborated on how many lawmakers were affected by the phishing campaign, local media estimate at least 300 accounts belonging to political figures were compromised.
Many users had made the move from WhatsApp to Signal following privacy concerns after WhatsApp said it would share metadata with parent company Meta, which owns Facebook and Instagram.
“The number of unreported cases will continue to rise in the coming days,” Konstantin von Notz, an MP who is deputy chief of the intelligence oversight committee told AFP.
“At present, no one can say with any certainty whether the integrity of MPs’ communications is still guaranteed,” he added.
In addition to high-profile politicians, civil servants, diplomats, military personnel and journalists were also targeted.
The Bundestag is now debating how to deal with the incidents. Vice-President of the German Bundestag Andrea Lindholz (CSU) rejects a ban on using Signal, and said she believes MPs are free to make their own decisions.
However, the question was raised whether the desktop version of the Signal app should be restricted on Bundestag computers.
Germany is Ukraine’s biggest provider of military aid and has frequently been the target of cyberattacks, as well as espionage and sabotage plots since Russia’s full-scale invasion of Ukraine in 2022.
Moscow has repeatedly denied involvement in any such actions.
