Sensitive information in Russian hands
Intelligence agencies from the Netherlands report that Russian hackers have targeted accounts of Dutch government employees on WhatsApp and Signal. The information about this comes from the AIVD and MIVD (the Military Intelligence and Security Service). The attackers are trying to gain access to sensitive communications, with various information possibly already captured.
The hackers are said to be employed by the Russian state and are targeting dignitaries, military personnel and officials worldwide. Journalists are also among the possible targets. By accessing messaging apps, attackers can read along with conversations and gather information from chat groups.
According to the intelligence agencies, one of the methods used by the hackers is to impersonate a Signal chatbot. Users are thus tricked into sharing their login details. Once the attackers have that data, they can take over the account and gain access to conversations. In some cases, this can happen without the user noticing directly.
Signal is popular within governments precisely because the service is known for its reliability and strong encryption. Messages are sent encrypted, making them normally readable only by the sender and receiver. This very reputation makes the app interesting for espionage attempts: if hackers gain access to an account, they can potentially extract valuable information from confidential conversations.
