Dutch intelligence warns that attackers are hijacking Signal and WhatsApp accounts by tricking users into sharing verification codes or linking a malicious device.

Security Boulevard is a leading cybersecurity news and information portal, offering articles, analysis, and insights on cybersecurity threats, vulnerabilities, and best practices. From the latest trends in cyber threats to expert commentary on security technologies and compliance frameworks, Security Boulevard provides resources for security professionals, IT leaders, and business executives seeking to protect their organizations from cyber attacks and data breaches.

Security Boulevard

Dutch intelligence agencies AIVD and MIVD warn that Russian state-backed hackers are targeting Signal and WhatsApp accounts of senior officials, military personnel, and journalists. The attacks don't exploit encryption weaknesses but rely on social engineering: impersonating support accounts to steal verification codes/PINs, or tricking users into scanning QR codes that silently link an attacker's device to the victim's account. Practical defenses include never sharing verification codes, regularly auditing linked devices, enabling registration lock/PIN, using disappearing messages, and setting up two-step verification on both apps.

Signal and WhatsApp accounts targeted in phishing campaign

How to prevent and detect compromised accounts