Cyber-crime 1 Russian cybercrims phish their way into officials' Signal and WhatsApp accounts 1 Dutch spies flag large-scale campaign to hijack secure messaging accounts Carly Page Mon 9 Mar 2026 // 12:40 UTC Russian-linked hackers are trying to break into the Signal and WhatsApp accounts of government officials, journalists, and military personnel globally – not by cracking encryption, but by simply tricking people into handing over the keys. That's the warning issued Monday by the Netherlands' intelligence and military security agencies , the AIVD and MIVD, which say a "large-scale" Russian cyber campaign is actively targeting Signal and WhatsApp accounts. The goal isn't to defeat the apps' end-to-end encryption, but to take over the accounts themselves and quietly read whatever conversations are inside. According to the agencies, the attackers approach targets directly via chats and persuade them to share security verification codes or PINs, effectively giving the intruders full access to the account. In some cases, the attackers reportedly impersonate a Signal support bot to make the request look legitimate. Once the code is shared, attackers can log in and read messages or monitor group chats without needing to defeat the underlying encryption. Another trick involves abusing Signal's "linked devices" feature, which allows users to connect additional devices to their account. If an attacker manages to link their own device, they can effectively mirror the victim's messages in real time. The Dutch agencies say that the campaign has already snared victims, including people working inside the Dutch government. "The Russian hackers have likely gained access to sensitive information," the AIVD and MIVD said, adding that "targets and victims of the campaign include Dutch government employees" as well as journalists. Ironically, the very reason officials and reporters often favor these apps – their strong encryption – also makes them a juicy intelligence target once an account itself is compromised. End-to-end encryption protects messages in transit, but it does little if an attacker manages to log into the account itself. A Meta spokesperson told The Register that users should never share their six-digit code with others and that it provides detailed advice on how WhatsApp users can protect themselves from scams. Signal did not immediately respond to The Register 's questions. Poland bans camera-packing cars made in China from military bases Infosec exec sold eight zero-day exploit kits to Russia, says DoJ Don't underestimate pro-Russia hacktivists, warns UK's cyber crew Russia-linked APT28 attackers already abusing new Microsoft Office zero-day Dutch authorities released a cybersecurity advisory and are assisting affected users in securing their accounts. They also warned that subtle clues can indicate a compromise, such as contacts suddenly appearing twice in a list or numbers unexpectedly showing up as "deleted account." The bigger message from the spooks is that encrypted consumer messaging apps might be convenient, but they're not exactly a classified communications system. As MIVD director Vice-Admiral Peter Reesink put it: "Despite their end-to-end encryption option, messaging apps such as Signal and WhatsApp should not be used as channels for classified, confidential or sensitive information." In other words, if your operational security plan relies on the hope that nobody will ever ask you for a six-digit code in a chat, it might be time for a rethink. ® Share More about Russia Signal WhatsApp More like these × More about Russia Signal WhatsApp Narrower topics Roscosmos Broader topics APAC EMEA Encryption Europe Messaging Meta Voice over IP More about Share 1 COMMENTS More about Russia Signal WhatsApp More like these × More about Russia Signal WhatsApp Narrower topics Roscosmos Broader topics APAC EMEA Encryption Europe Messaging Meta Voice over IP TIP US OFF Send us news