Dutch intelligence warns of a Russia-linked campaign targeting high-value individuals to compromise Signal and WhatsApp accounts via verification code phishing. The attack vector involves tricking victims into sharing multi-factor authentication (MFA) codes sent to their devices. No software vulnerability or patch is identified; the threat exploits user behavior, so the primary workaround is user education against sharing verification codes and enabling additional account security settings.
Dutch intelligence agencies have issued a warning about an ongoing cyber campaign in which Russia-linked hackers are attempting to compromise accounts on popular encrypted messaging platforms. According to officials, the operation targets government personnel, military members, journalists, and other individuals likely to have access to sensitive information. The alert was issued jointly by the Netherlands’ General Intelligence and Security Service (AIVD) and the Military Intelligence and Security Service (MIVD), which said the attackers have already managed to gain access to some accounts by tricking victims into sharing verification codes. submitted by /u/NeuraCyb-Intel [link] [comments]