Hackers supported by Russian establishment have rolled out a global cyber campaign aiming signal and WhatsApp accounts used by officials, military officers and journalists. Two Dutch intelligence agencies have warned regarding the cyber-attack on Monday.
According to intelligence agencies, users are lured in chats initiated by the hackers and persuaded to reveal security verification and PIN codes which gives attacker access to personal accounts and group chats.
The General Dutch Intelligence Agency (AIVD) and Dutch Military Intelligence and Security Service (MIVD) said that “The Russian hackers have likely gained access to sensitive information.” The agency further told that the victims of the campaign include Dutch government employees and journalists.
The popular messaging app, WhatsApp and Signal which is known for their end-to-end encryption are widely used by government officials for sharing confidential or classified information, making them the ideal place for hackers or malicious actors to try to steal sensitive data.
In response Meta owned WhatsApp told Reuters that the users should never share their six-digit code (OTP) with others and that it continues to build protections against online threats while Signal stated on social media that attack were “executed via sophisticated phishing campaigns, designed to trick users into sharing information”. The platform confirmed that its encryption and infrastructure had not been compromised.
The hackers usually impersonate a Signal Support chatbot to trick targets into revealing their codes, which allows the hackers to take control of accounts, the statement said.
Another way involves exploiting the “linked devices” function with Signal. Dutch government noted that contacts appearing twice in a user’s list, or numbers showing as “deleted account”, could indicate a compromised account.
A government official said that Dutch authorities has issued a cyber advisory notifying government colleagues of the vulnerability and providing support to eliminate the threat.
MIVD director Vice-Admiral Peter Reesink said that “Despite their end-to-end encryption option, messaging apps such as Signal and WhatsApp should not be used as channels for classified, confidential or sensitive information”
Syed Ziyauddin is a media and international relations enthusiast with a strong academic and professional foundation. He holds a Bachelor’s degree in Mass Media from Jamia Millia Islamia and a Master’s in International Relations (West Asia) from the same institution.
He has work with organizations like ANN Media, TV9 Bharatvarsh, NDTV and Centre for Discourse, Fusion, and Analysis (CDFA) his core interest includes Tech, Auto and global affairs.
Tweets @ZiyaIbnHameed
