Overview
- Dutch agencies AIVD and MIVD attributed a coordinated campaign to Russian-linked actors targeting officials, military personnel and journalists on Signal and WhatsApp.
- Attackers impersonated support to solicit SMS verification or PIN codes and lured victims to link attacker devices, enabling access to incoming messages and group chats.
- Signal said its encryption and infrastructure remain uncompromised and urged users to activate registration lock, never share verification codes and review linked devices.
- Meta activated new protections: WhatsApp now flags suspicious device-link requests with location context, Facebook tests alerts on risky friend requests and Messenger expands AI fraud detection with options to block or report.
- Authorities warn that takeovers can be hard to reverse if attackers change account details and advise immediate contact notifications, echoing earlier BSI alerts to bolster operational security.