FBI warns Russian hackers targeting Americans on Signal; thousands of accounts compromised
Russian intelligence-linked hackers are targeting users of popular messaging apps like Signal, gaining access to private messages and impersonating victims in a sweeping global campaign, according to a joint warning from the FBI and U.S. cybersecurity officials.
The FBI and the Cybersecurity and Infrastructure Security Agency said the operation has already compromised “thousands of individual” commercial messaging app (CMA) accounts, allowing attackers to read messages, access contact lists and send messages posing as the victim.
FBI Director Kash Patel warned the campaign is targeting individuals of “high intelligence value,” including U.S. officials, military personnel and journalists, and has already resulted in widespread account compromises.
Patel warned the attackers could exploit compromised accounts to impersonate victims and target others using a trusted identity.
MILLIONS OF AI CHAT MESSAGES EXPOSED IN APP DATA LEAK
“This global campaign has resulted in unauthorized access to thousands of individual CMA accounts,” the agencies said in a joint public service announcement.
“After compromising an account, malicious actors can view the victims’ messages and contact lists, send messages, and conduct additional phishing against other CMA accounts.”
Officials said the activity is linked to actors associated with Russian intelligence services.
MALICIOUS BROWSER EXTENSIONS HIT 4.3M USERS
“RIS actors have compromised individual CMA accounts, but not CMAs’ encryption or the applications themselves,” the FBI and CISA said.
The agencies emphasized the activity does not involve breaking Signal’s encryption. Instead, it relies on tricking users through phishing schemes.
“Phishing remains one of the most unsophisticated, yet effective means of cyber compromise, often rendering other protections irrelevant, including end-to-end encryption,” the agencies said.
According to officials, the hackers often pose as messaging app support or send fake security alerts designed to create urgency, prompting users to click malicious links or share verification codes or PINs.
If a user complies, attackers can link their own device to the account or take it over entirely, allowing them to monitor private conversations and impersonate the victim.
Patel cautioned that the scheme allows cybercriminals to “conduct additional phishing.”
“After gaining access, the actors can view messages and contact lists, send messages as the victim and conduct additional phishing from a trusted identity,” Patel said.
The PSA said users who believe they may have been targeted should report incidents to the FBI’s Internet Crime Complaint Center.
The link to “cyber actors” associated with Russian Intelligence was not made more specific in the agencies’ joint PSA.
Signal did not immediately respond to Fox News Digital’s request for comment. The FBI did not provide further comment to Fox News Digital.
Leave a Reply
You must be logged in to post a comment.