Germany suspects Russia is behind Signal phishing that targeted top officials

Signal app on a smartphone is seen on a mobile device screen Tuesday, March 25, 2025, in Chicago. AP-Yonhap

BERLIN — The German government suspects Russia is behind a series of phishing attacks on Signal targeting high-ranking politicians, including two government ministers, military personnel and journalists, a government spokesperson said.

Federal prosecutors have been conducting a preliminary investigation since mid-February 2026 into alleged cyberattacks on Signal accounts, a spokesperson for the federal prosecutors confirmed on Saturday.

Among other things, the investigation involves an initial suspicion of espionage, she added, without specifying which country might be involved.

The German government has still not officially attributed the attacks to Russia.

Germany and other European countries have been under increased pressure from cyberattacks and other malign activity linked to Russia by Western officials since Moscow’s full-scale invasion of Ukraine in February 2022.

Around 300 Signal accounts belonging to individuals within the political sphere were compromised in the attacks, German magazine Der Spiegel reported, quoting governmental sources.

There is no official confirmation of the names of the victims.

According to Der Spiegel, the targeted users received messages from a fake Signal security chatbot that informed them of suspicious activity on their accounts and asked them to take immediate action. If the user followed the instructions, including entering a PIN or scanning a QR code, their Signal accounts were linked to an external device controlled by the hackers.

This allowed the attackers to read past chats, follow ongoing conversations and even see address books and other data stored by the users.

Source: Korea Times News