Russia-backed hackers breach Signal, WhatsApp accounts

Published: 9 March 2026
Last updated: 16 March 2026
whatsapp russia hackers
Russia-backed hackers WhatsApp. By Reuters

Russian-backed hackers have launched a global cyber campaign to gain access to Signal and WhatsApp accounts used by officials, military personnel and journalists, two intelligence agencies in the Netherlands warned on Monday.

Key takeaways:
  • Dutch intelligence says a global campaign is targeting officials, military personnel, and journalists that tricks them into handing over security codes via chat.
  • The hackers pose as support bots or exploit app features like "linked devices" to hijack accounts and access sensitive group chats.
  • Dutch government employees are among the victims.
  • Despite their encryption, Dutch military intelligence says Signal and WhatsApp shouldn't be trusted for confidential communications.
Key Takeaways by nexos.ai, reviewed by Cybernews staff.

Users are persuaded in chats initiated by the hackers to divulge security verification and pin codes, giving them access to personal accounts and group chats, they said in a statement.

ADVERTISEMENT

"The Russian hackers have likely gained access to sensitive information," the General Dutch Intelligence Agency (AIVD) and Dutch Military Intelligence and Security Service (MIVD) said.

"Targets and victims of the campaign include Dutch government employees" and journalists, the agencies said.

The chat apps offering end-to-end encryption are popular with government officials for sharing confidential or classified information, making them "the ideal place for malicious actors to try to capture sensitive information," they said.

WhatsApp, in a reaction sent to Reuters, said users should never share their six-digit code with others and that it continued to build ways to protect people from online threats.

Signal could not immediately be reached for comment.

Check if your data has been leaked

Find out if your email, phone number or related personal information might have fallen into the wrong hands.
18,611,353,922
Breached accounts
36,030
Breached websites

Users persuaded to divulge security codes

The hackers most frequently masquerade as a Signal Support chatbot to induce targets to divulge the codes, enabling them to take control of the accounts, the statement said.

ADVERTISEMENT

Another method is to use the ‘linked devices’ function within Signal, it said.

Contacts appearing twice in a user's contact list, or numbers showing up as 'deleted account' could indicate that an account has been compromised, the agencies said.

Dutch authorities issued a cyber advisory notifying government colleagues of the vulnerability and providing assistance to eliminate the threat, a spokesman said, citing the joint operation with the AIVD general intelligence service.

"Despite their end-to-end encryption option, messaging apps such as Signal and WhatsApp should not be used as channels for classified, confidential or sensitive information," said MIVD director, Vice-Admiral Peter Reesink.

jurgita justinasv Izabelė Pukėnaitė vilius Ernestas Naprys Gintaras Radauskas
Don't miss our latest stories on Google News. Add us as your Preferred Source on Google
Follow us

Share
Post
Share
Share
Share
More from Cybernews
Companies using Fable 5 beware: it’s collecting your data, and there are no exceptions
World’s leading mathematicians ridicule AI hype in high-IQ declaration
Democrats are far more worried than Republicans that AI will take jobs, new poll finds
Europe’s tech revolution feels like Soviet déjà vu
New York demands advertisers use “synthetic performer” label or else
The surprising way Elon Musk is powering your next holiday flight
ADVERTISEMENT
Leave a Reply

Your email address will not be published. Required fields are markedmarked