The National Cyber Security Centre (NCSC) has issued a warning to users of messaging apps such as WhatsApp, Signal, and Messenger to watch for suspicious activity.

According to the United Kingdom’s cybersecurity agency, there are concerns regarding “growing malicious activity from Russia-based actors” who use popular messaging apps to target “high-risk individuals.”

High-risk individuals are people with access to sensitive information that could be of interest to threat actors, such as technical details of high-end innovative products, corporate data, and login credentials for banking accounts or crypto wallets.

Russian hackers have tried to compromise users’ WhatsApp and Signal accounts in various ways.

The NCSC states that there have been attempts to trick users into sharing their passwords or account recovery codes of popular messaging apps. Attackers also tried to add victims’ accounts to their own devices, a practice known as account linking.

Another way to access users’ chat history without them knowing is by secretly joining a chat group. Lastly, attackers have tried to impersonate someone a user knows or by phishing victims by sending malicious links or QR codes.

To reduce the risk of compromising their personal accounts, the NCSC recommends never sharing sensitive information via messaging apps, such as login credentials or verification codes. For work communications, users should only trust and use corporately provided messaging services and devices.

To improve the security of their account, users are advised to enable multi-factor authentication (MFA) or passkeys where available. Furthermore, users should regularly check for linked devices in settings and beware of impersonations.

For personal accounts, the cybersecurity agency recommends setting a timer to automatically delete messages after a specified period. If an attacker manages to gain access to a user’s chat account, this limits the amount of information that can be stolen.

The NCSC is the latest agency to warn users of Russian hackers targeting messaging apps.

In March, the General Dutch Intelligence Agency (AIVD) and Dutch Military Intelligence and Security Service (MIVD) announced that WhatsApp and Signal accounts used by officials, military personnel, and journalists had been hacked by state-sponsored hackers from Russia.

Signal seized the opportunity to warn its users not to share SMS verification codes or Signal PINs with anyone. “User vigilance is ultimately the best defense against phishing,” the messaging app said.

---

Unlock more exclusive Cybernews content on YouTube.