Russian government hackers targeting Signal and WhatsApp users, Dutch spies warn

Dutch intelligence agencies issued a warning on Monday about a large-scale global hacking campaign For Signal, the hackers masquerade as the apps support team and send messages warning of suspicious activity, a possible data leak or attempts to access private data. If successful, they obtain a verification code requested from Signal via SMS and the targets PIN code. They then use the codes to register a new device with a new phone number, impersonate the target and access contacts while locking the original user out of the account. Because Signal stores chat history locally on the phone, a victim can regain access after re-registering their number and may assume nothing is wrong. The Dutch services stressed that this assumption could be incorrect. Signal does not provide support directly through the app, and adding a new device does not typically grant access to previous messages. The hackers are also trying to trick targets on both apps into scanning malicious QR codes or clicking malicious links that link the actors device to the victims account. On WhatsApp, the hackers abuse the linked devices function to potentially read past messages. Victims may not realize they have granted access because they are not logged out of their accounts. Signal responded