Phishing, Application security

German intelligence warns of state-sponsored phishing attacks on messaging apps

The Signal app icon on a smartphone.

Germany's domestic intelligence agency is issuing a warning about sophisticated phishing attacks targeting high-ranking individuals, including politicians, military officers, and diplomats, through messaging apps like Signal. These attacks, suspected to be state-sponsored, leverage social engineering tactics without employing malware or exploiting technical vulnerabilities in the messaging services, based on information published by Bleeping Computer.

The attackers impersonate messaging app support teams or chatbots to trick targets into revealing sensitive information. Two primary attack variants have been identified: one that leads to a full account takeover by obtaining Signal PINs or SMS verification codes, and another that abuses the linked-device feature by convincing users to scan a QR code. This second method allows attackers to pair the victim's account with their own device, enabling them to monitor chats and access contact lists without triggering immediate alerts. While observed on Signal, the advisory notes that similar functionality exists on WhatsApp, making it a potential target as well. Previous reports have linked these QR code techniques to Russian state-aligned groups like Sandworm, though the method has also been adopted by cybercriminals for fraud.

These attacks highlight a growing trend of exploiting legitimate application features for malicious purposes, bypassing traditional security measures. The German authorities recommend users avoid interacting with alleged support accounts, block and report suspicious messages, and enable Signal's "Registration Lock" feature. Regularly reviewing linked devices is also crucial. 

Source: Bleeping Computer

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.

You can skip this ad in 5 seconds