Germany's domestic intelligence agency is issuing a warning about sophisticated phishing attacks targeting high-ranking individuals, including politicians, military officers, and diplomats, through messaging apps like Signal. These attacks, suspected to be state-sponsored, leverage social engineering tactics without employing malware or exploiting technical vulnerabilities in the messaging services, based on information published by Bleeping Computer.The attackers impersonate messaging app support teams or chatbots to trick targets into revealing sensitive information. Two primary attack variants have been identified: one that leads to a full account takeover by obtaining Signal PINs or SMS verification codes, and another that abuses the linked-device feature by convincing users to scan a QR code. This second method allows attackers to pair the victim's account with their own device, enabling them to monitor chats and access contact lists without triggering immediate alerts. While observed on Signal, the advisory notes that similar functionality exists on WhatsApp, making it a potential target as well. Previous reports have linked these QR code techniques to Russian state-aligned groups like Sandworm, though the method has also been adopted by cybercriminals for fraud.These attacks highlight a growing trend of exploiting legitimate application features for malicious purposes, bypassing traditional security measures. The German authorities recommend users avoid interacting with alleged support accounts, block and report suspicious messages, and enable Signal's "Registration Lock" feature. Regularly reviewing linked devices is also crucial. Source: Bleeping Computer
Phishing, Application security

German intelligence warns of state-sponsored phishing attacks on messaging apps

(Adobe Stock)

Get daily email updates
SC Media's daily must-read of the most current and pressing daily news
You can skip this ad in 5 seconds



