Germany Blames Russia for Signal Phishing Attacks on Cabinet Ministers

Germany’s government has been caught up in a phishing campaign targeting users of the Signal messaging app, with several cabinet members affected and Russia seen as responsible, according to media reports.

German government sources told Reuters on Saturday that Berlin believes Russia could be behind the phishing attacks aimed at high-profile politicians, diplomats, military officers and journalists.  

German federal prosecutors said on Friday they were investigating phishing attacks involving Signal, the news agency reported.

Cabinet members reportedly affected 

The campaign has reached the German government itself, with several cabinet members affected, according to the German Press Agency, dpa.  

Der Spiegel reported that cabinet ministers Karin Prien and Verena Hubertz were among the victims, but the German government has not officially commented on specific cases, dpa said. 

German authorities had already been warned about threats earlier this year. Reuters said Germany’s domestic intelligence service and the cybersecurity office warned officials about attacks on messaging app users that were likely carried out by a state-sponsored actor.  

On Saturday dpa reported that public warnings began in February and were later followed by more detailed security advice. 

How did the attack work? 

According to dpa, the phishing campaign does not appear to rely on a flaw in Signal itself.  

Other Topics of Interest

Sweden Charges Man With Spying for Russia

Swedish prosecutors have charged a 34-year-old man with attempting to spy for Russia by offering highly sensitive military information to Russian intelligence agencies. The suspect, who previously worked with Sweden’s Armed Forces, is also being investigated in a separate murder conspiracy.

Instead, attackers reportedly send messages posing as “Signal Support” and asked users to enter a PIN, click a link or scan a QR code. If users comply, attackers may gain access to chats, address books and internal group conversations, dpa said. 

Last year, Dutch military intelligence warned that Russia was stepping up hybrid operations, including cyberattacks on public infrastructure, after a Russian-linked hack targeted a Dutch public service in the country’s first known cyber sabotage attempt. 

Der Spiegel said Dutch intelligence services had publicly blamed “Russian state actors.”  

Moscow has repeatedly denied carrying out hacking operations against other countries.