TLDRs:
- Russian hackers target Signal and WhatsApp globally, Dutch agencies report.
- Hackers use phishing, social engineering, and linked devices to breach accounts.
- Signal users can regain chat history, but security risks remain high.
- Meta urges caution and offers guidance to prevent account compromises.
Meta Platforms’ stock has drawn attention this week as Dutch intelligence agencies warned of an ongoing global hacking campaign targeting users of WhatsApp, one of Meta’s flagship messaging apps.
According to the Netherlands’ Defence Intelligence and Security Service (MIVD) and the General Intelligence and Security Service (AIVD), Russian government hackers are attempting to infiltrate the accounts of journalists, government officials, and military personnel worldwide.
The campaign reportedly relies on social engineering and phishing techniques rather than traditional malware. In WhatsApp’s case, hackers are exploiting the platform’s “Linked devices” feature, which allows accounts to be accessed from multiple devices such as laptops or tablets. If a user is tricked into granting access, the attackers can read past messages and may remain undetected, as the account often does not log users out during the breach.
Global Messaging Apps Under Attack
The Dutch agencies described the effort as a “large-scale global” operation. Hackers are targeting both Signal and WhatsApp users, sending messages that appear to come from the apps’ support teams. For Signal, these messages warn users of suspicious activity or potential data leaks and then request verification codes and PINs.
Once provided, hackers can register a new device under the victim’s account, lock them out, and potentially access contacts.
Phishing and Social Engineering Exploited
According to the report, attackers have also been sending malicious links and QR codes. A target might be asked to scan a QR code to join a group, but the code could instead connect the victim’s account to the hacker’s device. These techniques, experts note, have been previously used by Russian state actors in the context of the war in Ukraine.
Signal’s design stores chat histories locally, which allows victims to regain previous messages after re-registering their accounts. However, Dutch intelligence warns that regaining chat history does not guarantee security. Hackers may still have access to personal information and contacts, potentially enabling further attacks. Signal itself does not provide support through the app, emphasizing that users should never share verification codes or PINs with anyone.
Signal Users Face Hidden Risks
While WhatsApp users face unique risks due to the Linked Devices feature, Signal users can still be vulnerable to social engineering attacks. Meta’s spokesperson, Zade Alsawah, stressed that users should remain vigilant, avoid sharing six-digit verification codes, and consult WhatsApp’s Help Center for guidance on detecting suspicious messages.
Meta Offers User Protection Tips
Meta has highlighted steps users can take to secure their accounts, including carefully reviewing linked devices and reporting suspicious activity. The company did not disclose how many accounts may have been affected but encouraged users globally to maintain strict security practices. The Russian embassy in Washington, D.C. did not respond to requests for comment, and the Dutch Ministry of Defence declined to provide additional details.
Investors monitoring Meta (META) stock may view this alert as both a reputational risk and a reminder of the challenges associated with maintaining security in widely used messaging platforms. While no direct financial impact has been reported, the incident underscores the ongoing cybersecurity threats that global tech companies face.
Get 3 Free Stock Ebooks
Discover top-performing stocks in AI, Crypto, and Technology with expert analysis.
- Top 10 AI Stocks - Leading AI companies
- Top 10 Crypto Stocks - Blockchain leaders
- Top 10 Tech Stocks - Tech giants
