FBI warns Russian hackers are targeting Signal users via phishing
NEWYou can now listen to Fox News articles!
Russian intelligence-linked hackers are targeting users of popular messaging apps like Signal, gaining access to private messages and impersonating victims in a sweeping global campaign, according to a joint warning from the Federal Bureau of Investigation (FBI) and U.S. cybersecurity officials, including FBI Director Kash Patel.
The FBI and the Cybersecurity and Infrastructure Security Agency said the operation had already compromised “thousands of individual” commercial messaging application (CMA) accounts, allowing attackers to read messages, access contact lists and send messages pretending to be the victim.
FBI Director Kash Patel warned that the campaign targeted individuals of “high intelligence value,” including U.S. officials, military personnel and journalists, and had already resulted in widespread account compromises.
Patel warned that attackers could leverage compromised accounts to impersonate victims and target others using a trusted identity.
MILLIONS OF AI CHAT MESSAGES REVEALED IN APP DATA LEAK
FBI Director Kash Patel listens to Senate Intelligence Committee hearings on Capitol Hill in Washington, Wednesday, March 18, 2026. (AP Photo/Jose Luis Magana)
“This global campaign resulted in unauthorized access to thousands of individual CMA accounts,” the agencies said. joint public service announcement.
“Once an account is compromised, malicious actors can view victims’ messages and contact lists, send messages, and conduct additional phishing against other CMA accounts.”
The activity was linked to actors associated with Russian intelligence services and targeted individuals deemed to be of “high intelligence value,” including current and former U.S. government officials, military personnel, political figures and journalists, officials said.
BAD BROWSER EXTENSIONS REACHED 4.3 MILLION USERS
In this illustration photo taken in Warsaw, Poland on March 26, 2025, the Signal encrypted messaging application is seen on a mobile device. (Jaap Arriens/NurPhoto via Getty Images)
“RIS actors compromised individual CMA accounts, but did not compromise the CMAs’ encryption or the applications themselves,” the FBI and CISA said.
The agencies emphasized that the activity did not involve breaking Signal’s encryption but instead relied on deceiving users through phishing schemes.
“Phishing remains one of the simplest yet effective tools of cyberattacks, often overriding other protections, including end-to-end encryption,” the agencies said. he said.
SPOTIFY VOTE FRAUD REVEALED
Cyber actors linked to Russian Intelligence targeted thousands of commercial messaging applications (CMAs), according to a PSA jointly shared by the FBI and CISA on Friday. (Photo: Morteza Nikoubazl/NurPhoto via Getty Images)
Hackers often pose as messaging app support or send fake security alerts designed to create urgency, encouraging users to click on malicious links or share verification codes or PINs, according to authorities.
If a user complies, attackers can link their device to the account or take over it entirely, allowing them to monitor private conversations and impersonate the victim.
FBI Director Kash Patel warned that the scheme allowed cybercriminals to “engage in additional phishing.”
“Once gained access, actors can view messages and contact lists, send messages as a victim, and conduct additional phishing from a trusted identity.”
PSA said users who believe they have been targeted should report incidents to the FBI’s Internet Crime Complaint Center.
CLICK TO DOWNLOAD FOX NEWS APPLICATION
The connection to “cyber actors” associated with Russian Intelligence was not made more specific in the agencies’ joint PSA.
Signal did not immediately respond to Fox News Digital’s request for comment. The Federal Bureau of Investigation did not provide further comment to Fox News Digital.
