Germany warns of state-linked phishing campaign targeting journalists, government officials
In a joint advisory issued late last week, Germany’s domestic intelligence agency (BfV) and federal cybersecurity office (BSI) said attackers are attempting to gain access to private messaging accounts in order to monitor confidential communications and potentially compromise broader networks.
German authorities are warning that a suspected state-controlled threat actor is using messaging apps such as Signal to target senior political, military and diplomatic figures, as well as investigative journalists, across Europe.
In a joint advisory issued late last week, Germany’s domestic intelligence agency (BfV) and federal cybersecurity office (BSI) said attackers are attempting to gain access to private messaging accounts in order to monitor confidential communications and potentially compromise broader networks.
Officials said the campaign relies on social engineering rather than malware or software vulnerabilities, exploiting legitimate security features built into messaging platforms. The current activity is focused on Signal, authorities said, but similar methods could be used against other messaging platforms with comparable features, including WhatsApp.
Source: https://therecord.media/germany-warns-phishing-campaign-signal-gov-officials-journalists
Related breach coverage
- Russia-linked actors target WhatsApp and Signal in phishing campaign2026-03-22
Russia-linked actors target WhatsApp and Signal accounts of officials and journalists via phishing, gaining access to messages and contacts. Threat actors linked to Russian Intelligence Services are running phishing campaigns to hijack high-value accounts on messaging apps like WhatsApp and Signal, the FBI warns. “The FBI has identified cyber actors associated with Russian Intelligence Services targeting […]
- Russia-linked hackers target Signal, WhatsApp of officials globally2026-03-09
Russia-linked hackers are targeting Signal and WhatsApp accounts of government and military officials worldwide, warns Dutch intelligence. Dutch intelligence agencies (MIVD and AIVD) warn of a global campaign by Russia-linked threat actors aiming to compromise Signal and WhatsApp accounts. The operation targets government officials, civil servants, and military personnel, highlighting growing cyber risks to sensitive […]
- U.S. agencies alert: Iran-linked actors target critical infrastructure PLCs2026-04-08
U.S. agencies warn Iran-linked threat actors are targeting internet-exposed PLCs used in critical infrastructure networks. U.S. agencies, including the FBI and CISA, warn that Iran-linked hackers are targeting internet-exposed Rockwell/Allen-Bradley PLCs used in critical infrastructure. The agencies published a joint advisory involving multiple federal organizations. “Iran-affiliated advanced persistent threat (APT) actors are conducting exploitation activity […]
- Iran-nexus APT Dust Specter targets Iraq officials with new malware2026-03-06
A campaign by Iran-linked group Dust Specter is targeting Iraqi officials with phishing emails delivering new malware families. Zscaler ThreatLabz researchers linked the Iran-nexus group Dust Specter to a campaign targeting Iraqi government officials. Threat actors impersonated the country’s Ministry of Foreign Affairs in phishing messages that delivered previously unseen malware, including SPLITDROP, TWINTASK, TWINTALK, […]