Russia is running a large-scale global operation to break into Signal and WhatsApp accounts, according to two Dutch intelligence agencies. The campaign has already compromised the private messages of Dutch government employees. The agencies made this announcement on Monday, adding to a growing number of warnings about the security risks of these messaging apps for high-profile users.
According to NBC News, hackers are using phishing techniques to trick people into giving up their account details. They are posing as “Signal support,” which is not a real service that Signal offers. The goal is to steal login information and gain full access to a target’s account.
The Dutch report also noted that it is “probable that targets include other persons of interest to the Russian government, such as journalists.” This means the operation is not only targeting government employees but potentially anyone in a sensitive position.
Signal’s strong encryption has not stopped Russia from successfully compromising accounts
Signal is widely considered one of the most secure messaging platforms available. It uses strong encryption that is even designed to resist theoretical quantum computers. It is commonly used by the Ukrainian military and gained attention last year when a White House group chat discussing military strikes in Yemen accidentally included a journalist.
This is not the first time such attacks have been reported. In February, Germany issued a similar warning about hackers targeting high-profile Signal users in its military and political circles. Last year, Google also identified Russian actors attempting to phish Signal accounts linked to the Ukrainian military and warned the tactic would likely spread.
Russia’s ongoing cyber operations are part of a broader conflict: Russia and Ukraine’s fragile progress toward agreement shows how tensions continue on multiple fronts. Signal has acknowledged the issue in a post on X: “We are aware of recent reports regarding targeted phishing attacks that have resulted in account takeovers of some Signal users, including government officials and journalists. We take this very seriously.”
The company also shared an example of one of the phishing messages being used. One of Signal’s privacy features, which hides users’ phone numbers from each other, actually makes this scam more convincing.
Since recipients cannot see the sender’s real phone number, a message claiming to be from “Signal support” can appear more legitimate than it actually is. Cyber warfare is increasingly being used alongside conventional military threats, much like Iran’s most dangerous ballistic missile targeting Tel Aviv, which highlights how modern conflict operates across multiple domains.
A WhatsApp spokesperson declined to comment directly on the Russian operation but recommended that users never share their login information with anyone. They also directed users to the company’s scam protection guide. WhatsApp, owned by Meta, has over three billion active monthly users and has long been a target for hackers, while Signal is operated by a nonprofit and has a much smaller user base.
Published: Mar 10, 2026 03:45 pm