Russian-Backed Hackers Target Signal and WhatsApp Accounts of Officials and Journalists Dutch intelligence agencies revealed on March 9 that Russian-backed hackers have launched a global cyber campaign to infiltrate Signal and WhatsApp accounts belonging to government officials, military personnel, and journalists. The attackers trick users into disclosing security verification codes or PINs during deceptive chats, granting access to personal accounts and sensitive group conversations. The General Dutch Intelligence Agency (AIVD) and Military Intelligence and Security Service (MIVD) warned that the hackers likely obtained classified information, with Dutch government employees and journalists among the confirmed targets. End-to-end encrypted messaging apps like Signal and WhatsApp are favored for secure communication, making them prime targets for cyber espionage. The hackers primarily impersonate a Signal Support chatbot to extract verification codes, while also exploiting Signal’s "linked devices" feature. Signs of compromise include duplicate contacts or accounts marked as "deleted." WhatsApp responded by advising users against sharing their six-digit codes, though Signal did not immediately comment. Dutch authorities issued a cyber advisory to mitigate the threat, with MIVD director Vice-Admiral Peter Reesink cautioning that even encrypted apps should not be used for transmitting highly sensitive information. The campaign underscores the persistent risks of social engineering in cyber espionage.

The Maine Office of the Attorney General reported a data breach involving General Dynamics Corp. on December 23, 2024. The breach, discovered on October 10, 2024, was due to unauthorized access affecting personal information of 37 individuals, with 2 Maine residents specifically identified. Types of compromised data included names, social security numbers, bank account information, and dates of birth.