A widespread phishing campaign targeting the Signal messenger service has compromised the accounts of high-ranking German political figures, military personnel, and journalists. The attacks have reached members of all factions within the Bundestag, raising serious concerns over state-level espionage.
High-Level Political Targets
Among the most prominent victims is Bundestagspräsidentin Klöckner, who holds the second-highest state office and is a member of the CDU presidency. According to reports, the CDU presidency had been using a Signal group chat for communication, which included Bundeskanzler and CDU-Chef Merz.
While Merz’s account showed no irregularities, officials from the Bundesamt für Verfassungsschutz (BfV) personally visited the Chancellor regarding the matter. The BfV and the Bundesamt für Sicherheit in der Informationstechnik (BSI) had previously issued public warnings about these Signal attacks in February.
Espionage and State Actors
The Bundesanwaltschaft is currently investigating the breach on suspicion of espionage. Once an account is compromised, attackers are reportedly able to read chat messages and impersonate users within group chats.
The BfV believes the campaign is being carried out by a state-sponsored actor. Henrichmann, the chairman of the Bundestag’s Parliamentary Control Committee, has specifically attributed the campaign to Russia.
Official Responses and Implications
Government ministries have not confirmed the cyberattack. The ministry of Hubertz stated that clear principles govern the security of internal and external communication, noting that they generally do not comment on possible or actual security incidents.
Given the current investigation, there may be a shift in how government officials handle secure communications. Further findings from the Bundesanwaltschaft could lead to a deeper understanding of the extent of the data breach.
For more context on these threats, spot Messenger-Dienste werden immer öfter zum Ziel von Phishing-Versuchen.
Frequently Asked Questions
Who has been affected by the Signal phishing campaign?
Affected individuals include members of all Bundestag factions, journalists, military personnel, and high-ranking officials such as Bundestagspräsidentin Klöckner.
What can attackers do once a Signal account is compromised?
Attackers are reportedly able to read chat messages and operate within chat groups using a false identity.
Who is suspected of being behind the attacks?
The Bundesamt für Verfassungsschutz suspects a state-sponsored actor, and Henrichmann, chairman of the Parliamentary Control Committee, has identified Russia as the responsible party.
Do you believe consumer messenger apps are suitable for high-level government communication?
