By AFP
April 24, 2026
German parliament speaker Julia Kloeckner was targeted in a Signal phishing attack, according to reports - Copyright AFP John MACDOUGALL
Antoine Lambroschini with Sam Reeves in Frankfurt
German prosecutors Friday launched a spying investigation into phishing attacks targeting lawmakers on the Signal messaging app, with an MP saying the latest Russia-directed plot against Germany was a “wake-up call”.
The wave of attacks has allegedly been directed at MPs from several parties including the speaker of parliament, a senior member of Chancellor Friedrich Merz’s CDU party, as well as civil servants, diplomats and journalists.
Germany, Kyiv’s biggest provider of miliary aid, has been battling a surge of cyberattacks, as well as espionage and sabotage plots since Russia’s full-scale invasion of Ukraine in 2022.
Moscow denies being behind any such actions.
The German Federal Prosecutor’s Office told AFP it had launched an investigation into the phishing attacks “based on an initial suspicion of espionage”.
It did not name Russia or give more details, but suspicion quickly fell on Moscow.
“The latest phishing attempt from Russia targeting German politicians and journalists is a wake-up call for all of us,” said Marc Heinrichmann, a CDU lawmaker who heads a committee overseeing the country’s intelligence services.
The attack makes “painfully clear” that everyone “must remain vigilant,” he said.
“What may seem like a harmless message at first glance could, in today’s world, be a targeted espionage attempt by foreign powers.”
– ‘Extremely worrying’ –
The attacks work by sending messages purporting to come from Signal support.
Victims are urged to hand over sensitive account information, which the attackers can then use to gain access to the victim’s chat groups and messages.
When the scam is successful, the hackers gain access to photos and files shared on Signal and can also impersonate the person whose account was compromised.
Many have moved from WhatsApp to the non-profit Signal in recent years because of privacy concerns after WhatsApp said it would share some metadata with parent company Meta, which also owns Facebook and Instagram.
German and foreign security services have been warning for months about the attacks, but the potential fallout in Germany is only just becoming clear.
CDU lawmaker Konstantin von Notz told AFP that the scale of the suspected attacks was “extremely worrying”.
“At present, no one can say with any certainty whether the integrity of MPs’ communications is still guaranteed,” he said.
Merz’s centre-right CDU party has so far not commented on how many of its lawmakers have been affected.
But earlier this week Der Spiegel news outlet reported that parliament speaker Julia Kloeckner’s Signal account had been compromised.
Kloeckner is a member of the CDU’s executive committee, whose members — including Merz — reportedly communicate via a Signal chat group, although no irregularities were detected on the chancellor’s phone.
His centre-left coalition partner, the SPD, and the far-left Die Linke have also said “a few” of their lawmakers have fallen victim.
Asked about the issue at a regular press briefing on Friday, a spokeswoman for the interior ministry said the attack is “probably led by a state actor”, adding that official warnings had been issued at the beginning of February and again last week.
Russia-linked hackers have been accused of being behind a string of cyberattacks in Germany.
Earlier this month, Germany intelligence services accused hackers associated with Russian military intelligence of infiltrating internet routers to obtain sensitive information.
The same group has also been accused of targeting air traffic control and of spreading disinformation ahead of last year’s general elections.
German prosecutors Friday launched a spying investigation into phishing attacks targeting lawmakers on the Signal messaging app, with an MP saying the latest Russia-directed plot against Germany was a “wake-up call”.
The wave of attacks has allegedly been directed at MPs from several parties including the speaker of parliament, a senior member of Chancellor Friedrich Merz’s CDU party, as well as civil servants, diplomats and journalists.
Germany, Kyiv’s biggest provider of miliary aid, has been battling a surge of cyberattacks, as well as espionage and sabotage plots since Russia’s full-scale invasion of Ukraine in 2022.
Moscow denies being behind any such actions.
The German Federal Prosecutor’s Office told AFP it had launched an investigation into the phishing attacks “based on an initial suspicion of espionage”.
It did not name Russia or give more details, but suspicion quickly fell on Moscow.
“The latest phishing attempt from Russia targeting German politicians and journalists is a wake-up call for all of us,” said Marc Heinrichmann, a CDU lawmaker who heads a committee overseeing the country’s intelligence services.
The attack makes “painfully clear” that everyone “must remain vigilant,” he said.
“What may seem like a harmless message at first glance could, in today’s world, be a targeted espionage attempt by foreign powers.”
– ‘Extremely worrying’ –
The attacks work by sending messages purporting to come from Signal support.
Victims are urged to hand over sensitive account information, which the attackers can then use to gain access to the victim’s chat groups and messages.
When the scam is successful, the hackers gain access to photos and files shared on Signal and can also impersonate the person whose account was compromised.
Many have moved from WhatsApp to the non-profit Signal in recent years because of privacy concerns after WhatsApp said it would share some metadata with parent company Meta, which also owns Facebook and Instagram.
German and foreign security services have been warning for months about the attacks, but the potential fallout in Germany is only just becoming clear.
CDU lawmaker Konstantin von Notz told AFP that the scale of the suspected attacks was “extremely worrying”.
“At present, no one can say with any certainty whether the integrity of MPs’ communications is still guaranteed,” he said.
Merz’s centre-right CDU party has so far not commented on how many of its lawmakers have been affected.
But earlier this week Der Spiegel news outlet reported that parliament speaker Julia Kloeckner’s Signal account had been compromised.
Kloeckner is a member of the CDU’s executive committee, whose members — including Merz — reportedly communicate via a Signal chat group, although no irregularities were detected on the chancellor’s phone.
His centre-left coalition partner, the SPD, and the far-left Die Linke have also said “a few” of their lawmakers have fallen victim.
Asked about the issue at a regular press briefing on Friday, a spokeswoman for the interior ministry said the attack is “probably led by a state actor”, adding that official warnings had been issued at the beginning of February and again last week.
Russia-linked hackers have been accused of being behind a string of cyberattacks in Germany.
Earlier this month, Germany intelligence services accused hackers associated with Russian military intelligence of infiltrating internet routers to obtain sensitive information.
The same group has also been accused of targeting air traffic control and of spreading disinformation ahead of last year’s general elections.
What is Signal and is it secure?
By AFP
April 25, 2026
Signal has long been a go-to messaging service for users especially concerned about communications secrecy - Copyright AFP Lionel BONAVENTURE
Signal, an end-to-end encrypted messaging app long considered one of the most secure in the world, has recently faced attacks from hackers accused of links to Russia.
Top German officials on Saturday blamed Moscow-backed groups for phishing attacks targeting senior politicians on the messaging app, raising questions about how secure Signal really is.
Similar phishing cases have been reported by Dutch and American users, with Google in February sounding the alarm over cyberattacks from Russia-aligned groups.
But what makes Signal different from other messaging apps, and how could one of the world’s most secure messaging apps be so widely targeted?
– How does it work? –
Signal’s end-to-end encryption means that any sent message travels in a scrambled form and can only be deciphered by the end user.
Nobody in between — not the company providing the service, not the internet provider, nor hackers intercepting the message — can read the content because they don’t have the keys to unlock it.
Signal is not the only messaging service to do this, but unlike WhatsApp and Apple’s iMessage, the app is controlled by an independent non-profit — not a big tech behemoth motivated by revenue. That has won it more trust with those concerned about privacy.
Signal also goes further than WhatsApp on data privacy, making metadata such as when the message was delivered and its recipient invisible even to the company itself.
And WhatsApp shares information with its parent company Meta and third parties, including phone numbers, mobile device information, and IP addresses.
For these reasons, Signal has long been a go-to messaging service for users particularly concerned about communications secrecy, such as people working in security professions, journalists, and their sources.
– Who owns Signal? –
Founded in 2012, Signal is owned by the Mountain View, California-based Signal Foundation.
Its history is linked to WhatsApp: the site was founded by cryptographer and entrepreneur Moxie Marlinspike, with an initial $50 million from WhatsApp co-founder Brian Acton.
Both Signal and WhatsApp, which was bought by Mark Zuckerberg in 2014, are based on the same protocol built by Marlinspike.
“We’re not tied to any major tech companies, and we can never be acquired by one either,” Signal’s website reads. Development is mainly supported by grants and donations.
Very outspoken compared to other Silicon Valley bosses, Signal’s president is Meredith Whittaker, who spent years working for Google and is a fierce critic of business models built on the extraction of personal data.
– Was Signal hacked? –
Signal’s encryption itself has not been broken.
Cyberattackers accused of Russian links did not target the encryption system directly.
Instead, recent attacks relied on phishing — tricking users into handing over access to their accounts.
The attacks work by sending messages purporting to come from Signal support, like fake security alerts or invites to join group chats.
Once users click on these links or enter sensitive account information, attackers can then gain access to messages and chat groups.
This means hackers gain access to data shared on Signal and can also impersonate the person whose account was compromised.
Signal did not immediately respond to requests for comment on the recent attacks.
By AFP
April 25, 2026
Signal has long been a go-to messaging service for users especially concerned about communications secrecy - Copyright AFP Lionel BONAVENTURE
Signal, an end-to-end encrypted messaging app long considered one of the most secure in the world, has recently faced attacks from hackers accused of links to Russia.
Top German officials on Saturday blamed Moscow-backed groups for phishing attacks targeting senior politicians on the messaging app, raising questions about how secure Signal really is.
Similar phishing cases have been reported by Dutch and American users, with Google in February sounding the alarm over cyberattacks from Russia-aligned groups.
But what makes Signal different from other messaging apps, and how could one of the world’s most secure messaging apps be so widely targeted?
– How does it work? –
Signal’s end-to-end encryption means that any sent message travels in a scrambled form and can only be deciphered by the end user.
Nobody in between — not the company providing the service, not the internet provider, nor hackers intercepting the message — can read the content because they don’t have the keys to unlock it.
Signal is not the only messaging service to do this, but unlike WhatsApp and Apple’s iMessage, the app is controlled by an independent non-profit — not a big tech behemoth motivated by revenue. That has won it more trust with those concerned about privacy.
Signal also goes further than WhatsApp on data privacy, making metadata such as when the message was delivered and its recipient invisible even to the company itself.
And WhatsApp shares information with its parent company Meta and third parties, including phone numbers, mobile device information, and IP addresses.
For these reasons, Signal has long been a go-to messaging service for users particularly concerned about communications secrecy, such as people working in security professions, journalists, and their sources.
– Who owns Signal? –
Founded in 2012, Signal is owned by the Mountain View, California-based Signal Foundation.
Its history is linked to WhatsApp: the site was founded by cryptographer and entrepreneur Moxie Marlinspike, with an initial $50 million from WhatsApp co-founder Brian Acton.
Both Signal and WhatsApp, which was bought by Mark Zuckerberg in 2014, are based on the same protocol built by Marlinspike.
“We’re not tied to any major tech companies, and we can never be acquired by one either,” Signal’s website reads. Development is mainly supported by grants and donations.
Very outspoken compared to other Silicon Valley bosses, Signal’s president is Meredith Whittaker, who spent years working for Google and is a fierce critic of business models built on the extraction of personal data.
– Was Signal hacked? –
Signal’s encryption itself has not been broken.
Cyberattackers accused of Russian links did not target the encryption system directly.
Instead, recent attacks relied on phishing — tricking users into handing over access to their accounts.
The attacks work by sending messages purporting to come from Signal support, like fake security alerts or invites to join group chats.
Once users click on these links or enter sensitive account information, attackers can then gain access to messages and chat groups.
This means hackers gain access to data shared on Signal and can also impersonate the person whose account was compromised.
Signal did not immediately respond to requests for comment on the recent attacks.
No comments:
Post a Comment