Germany Links Russia to Phishing Attacks on Politicians via Signal Messenger

German government officials have identified Russia as the likely orchestrator behind recent phishing attacks targeting users of the Signal messaging app within Germany's political, business, and media sectors. This development comes amid heightened concerns over cybersecurity risks to high-profile individuals and sensitive communications.

The Federal Prosecutor's office in Germany initially disclosed the wave of phishing attempts, which have affected numerous politicians, military personnel, and journalists. According to sources within the German government, security agencies have already informed the victims of these attacks, halted further data breaches from compromised devices, and launched a formal investigation into the incidents.

Scope and Methods of the Phishing Campaign

Reports indicate that the phishing scheme employed classic social engineering tactics. Attackers impersonated technical support representatives from Signal, convincing victims to grant access to their accounts. Once access was gained, perpetrators used the compromised accounts to propagate further infections through group and private chats by masquerading as the legitimate account owners.

The campaign reportedly affected members across nearly all factions of the Bundestag, journalists, as well as personnel from NATO and the Bundeswehr (German armed forces). Notable victims include Germany's Minister of Education, Karin Prien, Minister of Construction Verena Hubertz, and Julia Klöckner, the Bundestag’s second-highest ranking official and a member of the Christian Democratic Union presidium.

"The recent phishing attempt from Russia targeting German politicians and journalists is a troubling signal for all of us," said Marc Henrichmann, chair of the parliamentary committee overseeing intelligence services. He emphasized the need for vigilance both in official capacities and private life.

While Chancellor Friedrich Merz was also believed to be a potential target, German intelligence agencies conducted a thorough check of his Signal account and found no signs of compromise.

Government representatives declined to comment in detail on communications security. Minister Prien stated she could not disclose information about federal government communication tools, while Minister Hubertz emphasized the importance of maintaining the integrity and security of internal and external ministry communications.

The incident underscores the ongoing cybersecurity threats facing political institutions and the increasing use of popular encrypted messaging platforms as vectors for espionage and cyberattacks. As investigations proceed, German authorities aim to strengthen defenses and raise awareness to protect critical information infrastructure from foreign interference.