March 10, 2026

Russian Hackers Target Signal and WhatsApp with Fake Bots Stealing Verification Codes

Vaibhav March 10, 2026
Russian-Hackers-Target-Signal-and-WhatsApp-with-Fake-Bots-Stealing-Verification-Codes
Post Views: 10

A Sophisticated Phishing Campaign Targets Signal Users with Fake Support Chatbots

A recent warning from European intelligence agencies has highlighted a global cyber campaign targeting users of the encrypted messaging platform Signal. The campaign, attributed to Russia-linked hacking groups, employs social engineering tactics to trick users into divulging security codes, potentially compromising private chats and groups.

Campaign Tactics

According to reports, the attackers impersonate Signal’s support team or technical chatbots, convincing users to share six-digit verification codes or PIN numbers. Once obtained, these codes grant the attackers full control over the accounts, allowing them to access sensitive information, including confidential communications and journalistic sources.

The campaign’s primary tactic involves fake “Signal Support” chatbots. These chatbots send messages to targets, claiming security issues or verification problems with their accounts. The user is then prompted to share the verification code or security PIN, often under the threat of account suspension.

In addition to the fake chatbot tactic, hackers are also exploiting Signal’s “Linked Devices” feature. Users are sent a link or QR code, supposedly to verify their account. However, scanning the QR code or clicking the link allows the attacker’s device to link directly to the victim’s account, enabling them to read messages without needing the password.

Indicators of a Compromised Account

Intelligence agencies have identified potential indicators of a compromised account, including duplicate contacts or familiar numbers appearing as “deleted accounts.” Users are advised to be cautious of such signs and take immediate action to secure their accounts.

Expert Insights

Experts emphasize that while end-to-end encryption provides a high level of security, it can be undermined by social engineering tactics. Renowned cybercrime expert Prof. Triveni Singh notes that modern cybercriminals increasingly rely on manipulating human behavior rather than purely technical hacking. Attackers often pose as support agents, bank officials, or technical staff to obtain verification codes and one-time passwords, making even secure platforms vulnerable.

Targeted Groups and Recommendations

The campaign has targeted government employees and journalists in several countries, potentially exposing sensitive diplomatic discussions, security-related information, and confidential sources. As a result, European authorities have issued cyber advisories warning against relying on messaging apps for sharing classified or highly sensitive information.

  • Never share six-digit verification codes or security PINs with anyone, including individuals claiming to be support staff.
  • Avoid scanning unknown QR codes or clicking suspicious links.
  • Enable two-step verification in messaging apps.
  • Regularly review logged-in devices and change security settings if suspicious activity is detected.

In the face of evolving cyber threats, digital awareness and caution remain the most effective defense. As cybercriminals adapt their strategies to focus on deceiving users, it is essential for individuals to remain vigilant and take proactive measures to protect their sensitive information.



About Author

Vaibhav

See author's posts

More Stories

Mirax-Bot-Malware-Threat-Android-Banking-App-Vulnerability-Exposed-Globally

Mirax Bot Malware Threat: Android Banking App Vulnerability Exposed Globally

Vaibhav March 8, 2026
Retired-Commissioner-and-Teacher-Fall-Prey-to-1-94-Crore-Trading-and-Policy-Claim-Scamdata

Retired Commissioner and Teacher Fall Prey to ₹1.94 Crore Trading and Policy Claim Scam

Vaibhav March 7, 2026
Iran-Linked-APT-Group-Deploys-Sophisticated-Backdoors-to-Compromise-US-Critical-Infrastructuredata

Iran-Linked APT Group Deploys Sophisticated Backdoors to Compromise US Critical Infrastructure

Vaibhav March 6, 2026

Latest Cyber Security News

Runtime-Governance-and-Visibility-for-AI-Agents-with-Singulr-AI-s-Agent-Pulse

Runtime Governance and Visibility for AI Agents with Singulr AI’s Agent Pulse

Vaibhav March 10, 2026
OneTrust-Enhances-AI-Governance-with-Real-Time-Monitoring-and-Guardrail-Enforcement

OneTrust Enhances AI Governance with Real-Time Monitoring and Guardrail Enforcement

Vaibhav March 10, 2026
Ericsson-Employee-and-Customer-Data-Exposed-in-Cybersecurity-Breach

Ericsson Employee and Customer Data Exposed in Cybersecurity Breach

Vaibhav March 10, 2026
Cylake-Secures-45-Million-to-Protect-Organizations-from-Cloud-Security-Barriers

Cylake Secures $45 Million to Protect Organizations from Cloud Security Barriers

Vaibhav March 10, 2026
Mitigating-Supply-Chain-Risks-Space-Threats-and-AI-Limitations-Insights-from-Airbus-Chief-Security-Officer

Mitigating Supply Chain Risks, Space Threats, and AI Limitations: Insights from Airbus’ Chief Security Officer

Vaibhav March 10, 2026
en_USEnglish
en_USEnglish