FBI Director Kash Patel revealed on Friday that Russian hackers have been targeting U.S. officials and other high-profile individuals via the encrypted messaging platform Signal, compromising “thousands” of accounts.
Patel stated, “We have identified cyber attackers linked to Russian intelligence agencies focusing on users of commercial messaging applications, including Signal.”
He further explained that this operation is aimed at people of considerable intelligence value, which includes current and former U.S. government officials, military personnel, politicians, and journalists. “Worldwide, this initiative has led to unauthorized access to thousands of personal accounts,” Patel noted.
He cautioned that these Russian attackers can read messages, access contact lists, send messages as if they were the victims, and execute phishing schemes using the compromised accounts.
A public service announcement provided additional details on the threat, highlighting that while the attackers are particularly focusing on Signal accounts, similar tactics can be employed against other commercial messaging platforms.
Russian hackers infiltrate accounts by sending messages that appear automated, which can deceive targets into taking actions like clicking a link or sharing a verification code or account PIN.
If a user unwittingly follows through with these requests, a “complete account takeover” could occur, as warned by both the FBI and the Cybersecurity and Infrastructure Security Agency (CISA) in their public service announcement.
The National Security Agency (NSA) had previously alerted the Department of the Army about the dangers of using Signal, especially concerning threats posed by Russian hacker groups actively targeting the application. Reports indicated that last year, several officials from the Trump administration, including Vice President J.D. Vance and Army Secretary Pete Hegseth, were using the app to communicate about military operations against Houthi rebels in Yemen. Unfortunately, these group chats were inadvertently shared with journalists.
