Russia as the suspected mastermind: According to government sources, the German government believes the country is behind the attacks on users of the Signal messaging service from the political, business, and media sectors. Security authorities have now informed those affected by the so-called phishing attack, and officials warn that additional users may have been compromised. Data leakage from affected devices has been halted. Media reports indicate that government members are among those impacted by the attack.
German and international security services have been warning for months about a phishing attack wave aimed at secretly taking over Signal accounts belonging to politicians, officials, diplomats, military personnel, and journalists. According to a spokesperson for the Federal Prosecutor's Office, Federal Prosecutor General Jens Rommel initiated investigations in February on suspicion of espionage.
According to information from Der Spiegel, the hack reaches into the federal government itself. Education Minister Karin Prien (CDU) and Housing Minister Verena Hubertz (SPD) are among those affected, the magazine reported on Saturday without providing details about its sources.
The Signal accounts of both politicians are said to have been compromised, marking a new dimension in the scope of the attack wave. Just last Wednesday, Der Spiegel reported that Bundestag President Julia Klöckner (CDU) was among the victims of the phishing campaign.
A spokesperson for Prien's Education Ministry stated in response to an inquiry from news agency AFP that they cannot provide information on the federal government's communication methods. A spokesperson for Hubertz explained that clear principles apply to the integrity and security of internal and external ministry communication, adding that they fundamentally do not comment on possible or actual security incidents.
On Friday, CDU politician Marc Henrichmann, who chairs the Parliamentary Control Panel (PKGr) in the Bundestag overseeing intelligence services, became the first German politician to clearly hold Russia responsible for the attack wave. "The recent phishing attempt from Russia against German politicians and journalists is a wake-up call for all of us," he declared. "What this attack ruthlessly demonstrates is that we all, whether in public office or in private settings, must remain vigilant."
The attack wave targets not only politicians but also officials, diplomats, military personnel, and journalists. The attacks do not exploit a security vulnerability but rather involve sophisticated fraud attempts in which victims are led to believe they are being contacted by Signal support. When the scheme succeeds, attackers gain access to Signal chats and groups as well as photos and files shared there. They can also impersonate the user whose account has been hacked on Signal.
Signal is operated by the Signal Foundation, a nonprofit organization based in Mountain View, California. The fact that Signal, unlike most competing services, is not run by a profit-oriented company contributes to the trust many users place in the program's data protection.
Messages sent via Signal are secured through end-to-end encryption, meaning the message is encrypted when sent and can only be read by the message recipient. Neither network providers, Signal the company, nor hackers have access to the message content.
Other popular messaging services like WhatsApp and iMessage (available on Apple devices) also offer end-to-end encryption. However, unlike Apple and WhatsApp's parent company Meta, Signal also protects all so-called metadata from chats, including sender and recipient numbers, the time messages are sent, and the IP addresses of devices.
Due to this high security standard, journalists in particular use Signal for exchanges with their sources, as do activists and people working in the security sector, but also members of organized crime.
Bundestag Vice President Andrea Lindholz (CSU) has called on the federal government and Bundestag to discontinue use of the US-based provider Signal. Members of parliament and administrations should completely switch to the European messenger service Wire, Lindholz told Bild newspaper (Monday edition). She stated that phone numbers are not disclosed on Wire, email addresses are not visible, and the security level is "substantially higher."
At the same time, the Bundestag Vice President demanded a Signal ban. "We should consider a Signal ban on official devices of members of parliament and Bundestag staff," Lindholz said. According to her account, Wire protects not only the users themselves but also their contacts better. The Bundestag makes it available for official purposes. "But now everyone must actually use it," the CSU politician said.
From breaking news to thought-provoking opinion pieces, our newsletter keeps you informed & engaged.
