Russian Hackers Target WhatsApp and Signal Accounts of Government Officials in Global Cyber Campaign
The Hague, Sunday, 26 April 2026.
German officials, including Parliament President Julia Klöckner, fell victim to Russian state hackers who successfully infiltrated at least 300 Signal accounts belonging to political figures. The sophisticated phishing operation gained access to chat histories, files, and phone numbers of dignitaries and military personnel across Europe. Dutch intelligence first identified this global campaign in March 2026, marking an unprecedented escalation in state-sponsored digital espionage targeting encrypted messaging platforms used by government officials worldwide.
Dutch Intelligence Identifies Unprecedented Security Threats
The Dutch intelligence service AIVD has determined that national security threats have reached levels not seen since World War II, with Director-General Simone Smit stating that “in the eighty years that the AIVD and its predecessors have existed, there has never been a threat picture like now” [1]. The agency issued 93 official reports in 2025, representing an increase of 20 reports compared to 2024 [2]. This escalation reflects a complex security environment where threats emerge simultaneously from multiple directions, including state-sponsored cyber operations, terrorist networks, and foreign interference campaigns [3].
How the Russian Cyber Campaign Operates
Russian state hackers employed sophisticated social engineering tactics to compromise encrypted messaging platforms, specifically targeting Signal and WhatsApp accounts of high-ranking officials and military personnel [4]. The attackers posed as employees or chatbots of these messaging services, tricking victims into sharing login verification codes through voice phishing campaigns that sometimes involved building contact over months before deploying malicious links [5]. This methodology allowed the hackers to successfully access chat accounts of several Dutch government employees, obtaining not only message histories but also stored files and contact lists [6]. The campaign’s success rate demonstrates the vulnerability of even encrypted platforms when users fall victim to carefully orchestrated deception tactics.
Scale and Impact of the Infiltration
The scope of the Russian operation extended far beyond the Netherlands, with German intelligence reporting that at least 300 Signal accounts belonging to individuals in the political sphere were compromised [7]. Among the victims was German Parliament President Julia Klöckner, highlighting how the campaign successfully penetrated the highest levels of European government communications [8]. The hackers likely accessed comprehensive digital footprints including chat histories, files, and phone numbers of affected users [9]. German authorities from the Federal Office for the Protection of the Constitution and Information Security informed affected individuals and conducted device checks to halt ongoing data leakage [10].
Russian Aggression and Strategic Objectives
The cyber campaign represents part of Russia’s broader aggressive posture toward European countries throughout 2025, as documented by Dutch intelligence [11]. Russian hackers conducted multiple cyberattacks during this period, including operations targeting the Dutch police force alongside the messaging platform infiltrations [12]. The AIVD and its military counterpart MIVD identified a previously unknown Russian cyber actor called “LAUNDRY BEAR” responsible for stealing contact information from Dutch police officers [13]. Intelligence assessments indicate Russia is investing in cyber sabotage capabilities for potential future conflicts while simultaneously gathering information on Western support for Ukraine and attempting to undermine European unity [14]. Director-General Smit emphasized that “the Russian regime portrayed our freedoms as perverse and threatening and tried to undermine unity within and between European countries” [15].
International Response and Future Implications
The revelation of this cyber campaign prompted coordinated international intelligence sharing, with the AIVD more than doubling its intelligence contributions to the European Union’s Single Intelligence Analysis Capacity in 2025 compared to the previous year [16]. FBI Director Kash Patel confirmed in March 2026 that the bureau had also identified Russian intelligence-linked cyber actors targeting messaging services including Signal [17]. The Dutch findings form part of a broader pattern of Russian cyber aggression that European governments have documented, including attacks on Ukrainian systems and attempts to interfere in foreign elections [18]. This escalation in state-sponsored digital espionage targeting encrypted communications platforms raises significant concerns about the security of diplomatic and government communications, potentially forcing a reassessment of how sensitive information is transmitted and protected in an era of sophisticated cyber warfare.
Bronnen
- www.volkskrant.nl
- www.volkskrant.nl
- www.nu.nl
- eenvandaag.avrotros.nl
- eenvandaag.avrotros.nl
- eenvandaag.avrotros.nl
- www.yahoo.com
- www.yahoo.com
- www.yahoo.com
- www.yahoo.com
- eenvandaag.avrotros.nl
- eenvandaag.avrotros.nl
- eenvandaag.avrotros.nl
- eenvandaag.avrotros.nl
- eenvandaag.avrotros.nl
- eenvandaag.avrotros.nl
- www.yahoo.com
- www.yahoo.com