Reuters is reporting that Russia-linked hackers have breached the messaging accounts of officials, journalists, and activists using apps including Signal and WhatsApp, according to a warning issued by the Dutch government. Something that I have covered here in the past.
Authorities say the campaign involved targeted account takeovers that allowed attackers to access private communications and potentially monitor sensitive conversations. The activity highlights how threat actors can gain access to messaging platforms without breaking encryption by compromising accounts or exploiting weaknesses in how applications and devices are trusted.
Mark Mazur, Field CTO, Approov Mobile Security had this to say:
“Account takeover attacks often exploit applications’ failure, particularly messaging applications, to accurately assess the risk of tampered mobile applications and devices.
“Security teams need to treat mobile applications and the devices they run on as potential sources of threats. Cloning and modifying an app downloaded from an app store, on a rooted or jailbroken device is an increasing risk due to AI-powered reverse engineering. RASP, Attestation and cryptographically signed API messages should be used in mobile applications to minimize these risks.”
Having strict policies on the use of personal for business use, as well as using MDM products to manage apps on devices and detect jailbroken devices are some ways to keep users safe. Organizations should look at options like those to mitigate the potential threat that this scenario poses.
Like this:
Like Loading...
Related
This entry was posted on March 11, 2026 at 8:43 am and is filed under Commentary with tags Hacked. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
Russia-linked hackers breach Signal and WhatsApp accounts
Reuters is reporting that Russia-linked hackers have breached the messaging accounts of officials, journalists, and activists using apps including Signal and WhatsApp, according to a warning issued by the Dutch government. Something that I have covered here in the past.
Authorities say the campaign involved targeted account takeovers that allowed attackers to access private communications and potentially monitor sensitive conversations. The activity highlights how threat actors can gain access to messaging platforms without breaking encryption by compromising accounts or exploiting weaknesses in how applications and devices are trusted.
Mark Mazur, Field CTO, Approov Mobile Security had this to say:
“Account takeover attacks often exploit applications’ failure, particularly messaging applications, to accurately assess the risk of tampered mobile applications and devices.
“Security teams need to treat mobile applications and the devices they run on as potential sources of threats. Cloning and modifying an app downloaded from an app store, on a rooted or jailbroken device is an increasing risk due to AI-powered reverse engineering. RASP, Attestation and cryptographically signed API messages should be used in mobile applications to minimize these risks.”
Having strict policies on the use of personal for business use, as well as using MDM products to manage apps on devices and detect jailbroken devices are some ways to keep users safe. Organizations should look at options like those to mitigate the potential threat that this scenario poses.
Share this:
Like this:
Related
This entry was posted on March 11, 2026 at 8:43 am and is filed under Commentary with tags Hacked. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.