Security experts from the Amnesty International Security Lab have uncovered an attack tool potentially used by state-sponsored Russian hackers targeting users of the messaging service Signal.
According to Donncha Ó Cearbhaill, head of the human rights organization’s lab, the malware is named “Apocalypse Z” and was programmed in Russian. The danger involves phishing messages, which trick users into giving personal data or scanning a QR code, falsely claiming to originate from “Signal Support”. If successful, these attackers can gain access to chats or even take complete control of Signal accounts. Among the reported victims are prominent German figures, including former Bundestag President Julia Klöckner (CDU), and federal ministers Karin Prien (CDU) and Verena Hubertz (SPD).
The scale of the campaign appears to be far greater than previously understood. Analyzing the attackers’ target database, the Amnesty experts revealed that over 13,700 potential victims were identified during January alone. Ó Cearbhaill noted that his own attempted compromise of his Signal account was registered as number 13,730 in their internal database. Furthermore, screenshots from the malicious program indicate that many of the phishing messages were dispatched using Polish and Dutch phone numbers.
Despite calls from some quarters for a ban on the Signal app, the Amnesty expert strongly advised against such actions, insisting that the service continues to offer excellent security. He stressed that the risk of falling victim to similar sophisticated attacks is not significantly lower on other messaging platforms.
