The Federal Office for the Protection of the Constitution (BfV) has issued an urgent warning to politicians and parties regarding potential information leaks stemming from an active phishing campaign targeting users of the messaging service Signal. According to a warning letter sent on Tuesday to faction leaders of Bundestag parties and their offices, as reported by Der Spiegel, it is believed that “numerous Signal groups within the parliamentary circle are currently being read by attackers almost unnoticed”. The authority stated that “the BfV is already aware of numerous high-profile cases”. However, given the nature of the attacks, they anticipate that the actual number of compromised individuals is likely much higher.
The BfV and the Federal Office for Information Security (BSI) first issued a warning about this threat back in February. The danger involves a fake “Signal Support” account contacting users of the messaging app and prompting them to enter data. Der Spiegel had previously reported that one of those who followed this prompt was the former BND Vice President, Arndt Freytag von Loringhoven.
Despite the multiple warnings, potential victims apparently still do not take the threat seriously enough, according to the German domestic intelligence agency. The office recommends that recipients “review the security measures taken for your party and your mandates in collaboration with your IT specialists”. The most recent “Security Advisory” signed by BfV President Sinan Selen, sent to the political establishment in the capital, included this advice. The BSI has also published a detailed action guide on its website for those who might be affected.
According to Der Spiegel, many potential victims, including journalists alongside politicians, have already reported to the authorities in recent weeks. American and Dutch intelligence services attribute this wave of attacks to Russia.
