Russian intelligence-linked hackers are targeting users of popular messaging apps like Signal, gaining access to private messages and impersonating victims in a sweeping global campaign, according to a joint warning from the FBI and U.S. cybersecurity officials.
The FBI and the Cybersecurity and Infrastructure Security Agency said the operation has already compromised thousands of individual commercial messaging app accounts, allowing attackers to read messages, access contact lists and send messages posing as the victim.
FBI Director Kash Patel warned the campaign is targeting individuals of high intelligence value, including U.S. officials, military personnel and journalists, and has already resulted in widespread account compromises.
The agencies emphasized the activity does not involve breaking Signal's encryption. Instead, it relies on tricking users through phishing schemes that pose as messaging app support or send fake security alerts designed to create urgency, prompting users to click malicious links or share verification codes or PINs.
What the Left Is Saying
Progressive cybersecurity advocates and Democratic lawmakers are using the warning to call for greater investment in digital security infrastructure. Senator Ron Wyden of Oregon, who has long advocated for stronger privacy protections, has previously urged tech companies to implement more robust authentication measures to protect users from sophisticated phishing attacks.
The Electronic Frontier Foundation, a digital rights organization, noted that while the attack vector is social engineering rather than encryption breaking, the threat remains serious. The organization has emphasized that users should enable two-factor authentication and be skeptical of unsolicited security alerts.
Former National Security Council officials in Democratic administrations have stressed the importance of public-private cooperation in countering foreign cyber threats, arguing that agencies like CISA need sustained funding to provide timely warnings and guidance to at-risk communities.
What the Right Is Saying
Republican lawmakers are framing the Russian hacking campaign as another example of foreign adversaries exploiting American technology vulnerabilities. Senator Marco Rubio of Florida, a member of the Senate Intelligence Committee, has long advocated for aggressive countermeasures against state-sponsored cyber actors.
Conservative commentators have criticized what they characterize as insufficient oversight of encrypted messaging platforms, arguing that tech companies bear responsibility for protecting users from foreign manipulation. Some have called for legislative requirements that platforms cooperate more readily with law enforcement investigations.
Former Trump administration officials have pointed to the need for stronger offensive cyber operations against foreign intelligence services, arguing that the U.S. must adopt a more proactive stance in disrupting Russian hacking campaigns before they compromise sensitive communications.
What the Numbers Show
According to the FBI and CISA joint public service announcement, the campaign has compromised thousands of individual commercial messaging app accounts. The operation targets specific high-value individuals including U.S. officials, military personnel and journalists.
The agencies clarified that the compromise does not involve breaking the encryption of messaging applications themselves. Instead, attackers use phishing techniques to trick users into revealing verification codes or PINs, allowing the hackers to link their own device to the victim's account.
The FBI has advised users who believe they may have been targeted to report incidents to the Internet Crime Complaint Center. Signal, the encrypted messaging app specifically mentioned in the warning, did not immediately respond to requests for comment.
The Bottom Line
The joint FBI-CISA warning represents a significant public acknowledgment of Russian intelligence targeting American citizens through widely-used messaging platforms. While the attack relies on social engineering rather than cryptographic weakness, the ability to impersonate victims and access private conversations poses serious intelligence risks.
The campaign highlights the ongoing tension between user privacy and security in encrypted messaging platforms. Cybersecurity experts recommend that high-risk users enable all available security features, verify unexpected messages through separate channels, and report suspicious activity to law enforcement.
What to watch: Whether Congress takes up legislation addressing platform security standards, how tech companies respond to the threat notification, and whether additional details emerge about specific victims or ongoing compromises.