Targeted Phishing Leads to Signal Account Takeover of Former German BND Vice President
What Happened – A sophisticated phishing campaign impersonating Signal support tricked former German Federal Intelligence Service (BND) Vice President Arndt Freytag von Loringhoven into revealing his PIN, enabling attackers to hijack his Signal account and send a malicious link to his contacts. The incident is part of a broader wave of account‑takeover attacks against Signal and WhatsApp users in Germany, linked to Russian‑aligned hybrid‑warfare actors.
Why It Matters for TPRM –
- Credential‑based compromises of secure messaging apps can expose sensitive diplomatic and intelligence communications.
- The campaign demonstrates that even end‑to‑end encrypted platforms are vulnerable to social‑engineering, underscoring the need for robust user‑education and MFA controls across third‑party vendors.
- Government‑level attacks often cascade to private‑sector partners that share the same communication channels, raising supply‑chain risk.
Who Is Affected – Government agencies, intelligence services, political offices, and any organization whose personnel rely on Signal or WhatsApp for confidential communications.
Recommended Actions –
- Verify that all high‑risk users have enabled two‑factor authentication (2FA) on messaging apps and enforce PIN complexity.
- Conduct immediate account‑audit for “paired devices” and unknown sessions; purge any unauthorized devices.
- Deliver targeted phishing‑awareness training to executives and security‑clearance holders.
- Review contractual security clauses with messaging‑app providers to ensure rapid incident‑response support.
Technical Notes – Attack vector: targeted phishing (social engineering) that harvested the victim’s Signal PIN. No vulnerability in Signal’s encryption or infrastructure was identified; the compromise stemmed from user credential theft. Data types potentially exposed include contact lists, metadata, and any messages sent before the account was reclaimed. Source: Security Affairs