THE UK’s National Cyber Security Centre (NCSC) has warned of an uptick in targeted attacks against individuals using messaging apps such as WhatsApp, Facebook Messenger and Signal. According to the NCSC, there has been “growing malicious activity from Russia-based actors using messaging apps to target high-risk individuals,” including people in government, academia, journalism and the legal profession.
The agency notes that these attacks are attributed to hacking groups linked to the Russian FSB, and it has previously disclosed similar activity by China state‑affiliated group APT31 and hackers linked to Iran’s Islamic Revolutionary Guard Corps. The Dutch intelligence service has also warned of Russian hackers targeting WhatsApp and Signal accounts.
Techniques include sending malicious links and QR codes to steal credentials or install malware, tricking users into sharing login details or recovery codes, joining group chats undetected, and impersonating known contacts to mount social‑engineering attacks. The NCSC advises actions such as not sharing sensitive information via messaging apps, using corporately provided services for work, avoiding unexpected QR codes, enabling MFA, and regularly checking linked devices and group memberships.