SIGNAL phishing targeted Germany’s Bundestag President Julia Klöckner via a fake CDU group chat in a campaign that did not require breaking Signal’s encryption, according to Der Spiegel. The attack aimed at Klöckner’s phone through a Signal group chat linked to CDU officials, with Chancellor Friedrich Merz reportedly included but not compromised and at least one other CDU lawmaker affected.
The methods illustrate social engineering to obtain sensitive information such as PIN codes, rather than exploiting the app’s technical security. European cybersecurity and intelligence agencies had warned earlier this month about a campaign posing as a fake Signal support chatbot, and Germany’s domestic intelligence service had issued a February warning that pointed to similar risks.
Investigators believe the incident is part of ongoing hybrid campaigns linked to Russia, highlighting the broader risk to public officials whose communications can reveal strategic information. 24 April 2026