FBI, CISA warn of Russian hackers hijacking Signal and WhatsApp accounts
好的,我现在需要帮用户总结这篇文章的内容。用户的要求是用中文,控制在100字以内,不需要特定的开头,直接写描述即可。 首先,我得通读整篇文章,抓住主要信息。文章讲的是FBI和CISA发布了一个公共安全公告,警告公众有关俄罗斯相关的钓鱼攻击活动。这些攻击的目标是获取Signal和WhatsApp等消息应用的账户访问权限。 接下来,文章提到这些钓鱼活动针对的是政府官员、军事人员、记者等高价值目标。攻击者通过伪装成技术支持或安全机器人来诱骗用户分享验证码或密码。虽然他们没有破解端到端加密,但通过社会工程学绕过了这一层保护。 然后,文章给出了保护账户的安全措施,比如不要轻易相信来自“支持”团队的消息,不要分享验证码或密码,并建议启用额外的安全功能如注册锁和设备变更提醒。 最后,文章还提到了如果怀疑账户被劫持该怎么办,比如重新注册号码、撤销设备链接、警告联系人等。 现在我要把这些信息浓缩到100字以内。重点包括:FBI和CISA警告俄罗斯的钓鱼攻击;目标是Signal和WhatsApp账户;通过伪装技术支持获取访问权限;强调社会工程学而非技术破解;以及建议采取的基本安全措施。 可能的结构是:FBI和CISA警告俄罗斯相关钓鱼攻击针对Signal和WhatsApp账户,通过伪装技术支持获取访问权限。强调社会工程学而非技术破解,并建议采取基本安全措施如不分享验证码、启用额外安全功能等。 这样大概控制在100字左右。 </think> FBI 和 CISA 警告俄罗斯相关钓鱼攻击针对 Signal 和 WhatsApp 账户,通过伪装技术支持获取访问权限。强调社会工程而非技术破解,并建议采取基本安全措施如不分享验证码、启用额外安全功能等。 2026-3-24 13:39:36 Author: securityboulevard.com(查看原文) 阅读量:12 收藏

In a Public Service Announcement (PSA) the Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) warn the public about ongoing Russian-linked phishing campaigns that aim to gain access to messaging accounts.

Earlier this month we wrote about a large‑scale phishing campaign aimed at hijacking Signal and WhatsApp accounts belonging to senior officials, military personnel, civil servants, and journalists.

Now the FBI and CISA have joined European intelligence services in warning that the same tactics are being used in a broader campaign targeting these commercial messaging apps. The goal is not to break end‑to‑end encryption, but to walk straight around it by stealing access to individual accounts.

In our previous article, we focused on warnings from the Dutch intelligence services AIVD and MIVD, which described how Russian state‑backed actors approached high‑value targets via Signal and WhatsApp, posing as “Signal Support”, “Signal Security Bot”, or similar. The PSA demonstrates how the same groups are now running global phishing campaigns against messaging app accounts, with evidence suggesting thousands of compromised accounts worldwide.

It’s important to reiterate that the attackers have not managed to break the apps’ end-to-end encryption. Instead, they are relying on social engineering to get a device added so they can eavesdrop on accounts.

The current targets include current and former US government officials, military staff, political figures, and journalists, but there is nothing to stop the same techniques being reused against businesses and everyday users.

So, while it’s tempting to dismiss this as a problem for diplomats and generals (and the agencies issuing these alerts do mention high‑profile targets first), the techniques scale very easily. Once playbooks like these are public, they tend to be copied by cybercriminals looking for new ways to steal money or accounts.

How to protect your accounts

As the PSA puts it:

“Phishing remains one of the most unsophisticated, yet effective means of cyber compromise, often rendering other protections irrelevant”

This calls asks for basic security measures:

  • Treat unsolicited messages from “Support” inside apps as suspicious by default. Legitimate support for apps like Signal and WhatsApp does not ask you, in a chat message, to send back verification codes, PINs, or passwords.​ If you receive a warning about account problems, do not follow links in the message. Open the app’s settings directly or visit the official website through other means.
  • Never share SMS verification codes or app PINs. SMS codes are there to prove that you control a phone number. Anyone who has the code can pretend to be you. App‑specific PINs or passcodes are there to protect account changes. Giving them away is like handing over the keys to your account. Consider anyone asking for them to be a scammer.
  • Be careful what you discuss and with whom. Both the Dutch and US advisories remind us that even with end‑to‑end encryption, some conversations are too sensitive for commercial chat apps.
  • Use the extra security features these apps offer. Enable options like registration lock, registration PIN and device‑change alerts so that your account cannot be silently re‑registered without an extra secret. Store your PIN in a password manager instead of choosing something easy to guess or reusing a common code, to reduce the chance of social engineering or shoulder‑surfing.
  • Another useful feature is disappearing messages. Short‑timer and disappearing messages reduce how much content is available if an attacker gets into a chat later, or if someone obtains long‑term access to a device or backup. They are not a complete solution, but they can limit the damage.

What to do if you think your account was hijacked

If you suspect an attacker has taken over your messaging account:

  1. Try to re‑register your number in the app immediately to kick out other devices.
  2. Revoke all linked devices and change any app‑specific PINs or lock codes.
  3. Warn your contacts that someone may have impersonated you and ask them to treat recent messages with caution.
  4. Review recent conversations for signs of data theft (for example, shared IDs, documents, or passwords that should now be considered exposed).
  5. Report the incident to the app provider and, where appropriate, to national reporting centers such as the FBI’s Internet Crime Complaint Center (IC3) at ic3.gov or the relevant authority in your country.​

The sooner you act, the smaller the window in which attackers can exploit your account.

We don’t just report on phone security—we provide it

Cybersecurity risks should never spread beyond a headline. Keep threats off your mobile devices by downloading Malwarebytes for iOS, and Malwarebytes for Android today.

*** This is a Security Bloggers Network syndicated blog from Malwarebytes authored by Malwarebytes. Read the original post at: https://www.malwarebytes.com/blog/news/2026/03/fbi-cisa-warn-of-russian-hackers-hijacking-signal-and-whatsapp-accounts


文章来源: https://securityboulevard.com/2026/03/fbi-cisa-warn-of-russian-hackers-hijacking-signal-and-whatsapp-accounts/
如有侵权请联系:admin#unsafe.sh