A growing cyber-espionage campaign linked to Russia is targeting users of encrypted messaging platforms such as WhatsApp and Signal, according to warnings issued by the United Kingdom’s National Cyber Security Centre (NCSC).
The advisory highlights a surge in social engineering attacks aimed at “high-risk individuals”, including government officials, journalists, and professionals handling sensitive information. Attackers are attempting to gain access not by breaking encryption, but by deceiving users into sharing login credentials, verification codes, or linking their accounts to malicious devices.
Common tactics include impersonating trusted contacts or support services, sending phishing links or QR codes, and covertly joining group chats to monitor conversations. In some cases, hackers add victims’ accounts to their own devices, enabling access to private messages without detection.
Cybersecurity agencies across Europe and the United States have reported that thousands of accounts may already have been compromised in what appears to be a coordinated global campaign.
Authorities emphasise that the attacks exploit human vulnerability rather than technical flaws in the apps’ encryption systems. Users have been urged to enable multi-factor authentication, verify linked devices, and avoid sharing sensitive information over messaging platforms to mitigate risks.
