Germany launches spying probe into Signal attacks targeting MPs / Photo: John MACDOUGALL - AFP
Germany launches spying probe into Signal attacks targeting MPs
German prosecutors Friday launched a spying investigation into phishing attacks targeting lawmakers on the Signal messaging app, with an MP saying the latest Russia-directed plot against Germany was a "wake-up call".
The wave of attacks has allegedly been directed at MPs from several parties including the speaker of parliament, a senior member of Chancellor Friedrich Merz's CDU party, as well as civil servants, diplomats and journalists.
Germany, Kyiv's biggest provider of miliary aid, has been battling a surge of cyberattacks, as well as espionage and sabotage plots since Russia's full-scale invasion of Ukraine in 2022.
Moscow denies being behind any such actions.
The German Federal Prosecutor's Office told AFP it had launched an investigation into the phishing attacks "based on an initial suspicion of espionage".
It did not name Russia or give more details, but suspicion quickly fell on Moscow.
"The latest phishing attempt from Russia targeting German politicians and journalists is a wake-up call for all of us," said Marc Heinrichmann, a CDU lawmaker who heads a committee overseeing the country's intelligence services.
The attack makes "painfully clear" that everyone "must remain vigilant," he said.
"What may seem like a harmless message at first glance could, in today's world, be a targeted espionage attempt by foreign powers."
- 'Extremely worrying' -
The attacks work by sending messages purporting to come from Signal support.
Victims are urged to hand over sensitive account information, which the attackers can then use to gain access to the victim's chat groups and messages.
When the scam is successful, the hackers gain access to photos and files shared on Signal and can also impersonate the person whose account was compromised.
Many have moved from WhatsApp to the non-profit Signal in recent years because of privacy concerns after WhatsApp said it would share some metadata with parent company Meta, which also owns Facebook and Instagram.
German and foreign security services have been warning for months about the attacks, but the potential fallout in Germany is only just becoming clear.
CDU lawmaker Konstantin von Notz told AFP that the scale of the suspected attacks was "extremely worrying".
"At present, no one can say with any certainty whether the integrity of MPs' communications is still guaranteed," he said.
Merz's centre-right CDU party has so far not commented on how many of its lawmakers have been affected.
But earlier this week Der Spiegel news outlet reported that parliament speaker Julia Kloeckner's Signal account had been compromised.
Kloeckner is a member of the CDU's executive committee, whose members -- including Merz -- reportedly communicate via a Signal chat group, although no irregularities were detected on the chancellor's phone.
His centre-left coalition partner, the SPD, and the far-left Die Linke have also said "a few" of their lawmakers have fallen victim.
Asked about the issue at a regular press briefing on Friday, a spokeswoman for the interior ministry said the attack is "probably led by a state actor", adding that official warnings had been issued at the beginning of February and again last week.
Russia-linked hackers have been accused of being behind a string of cyberattacks in Germany.
Earlier this month, Germany intelligence services accused hackers associated with Russian military intelligence of infiltrating internet routers to obtain sensitive information.
The same group has also been accused of targeting air traffic control and of spreading disinformation ahead of last year's general elections.
G.Gaillard--JdCdC
