Cyber Threats Targeting High-Profile U.S. Users
In a recent revelation, FBI Director Kash Patel disclosed that hackers affiliated with Russian intelligence have been actively targeting the messaging accounts of prominent U.S. individuals. This campaign, which Patel described on March 20, seeks to infiltrate the accounts of those deemed to have “high intelligence value,” including current and former government officials, military personnel, political figures, and journalists.
According to Patel, the FBI has successfully identified the cyber actors behind this operation, which has led to unauthorized access to thousands of accounts worldwide. Once these hackers gain entry, they can not only view private messages and contact lists but also send messages impersonating the victim and engage in further phishing attempts under the guise of a trusted identity.
The @FBI has identified cyber actors associated with Russian Intelligence Services targeting users of commercial messaging applications, including Signal. The campaign targets individuals of high intelligence value, including current and former U.S. government officials,…— FBI Director Kash Patel (@FBIDirectorKash) March 20, 2026
Among the messaging applications under scrutiny, Signal has been specifically mentioned. This follows a 2024 announcement by Russia’s communications regulator, Roskomnadzor, which declared the blocking of Signal along with several other foreign social networks and messaging platforms, citing violations of Russian law.
Adding to the complexity, Dutch intelligence agencies reported on March 9 that Russian hackers had initiated a global cyber campaign aimed at WhatsApp and Signal accounts. The Netherlands’ General Intelligence and Security Service (AIVD) noted that this operation is focused on accessing accounts belonging to dignitaries, military personnel, and civil servants. The campaign employs phishing tactics to trick users into revealing security verification codes and passcodes, thereby compromising their personal accounts and group chats.
In a joint statement, AIVD and the Dutch Military Intelligence and Security Service (MIVD) warned that the Russian hackers have likely accessed sensitive information through these breaches. In response to these threats, Signal acknowledged the targeted phishing attacks that have resulted in some account takeovers.
Since the onset of Russia’s full-scale invasion of Ukraine, the nation’s cyber activities have increasingly pivoted towards more disruptive operations aimed at undermining Ukraine’s Western allies. Cyberattacks have become a pivotal component of Russia’s hybrid warfare strategy, with European governments consistently accusing Moscow of ramping up its cyber operations. These include attacks on Ukrainian systems, breaches of civilian infrastructure across Europe, and attempts to meddle in foreign elections.
