FBI & CISA Alert: Russian SIM‑Swap Hijacks of Signal and WhatsApp

The FBI and CISA released a joint advisory warning that Russian state‑aligned cyber‑espionage groups are conducting sophisticated SIM‑swap attacks to hijack user accounts on Signal and WhatsApp. By compromising the victim’s mobile number, the attackers can take control of the messaging apps, bypassing end‑to‑end encryption and gaining access to real‑time communications, contact lists, and authentication codes.

Defenders must treat this as a high‑impact threat to both corporate and personal communications. Successful hijacks enable attackers to read confidential messages, impersonate users, and inject malicious links, potentially leading to credential theft and broader network compromise. Organizations should monitor the published indicators of compromise, enforce carrier‑level alerts for number porting, apply multi‑factor authentication that does not rely solely on SMS, and educate users about the signs of SIM‑swap activity. Implementing these mitigations will reduce the attack surface and help contain the espionage campaign.

Categories: Threat Intelligence, Identity & Access Management

Source: Read original article