Dutch Intelligence Warns: Hackers Hijacking Signal and WhatsApp Accounts via Social Engineering
Dutch intelligence agency warns hackers are stealing user accounts by tricking users into sharing verification codes or linking malicious devices. Additionally, reports suggest hackers may have breached FBI wiretap network via supply chain attack.
In March 2026, Dutch intelligence agency (MIVD) issued an urgent warning: hackers are stealing users' Signal and WhatsApp accounts through social engineering attacks. Attack methods include tricking users into sharing verification codes or luring users to link accounts to malicious devices.
Account Hijacking Methods
According to the Dutch intelligence agency's warning, attackers' main methods include:
Verification code phishing: Posing as official services to trick users into sharing SMS verification codes
Device linking deception: Convincing users to link accounts to attacker-controlled devices
Social engineering: Exploiting trust relationships or emergency situations to induce user actions
Verification code phishing: Posing as official services to trick users into sharing SMS verification codes
Device linking deception: Convincing users to link accounts to attacker-controlled devices
Social engineering: Exploiting trust relationships or emergency situations to induce user actions
Once an account is compromised, attackers can view message history, send messages, and even conduct further fraudulent activities.
FBI Wiretap Network Possibly Breached
More concerning, reports suggest hackers may have breached the FBI's wiretap network through a supply chain attack. This incident exposes potential vulnerabilities in law enforcement cybersecurity systems.
Previously, U.S. law enforcement relied on communication surveillance systems for criminal investigations, but if such systems themselves are compromised by hackers, the consequences could be devastating. Security experts are calling for relevant departments to strengthen security protection of critical infrastructure.
How to Protect Your Accounts
Security experts recommend users take the following measures:
Enable two-factor authentication: Add extra protection layer to accounts
Be wary of verification code requests: Official agencies won't ask for verification codes via phone or SMS
Regularly check devices: Review account-linked devices and promptly remove unknown ones
Use official apps: Download communication apps from official channels
Enable two-factor authentication: Add extra protection layer to accounts
Be wary of verification code requests: Official agencies won't ask for verification codes via phone or SMS
Regularly check devices: Review account-linked devices and promptly remove unknown ones
Use official apps: Download communication apps from official channels
Reference: Malwarebytes, The Hacker News