Skip to content
logo The magazine for digital lifestyle and entertainment
Data protection Messenger News Security All topics
Attack From Russia

FBI Sounds the Alarm: Thousands of Messenger Accounts Already Compromised

Authorities See Rising Risk for Messenger Users
Authorities See Rising Risk for Messenger Users Photo: Getty Images
Share article
Rita Deutschbein
Managing Editor

July 1, 2026, 12:35 pm | Read time: 3 minutes

The U.S. security agencies FBI and CISA (Cybersecurity and Infrastructure Security Agency) have updated their warning about ongoing phishing attacks targeting users of commercial messaging services, particularly Signal. The campaigns now focus on recovery keys for messenger backups. Sharing your recovery key can give attackers long-term access to your account and stored messages.

Several groups linked to Russian intelligence services continue to target individuals of particular interest for espionage, according to the FBI and CISA. These include current and former government officials from the U.S. and other countries, military personnel, politicians, journalists, and key figures in Ukraine. According to the agencies, individual user accounts have been compromised, but not the messaging services or their end-to-end encryption.

Attackers Target Backup Keys

The perpetrators send messages that appear to come from the customer service of the respective messenger provider. In addition to confirmation codes and security PINs, they are now also trying to obtain recovery keys for data backups.

If the perpetrators obtain a backup’s recovery key, they can access stored conversations and subsequently take over the affected account. According to the FBI and CISA, a disclosed recovery key remains usable even if the user later sets up a new account with the same phone number on the messenger.

Authorities Recommend Special Caution

To prevent further use of a compromised key, affected individuals should generate a new recovery key in their account settings. This will invalidate the previous key for future backups. However, already downloaded data backups cannot be retroactively protected this way.

For the Signal messenger, this works as follows:

  1. Open Signal and go to Settings.
  2. Select the Backups menu item.
  3. Create a new recovery key.
  4. Securely store the new key and replace the previous one.

Also of interest: FBI can’t bypass Apple’s lockdown mode on iPhone

The FBI and CISA also point out that legitimate support departments use only official email addresses. They would neither request confirmation codes in chat nor send links for account verification or recovery. According to the agencies, the campaigns have already enabled unauthorized access to thousands of messenger accounts. Attackers were able to view messages and contact lists, send messages in the victims’ names, and prepare further phishing attacks. German politicians have also been targets of such attacks. Among those affected is Bundestag President Julia Klöckner. Her case became known in April.

This article is a machine translation of the original German version of TECHBOOK and has been reviewed for accuracy and quality by a native speaker. For feedback, please contact us at info@techbook.de.

You have successfully withdrawn your consent to the processing of personal data through tracking and advertising when using this website. You can now consent to data processing again or object to legitimate interests.