According to initial information, the wave of attacks is believed to have targeted parliamentarians from multiple parties, including the President of the Parliament, several senior members of the Christian Democratic Union (CDU), as well as officials, diplomats, and journalists. The German Federal Prosecutor’s Office confirmed it has launched an investigation “based on initial suspicions of espionage activity.”

A CDU parliamentarian and Chairman of the committee overseeing German intelligence agencies described this as a serious “wake-up call.” He emphasized that seemingly harmless messages could be deliberate reconnaissance efforts by foreign powers.

The attacks were carried out by sending fake messages impersonating Signal’s support team, tricking users into providing account information. Once they gained access, hackers could read chat content, collect data, images, files, and even impersonate the victims.

In recent years, many users have switched from WhatsApp to Signal due to privacy concerns. However, German and international security agencies have been warning about this type of attack for months.

A CDU parliamentarian said the scale of the incident is “extremely concerning,” while noting that it is not yet possible to confirm whether the integrity of communications among parliamentarians remains assured.

According to German media, the Signal account of the Parliament President is believed to have been compromised. She is a member of the CDU leadership, where leaders, including the Chancellor, use a Signal group to communicate. However, no signs of irregularities have been detected on the Chancellor’s device so far. Several parliamentarians from the Social Democratic Party (SPD) and the Left Party (Die Linke) have also been confirmed as victims.

The German Interior Ministry assessed that the incident “was likely carried out by a state actor,” and stated that warnings were issued as early as February, with the most recent one this past week. In recent years, Germany has faced a continuous series of cyberattacks, espionage activities, and sabotage, with many hacker groups accused of infiltrating networks, attacking air traffic control systems, and spreading disinformation ahead of elections.

Signal messaging app

Signal is an encrypted messaging app launched in 2014 by the Signal Foundation, a nonprofit co-founded by privacy activist Moxie Marlinspike and WhatsApp co-founder Brian Acton. It was developed from the earlier RedPhone and TextSecure projects, focusing on end-to-end encryption for all communications. Widely regarded as a gold standard for privacy, Signal gained millions of users during global concerns over data surveillance and is used by journalists, activists, and governments.

Signal messaging app

Signal is a private messaging app known for its strong end-to-end encryption, developed by the Signal Foundation and the Signal Messenger LLC. It was created in 2014 by security-focused developers, including Moxie Marlinspike and Brian Acton, a co-founder of WhatsApp. The app prioritizes user privacy and is widely used by journalists, activists, and security-conscious individuals.