Russian government hackers target Signal accounts in spyware campaign: researcher reveals how

Earlier this year, Donncha Ó Cearbhaill, a security researcher at Amnesty International, received a suspicious message on his Signal account. The message claimed to be from “Signal Security Support ChatBot” and warned of suspicious activity that could lead to a data leak. It demanded a verification code to prevent further access. Ó Cearbhaill, a veteran spyware investigator, instantly recognized this as a phishing attempt. But instead of ignoring it, he turned the tables and launched his own investigation into what turned out to be a widespread campaign by Russian government hackers targeting Signal accounts.

This is not just another phishing story. It is a case study in how state-backed actors exploit trust in encrypted messaging apps to steal sensitive information. Ó Cearbhaill shared his findings exclusively with TechCrunch, revealing the scale and sophistication of the operation. In this article, we break down how the attack worked, who was targeted, and what you can do to protect your Signal account.

How the phishing attack on Signal accounts worked

The hackers impersonated Signal’s official support team, sending messages that warned of fake security threats. The goal was simple: trick victims into entering a verification code that would link their Signal account to a device controlled by the attackers. This technique, known as “device linking,” allows hackers to read all messages and access contacts without needing to crack encryption.

Ó Cearbhaill noted that the attackers used a tool called “ApocalypseZ” to automate the process. This system enabled them to target thousands of users simultaneously with minimal human oversight. The interface and codebase were in Russian, which aligns with previous warnings from CISA, the UK’s National Cyber Security Centre, and Dutch intelligence, all of which attributed similar campaigns to Russian government hackers.

Who was targeted in this Russian hacking campaign?

Ó Cearbhaill discovered that he was one of more than 13,500 targets. The list included journalists he had worked with, as well as a colleague at Amnesty International. He believes the hackers used a “snowball hypothesis” — compromising one victim and then using their contact list to find new targets. “I am convinced I became a target because I was likely in a group chat with someone who got hacked,” he said.

German news magazine Der Spiegel reported that the same group compromised several high-profile politicians in Germany. This highlights the broad scope of the campaign, which targets not only security researchers but also journalists, activists, and political figures. The attackers translated victim chats into Russian, further confirming their state-sponsored nature.

How the researcher turned the tables on the attackers

Instead of panicking, Ó Cearbhaill used his expertise to trace the attack back to its source. He declined to reveal all his methods, fearing it would tip off the hackers. However, he shared that he identified the ApocalypseZ system and monitored the campaign in real time. “Having the attack land in my inbox was too good an opportunity to pass up,” he told TechCrunch.

He also warned that the attacks are ongoing, meaning the total number of targets is likely much higher than the 13,500 he observed earlier this year. He expects the hackers to avoid targeting him again, but he remains vigilant. “I welcome future messages, especially if they have zero-days they would like to share,” he joked, referring to unknown security flaws.

Protecting your Signal account from phishing attacks

If you are a Signal user, you can take immediate steps to defend against similar attacks. The most important measure is enabling Registration Lock. This feature requires a PIN to register your phone number on a new device, blocking hackers from hijacking your account even if they trick you into sharing a verification code.

Additionally, never share verification codes with anyone, even if they claim to be from Signal. The app’s official support team will never ask for such information. Always verify the sender’s identity before responding to security alerts. For more tips, check out our guide on how to secure your Signal account.

The bigger picture: Russian government hackers and encrypted apps

This campaign is part of a broader trend of state-backed actors targeting encrypted messaging platforms. Signal, known for its strong privacy protections, is a prime target because it is used by journalists, activists, and government officials. The Russian hacking group behind this attack has been linked to previous operations against Ukrainian military personnel and dissidents.

As Ó Cearbhaill’s investigation shows, even experienced security researchers can become targets. The key is to stay informed and use available security features. By enabling Registration Lock and remaining cautious of phishing attempts, you can significantly reduce your risk. For more on this, read our analysis of state-sponsored phishing campaigns.

In conclusion, the campaign against Signal users by Russian government hackers is a stark reminder that no app is immune to targeted attacks. However, with the right precautions, you can protect your account and your data. Stay alert, stay safe.

OpenAI confirms data breach after supply chain attack on TanStack

Earlier this week, a wave of supply chain attacks hit multiple open source projects, affecting dozens of companies. Among them, OpenAI has now confirmed that hackers stole some internal source code data from its systems. The OpenAI data breach was linked to a malicious campaign targeting the widely used library TanStack.

On Wednesday, the artificial intelligence giant disclosed that two of its employees had their devices compromised during the attack. According to a blog post, an internal investigation revealed unauthorized access to a limited set of internal source code repositories. However, the company reassured users that no customer data or production systems were affected.

How the TanStack attack led to the OpenAI data breach

The incident began on Monday when TanStack, a popular open source library for building web applications, revealed it had been hijacked. Attackers published 84 malicious versions of the software within a six-minute window. A researcher detected the intrusion within 20 minutes, but the damage had already begun.

These malicious updates contained malware designed to steal credentials from infected systems. The malware could also self-propagate, spreading across networks to reach other machines. OpenAI confirmed that the compromised employee devices were part of this broader supply chain attack.

As a result, hackers gained access to a small portion of internal source code repositories. The stolen data included digital certificates used to sign OpenAI’s products. In response, the company is rotating these certificates as a precaution, which will require macOS users to update the app.

What was stolen and what remains safe

OpenAI stated that only limited credential material was taken from the affected code repositories. The company found no evidence that user data, production systems, or intellectual property were compromised. Additionally, no software was altered during the attack.

“We have found no evidence of compromise or risk to existing software installations,” the company wrote. This means that current users of OpenAI’s products are not at immediate risk. However, the incident highlights the ongoing vulnerabilities in the software supply chain.

For more on how companies protect against such threats, check out our guide on supply chain security best practices.

Who is behind this supply chain attack?

It remains unclear which group orchestrated the TanStack attack. Some past supply chain hacks have been attributed to a hacking gang known as TeamPCP, which itself was previously targeted by other hackers. However, other groups have used similar tactics.

In March, North Korean hackers hijacked Axios, another open source development tool, and pushed malware that could have infected millions of developers. Similarly, in May, Chinese hackers were accused of targeting thousands of Windows computers running Daemon Tools, a disc-imaging software.

These attacks rely on taking over open source projects and distributing malware disguised as routine updates. This approach allows attackers to compromise multiple targets with a single hack, spreading damage across the internet. As supply chain attacks become more common, companies must remain vigilant.

How to protect your organization from similar threats

Organizations can reduce their risk by implementing strict access controls and monitoring for unusual activity. Regularly rotating digital certificates and using multi-factor authentication are also effective measures. Additionally, keeping software updated and verifying the integrity of third-party libraries can help prevent similar incidents.

For further reading, explore our article on open source security risks and how to mitigate them.

In conclusion, while the OpenAI data breach was limited in scope, it serves as a reminder of the interconnected nature of modern software development. As hackers continue to target open source ecosystems, companies must prioritize security at every level.

NPM Supply Chain Attack Spreads Like Worm in Developer Ecosystem

A fresh wave of malicious npm supply chain attack activity is targeting developers, using a worm-like propagation method to steal credentials and compromise multiple projects. According to new findings from cybersecurity firm Socket, the attack mirrors earlier worm-style campaigns that leveraged blockchain-hosted infrastructure for command and control (C2). This time, the malware is spreading through popular npm packages, putting thousands of developers at risk.

How the NPM Supply Chain Attack Works

The malicious packages, identified as multiple versions of @automagik/genie and pgserve, are designed to execute harmful code during installation. Once installed, the malware scans the infected system for sensitive data stored in environment variables and configuration files. Targeted information includes cloud credentials, CI/CD tokens, SSH keys, and local developer artifacts such as .npmrc files and shell histories.

As a result, the attack goes beyond simple credential theft. It also attempts to access browser-stored data and cryptocurrency wallets, including Chrome profiles and extensions like MetaMask and Phantom. This dual focus on both developer tools and financial assets makes it particularly dangerous.

Worm-Like Propagation and Ecosystem Spread

A key feature of this npm supply chain attack is its ability to self-propagate. The malware extracts npm tokens from the infected system, identifies accessible packages, injects malicious code into them, and republishes them under the compromised developer’s identity. This allows the attack to spread rapidly across the npm ecosystem, infecting other projects that depend on those packages.

Building on this, the malware also includes functionality to propagate via Python’s PyPI repository. It generates malicious packages using .pth file injection when credentials are present, extending its reach beyond the JavaScript ecosystem.

Exfiltration Through Multiple Channels

Data exfiltration occurs through two distinct channels: a standard HTTPS webhook and an endpoint hosted on the Internet Computer Protocol (ICP). The malware can encrypt stolen data using AES-256 and RSA methods, though it also supports plaintext fallback. This dual-channel approach makes detection more challenging for security teams.

Similarities to Previous Campaigns

Researchers have observed strong similarities between this campaign and earlier attacks linked to the TeamPCP group. These include the use of post-install scripts and canister-based infrastructure on the ICP network. However, the exact source of the compromise remains under investigation, leaving the possibility that legitimate projects were hijacked.

For instance, some affected packages show active usage, with one package recording over 6,700 weekly downloads. Inconsistencies between npm releases and Git tags further raise suspicion, suggesting that attackers may have gained access to maintainer accounts or repository credentials.

Protecting Your Development Environment

To defend against this npm supply chain attack, developers should take immediate action. First, audit your project dependencies for any use of @automagik/genie or pgserve. Second, rotate all npm tokens and review repository access permissions. Third, enable two-factor authentication on all package management accounts.

Additionally, consider using package scanning tools that detect malicious code during installation. Socket offers real-time protection against supply chain attacks, and similar tools can help identify suspicious behavior early.

What to Do If Compromised

If you suspect your system is infected, immediately revoke all exposed credentials and tokens. Change passwords for linked accounts, and scan your development machines for malware. Finally, report any suspicious packages to the npm security team to help contain the spread.

As the situation evolves, researchers at Socket warn that additional malicious versions are continuing to emerge. The full scope of the attack is not yet confirmed, but the worm-like propagation mechanism makes this one of the most concerning supply chain threats in recent months.

For more insights on similar threats, read our guide on Malicious Machine Learning Model Attack Discovered on PyPI.