Arndt Freytag von Loringhoven, the former vice‑president of Germany’s BND, was among those targeted in a cyberattack that compromised users of the messenger app Signal. In an interview with the “Spiegel” the 69‑year‑old, a trained diplomat who until 2019 oversaw NATO’s intelligence‑cooperation office, said a message that claimed to come from Signal support had reached him. The message demanded his PIN, which he entered and consequently revealed his credentials.
In February the Verfassungsschutz, Germany’s domestic intelligence service, described the global attack as “security relevant”. It was aimed primarily at civil servants, military personnel and journalists, and the magazine reported that high‑ranking German politicians also reported the incident to authorities. Dutch intelligence agencies believe that Russian state actors are behind the operation. They allegedly take over victim accounts, gain access to contacts, and send messages. In Loringhoven’s case, it appears that the attackers lured the contacts of the former BND officer to a website using his name as bait.
After discovering the breach, Loringhoven warned all his contacts and deleted his Signal account. He has said that the incident demonstrates how Russian state actors continue their offensive hybrid campaigns unabated. He has already written about Russian cyber threats in his book “Putins Angriff auf Deutschland” (“Putin’s Attack on Germany”).