Russian Intelligence Services Target Commercial Messaging Application Accounts
CISA and FBI warned of ongoing phishing campaigns by Russian Intelligence Services targeting commercial messaging application accounts of U.S. government officials, military personnel, political figures, and journalists. Attackers have successfully compromised thousands of individual CMA accounts to access messages, contact lists, and launch secondary phishing attacks, though the applications' encryption itself remains unbroken.
Summary
CISA and FBI warned of ongoing phishing campaigns by Russian Intelligence Services targeting commercial messaging application accounts of U.S. government officials, military personnel, political figures, and journalists. Attackers have successfully compromised thousands of individual CMA accounts to access messages, contact lists, and launch secondary phishing attacks, though the applications' encryption itself remains unbroken.
Full text
EXTERNAL Russian Intelligence Services Target Commercial Messaging Application Accounts Publish DateMarch 20, 2026 Public Service Announcement Related topics: Cybersecurity Best Practices CISA and the Federal Bureau of Investigation released a Public Service Announcement (PSA) warning about ongoing phishing campaigns by cyber actors associated with the Russian Intelligence Services targeting commercial messaging applications (CMAs). These campaigns aim to bypass encryption to compromise to individual user accounts with targets including current and former U.S. government officials, military personnel, political figures, and journalists. Evidence shows that cyber actors have been able to compromise individual CMA accounts, but not encryption of the applications themselves. The actors’ global campaigns have resulted in unauthorized access to thousands of individual CMA accounts to view the victims’ messages and contact lists, send messages, and conduct additional phishing against other CMA accounts. CISA and FBI urge CMA users to review the PSA, follow recommended cybersecurity practices, and remain vigilant for suspicious activity. Tags Language: English Topics: Cybersecurity Best Practices Related Resources Feb 10, 2026 Publication Barriers to Secure OT Communication: Why Johnny Can’t Authenticate Exercise Cyber Storm X: National Cyber Exercise Feb 05, 2026 Fact Sheet, Publication Reducing the Attack Surface for End-of-Support Edge Devices Jan 14, 2026 Secure Connectivity Principles for Operational Technology (OT)
Indicators of Compromise
- mitre_attack — T1566.002
- mitre_attack — T1621