1. Residential Customers
  2. Business Customers
  3. About Swisscom
  4. blue News
  1. My Swisscom
  3. myAI
  4. myCloud
  5. TV
  6. Phone book
EN
Weather
  1. blue News
  1. Entertainment
  1. Sport
Swisscom Services
  1. Phone Book
  3. Web TV
  4. My Swisscom
Swisscom Apps
  1. Swisscom blue News & E-Mail
  2. Swisscom blue TV
  3. Swisscom blue Cinema
  4. Swisscom myAI
  5. Swisscom myCloud
Language
  1. English
  2. Deutsch
  3. Français
  4. Italiano

Russians suspected of being behind attack Huge Signal hack - what you can do now

Martin Abgottspon

26.4.2026

Signal is considered a privacy-oriented messenger and, like Threema, an alternative to WhatsApp.
Signal is considered a privacy-oriented messenger and, like Threema, an alternative to WhatsApp.
Zacharie Scheurer/dpa-tmn/dpa

The German government suspects that Russia is behind attacks on the messenger Signal. What's behind it and what you should look out for.

26.04.2026, 18:15

26.04.2026, 18:20

Email inboxes, internet accounts, messenger apps - all of these can be hacked, with unpleasant consequences. And it can affect everyone, right up to top politicians, as happened to Signal this weekend. Bundestag President Julia Klöckner and two Merz ministers are said to have fallen victim to the attacks.

Blue circle suddenly disappeared. What does this purple flower in WhatsApp do?

Blue circle suddenly disappearedWhat does this purple flower in WhatsApp do?

The German Federal Office for Information Security (BSI) and the Federal Office for the Protection of the Constitution therefore warn against the active phishing campaign and provide answers to the most important questions.

What do the signal phishing messages look like?

The attackers send messages that disguise themselves as official Signal messages. Typical patterns:

- Fake Signal chatbot: a message claims your account has been compromised - and asks you to enter your PIN or re-register.
- QR codes: A link or QR code leads to a fake Signal page. The fake URL may not be immediately apparent on the small cell phone display.
- Cloned AI voices and social engineering: Attackers also use hijacked accounts to exploit the trust of colleagues and contacts and target them.

What should users not do under any circumstances?

Pass on your PIN, registration code or personal data to someone who pretends to be a support, security service or authority via Signal. Signal will never ask you for your PIN in this way.

What should I do if I am affected?

Scenario 1: I received the message but did not respond

That's right. Nevertheless: Delete the message and block the sender. Then activate the registration lock or two-factor authentication (2FA).

Scenario 2: I have entered a code and/or PIN, but still have normal access to my Signal account and have not been forced to log in again

Then step 1: immediately change the Signal PIN via the app settings. Step 2: Delete your Messenger account via the settings in the app (caution: only delete the account, not the app!). Step 3: Create a new Messenger account with a new PIN.

It can be assumed that the attackers may now know your cell phone number - if you find this sensitive for certain reasons and want to be on the safe side, get a new mobile phone number in step 4 and register a new Messenger account with this number.

Step 5: Activate the registration lock, hide the mobile phone number and activate self-deleting messages wherever possible. Step 6: Report and block the alleged Signal support contact.

What's behind it. Ready for free - WhatsApp is now launching a

What's behind itReady for free - WhatsApp is now launching a "Plus" version

Scenario 3: I have entered an SMS code and/or PIN and can no longer access my account.

The worst case - the Messenger account is hacked. The attackers have then taken over the entire account, can view all messages and contacts and impersonate you.

Then: assign a new and previously unused Signal PIN via the app settings. Inform your contacts that all communications from the time of the attack have been read - use a different communication channel (e.g. telephone, email). The account that has been taken over must be blocked by your contacts.

This also applies to groups: The BSI advises to have all accounts as well as possible "deleted accounts" removed from all chat groups and to inform all group members to block the taken over account. It is strongly recommended that chat groups be deleted and recreated; invitation links must be recreated.

The following also applies here: If you want to be on the safe side, get a new mobile phone number and register a new Messenger account with it; and: Activate registration lock, hide mobile number and activate self-deleting messages wherever possible.

Then contact genuine Signal support to have the old "lost" account deleted.

How do you protect yourself?

The right prevention

  • Activate the registration lock: Settings→ Account→ Registration lock. Prevents the account from being taken over on a third-party device.
  • Check linked devices regularly: Settings→ Linked devices. Remove anything unknown immediately. Use self-deleting messages: Limits the damage if attackers gain access. Never give out your PIN or registration code - not even to supposed Signal support.
  • Use strong, unique passwords for all accounts: The BSI has tips on this and on choosing a password manager on its website.
  • Activate two-factor authentication (2FA): The BSI recommends 2FA for all services that support it.
Show more

More from MyTech

Corporate taxes. Switzerland should abolish OECD minimum tax according to HSG study

Corporate taxesSwitzerland should abolish OECD minimum tax according to HSG study

Financing. Swiss crowdfunding market grows again for the first time since 2021

FinancingSwiss crowdfunding market grows again for the first time since 2021

Curiosities. Flowers in gardens are not enough for many insects to survive

CuriositiesFlowers in gardens are not enough for many insects to survive

Made public during Corona. Lauterbach wants to declare a

Made public during CoronaLauterbach wants to declare a "climate pandemic"

Bossard feels the consequences of the Middle East war. Rising freight costs put Swiss industrial group under pressure

Bossard feels the consequences of the Middle East warRising freight costs put Swiss industrial group under pressure