Cybercriminals Target German Political Figures in Phishing Campaign
AI-generated from multiple sources. Verify before acting on this reporting.
BERLIN (AP) — A coordinated phishing campaign targeting high-ranking German political officials has been detected, with cybercriminals using the Signal messaging app to attempt to steal authentication credentials. The attack, identified on April 24, 2026, specifically focused on Bundestag President Julia Klöckner, Chancellor Friedrich Merz, and other lawmakers affiliated with the Christian Democratic Union (CDU). Security officials confirmed the malicious actors sought to obtain PIN codes and other login details to gain unauthorized access to secure accounts.
The campaign utilized deceptive messages sent through Signal, a popular encrypted messaging platform, designed to mimic official communications. Recipients were prompted to enter sensitive information under the guise of urgent security updates or administrative requirements. The timing of the intrusion coincides with heightened political activity in Germany, raising concerns about the potential for compromised sensitive communications or data leaks.
Julia Klöckner, who serves as the President of the Bundestag, and Chancellor Friedrich Merz were among the primary targets. Additional CDU lawmakers received similar messages, indicating a broad scope within the party's leadership. The attackers' objective appears to be the extraction of authentication details that could facilitate further intrusions into government systems or personal devices.
German cybersecurity authorities have alerted affected officials and are working to mitigate the threat. No confirmed breaches of sensitive data have been reported as of the latest update, though investigations remain ongoing. The incident underscores the growing sophistication of cyber threats against political infrastructure and the increasing reliance on digital communication channels by public officials.
Signal, known for its end-to-end encryption, has become a frequent target for social engineering attacks due to its widespread adoption among government and corporate leaders. The phishing attempt exploited trust in the platform by impersonating legitimate contacts or organizations. Experts warn that even encrypted channels are vulnerable to human error and deceptive tactics.
The attack raises questions about the adequacy of current cybersecurity protocols within German political institutions. Officials have not disclosed whether any credentials were successfully compromised or if the phishing links were clicked by recipients. Authorities are reviewing communication logs and advising all targeted individuals to change passwords and enable multi-factor authentication where possible.
As investigations continue, the focus remains on preventing further attempts and securing digital infrastructure against similar threats. The incident serves as a reminder of the persistent risks faced by political figures in an increasingly digital landscape. Further details on the origin of the attack and the identity of the perpetrators are expected to emerge in the coming days.