The media have recently reported repeatedly on phishing attacks carried out via the messaging services WhatsApp and Signal. These attacks, which are believed to be orchestrated by state actors, appear to be specifically targeting high-ranking figures in politics, business, the military, public administration and diplomacy. The Ministry of the Interior of North Rhine-Westphalia is currently warning of an intensification of this campaign and assumes that, in addition to the federal level, the state level is also affected. It is assumed that there is a high number of unreported cases of compromised Signal accounts, through which Signal groups and direct messages may have been or are still being accessed.
If you have forwarded security codes in the messenger or scanned a QR code, you may be affected. The BSI provides detailed information, particularly on how to detect a potential compromise, at https://www.bsi.bund.de/dok/phishing-signal-support or https://www.bsi.bund.de/dok/phishing-messengerdienste.
This is not a compromise of the Signal messenger itself. Signal therefore continues to be classified as secure (for private use).

In this context, the Ministry of the Interior of North Rhine-Westphalia also warns against using the Russian messaging service MAX. This app provides Russian security authorities with maximum access to digital devices. If you install the MAX app on your own device, you must therefore expect all stored information to be passed on to the Russian security authorities. You should therefore not install this app on devices on which you process work-related data.