Skip to content
Briefings are running a touch slower this week while we rebuild the foundations.See roadmap
AIVD
OrganisationNL

AIVD

Dutch General Intelligence and Security Service, which co-issued the joint advisory warning of state-linked QR-code attacks on Signal and WhatsApp.

Last refreshed: 17 April 2026 · Appears in 1 active topic

Key Question

Why are Dutch and UK intelligence agencies jointly warning about Signal QR codes?

Timeline for AIVD

#223 Apr

Signed 16-agency joint advisory on China-nexus covert networks

Cybersecurity: Threats and Defences: Sixteen agencies put IOC extinction in print
#222 Apr

Mentioned in: NCSC ships SilentGlass, its first commercial product

Cybersecurity: Threats and Defences
#131 Mar

Co-issued advisory with NCSC on 9 March and 31 March 2026 on state-linked targeting of Signal and WhatsApp accounts

Cybersecurity: Threats and Defences: Signal, WhatsApp hit by three states
View full timeline →
Follow Cybersecurity: Threats and Defences
Common Questions
Why did Dutch intelligence warn about Signal attacks?
AIVD and the UK NCSC co-issued an advisory on 9 March 2026 warning that Russia's FSB, China's APT31 and Iran's IRGC are using malicious QR codes and contact impersonation to hijack Signal, WhatsApp and Messenger accounts of high-risk individuals.Source: AIVD / NCSC joint advisory
What is the AIVD?
AIVD is the Netherlands' General Intelligence and Security Service, responsible for domestic counterintelligence, counterterrorism and cyber threat assessment.

Background

AIVD co-issued a joint advisory with the UK NCSC on 9 March 2026 warning that state-linked actors, including Russia's FSB Star Blizzard, China's APT31 and Iran's IRGC, are using malicious QR codes and contact impersonation to compromise Signal, WhatsApp and Facebook Messenger accounts of politicians, journalists, academics and lawyers. Both agencies recommended passkeys and a device audit as mitigations.

AIVD, the Algemene Inlichtingen- en Veiligheidsdienst, is the Netherlands' domestic intelligence and security service responsible for counterintelligence, counterterrorism and cyber threat assessment. It publishes threat advisories in coordination with European and Five Eyes partners and has been particularly active on Russian and Chinese state actor attribution in recent years.

The joint NCSC-AIVD advisory is notable as a coordinated European counterintelligence response to a cross-border messaging-platform campaign rather than a national-level advisory. For Dutch and UK civil-society targets in the advisory's scope, the message from both agencies is that passkey adoption is now a state-security recommendation, not a convenience feature.