Russian hackers target WhatsApp accounts of ministers worldwide
Share:
FSB-linked Star Blizzard attempts to lure email recipients to click on QR code that gives access to WhatsApp account. Russian state-linked hackers have targeted the WhatsApp accounts of government ministers and officials around the world with emails inviting them to join user groups on the messaging app.
The WhatsApp tactic marks a new approach by a hacking unit called Star Blizzard. Britain’s National Cyber Security Centre (NCSC) has linked Star Blizzard to Russia’s domestic spy agency, the FSB, and has accused it of seeking to “undermine trust in politics in the UK and likeminded states”.
According to a blogpost by Microsoft, victims receive an email from an attacker impersonating a US government official, enticing the recipient to click on a QR code that gives the attacker access to their WhatsApp account. The code, instead of giving access to a WhatsApp group, connects an account to a linked device or the WhatsApp Web portal.
“The threat actor can gain access to the messages in their WhatsApp account and have the capability to exfiltrate this data,” said Microsoft. Microsoft did not state whether data had been stolen successfully from targeted WhatsApp accounts. It said the fake email was an invitation to join a WhatsApp group on “the latest non-governmental initiatives aimed at supporting Ukraine NGOs”. As well as targeting ministers and officials in unnamed countries, the campaign has attempted to snare people involved in diplomacy, defence policy and international relations research related to Russia, as well as work related to helping Ukraine in its war with Russia.
