Hackers linked to the Russian state have targeted the WhatsApp accounts of government ministers and officials around the world with emails inviting them to join user groups on the messaging app.
It is learned that the tactic used marks a new approach by a hacking unit called Star Blizzard.
Britain's National Cyber Security Centre (NCSC) has linked Star Blizzard to Russia's domestic spy agency, the FSB, and accused it of seeking to "undermine trust in politics in the UK and like-minded states."
According to a blog post from Microsoft, "victims" receive an email from an attacker impersonating a US government official, enticing the recipient to click on a QR code that gives the attacker access to their WhatsApp account.
The code, instead of granting access to a WhatsApp group, links an account to a connected device or to the WhatsApp web portal, it writes. the Guardian, the Telegraph reports.
"The threat actor could gain access to messages in their WhatsApp account and have the ability to exploit this data," Microsoft said.
But, Microsoft did not state whether data was successfully stolen from the targeted WhatsApp accounts.
The company said the fake email was an invitation to join a WhatsApp group on "the latest non-governmental initiatives aimed at supporting Ukraine."
In addition to targeting ministers and officials in unidentified countries, the campaign has attempted to ensnare people involved in diplomacy, defense policy, and international relations.
In 2023, the NCSC said that Star Blizzard had targeted British MPs, universities and journalists, among others, in an attempt to "interfere with UK politics and democracy."
As part of the 2023 announcement, the United Kingdom imposed sanctions on two members of Star Blizzard including an officer in the FSB.
Microsoft said the WhatsApp campaign appeared to have been discontinued in November, but Star Blizzard's change of tactics underscored the entity's persistence in using spear phishing - the term for targeting specific individuals or groups with malicious emails - to obtain sensitive information.
It is reported that the increasingly popular practice of using QR codes by cybercriminals is called "quishing" in the cybersecurity community.
Microsoft recommended that email users belonging to sectors targeted by Star Blizzard should "always remain vigilant" when dealing with emails, especially messages containing external links.
"When in doubt, contact the person you think is sending the email using a known, previously used email address to verify that the email was indeed sent by them," Microsoft explained.
WhatsApp, which is owned by Facebook's parent company Meta, is an end-to-end encrypted app, meaning that only the sender and recipient of a message can see it, unless the user is tricked into giving it access to their account. /Telegraph/
Promo
Advertise herePrigozhin - Putin war
More
A day ago he announced "the world's smartest artificial intelligence", Elon Musk keeps his promise - today Grok 3 is presented

Elon Musk's xAI launches its latest model, the Grok 3

DeepSeek shares user data with TikTok owner ByteDance, South Korea says

Meta plans to build the longest underwater internet cable, it will be 50,000 kilometers and will connect the continents

Grok 3 launches, users share their experience with Elon Musk's 'smartest' chatbot

South Korea removes Deepseek from app stores over privacy concerns

104.5m² comfort - Luxurious apartment with an attractive view for your offices

Invest in your future - buy a flat in 'Arbëri' now! ID-140

Apartment for sale in Fushë Kosovë in a perfect location - 80.5m², price 62,000 Euro! ID-254

Ideal for office - apartment for rent ID-253 in the center of Pristina

Buy the house of your dreams in Pristina - DISCOUNT, grab the opportunity now! ID-123
Most read

"Stay strong and don't stop smiling" - Getinjo's message of support for Gjesti

Ismajli to Newborn: I saved it from our parties – I did not leave a message of Vetevendosje on the monument

Two Rayo Vallecano players agree: We don't know why the goal against Barcelona was disallowed

Munich Security Conference chairman could not hold back tears during farewell speech

Sejdiu: Thaçi has read the declaration of independence, he has not proclaimed it

Elections, five key issues facing Germany's next chancellor