Attackers affiliated with Russia’s Federal Security Service sent phishing emails to specific targets asking them to join WhatsApp groups to learn more about the work of non-governmental organizations providing assistance to Ukraine.
Attackers affiliated with Russia’s Federal Security Service sent phishing emails to specific targets asking them to join WhatsApp groups to learn more about the work of non-governmental organizations providing assistance to Ukraine.
As noted in the Microsoft study, phishing messages often came from a US government official and contained a QR code that purportedly provided details about initiatives aimed at supporting Ukraine.
Microsoft did not say whether any of these attempts resulted in successful account breaches and data being obtained by hackers.
According to Microsoft, these cyberattacks were linked to the Star Blizzard hacking group, which is likely supported by the Russian state.
In a statement on the matter, a WhatsApp representative noted that the company protects private conversations with end-to-end encryption, but urged users to only follow links they receive from people they know and trust.
The US Cybersecurity and Infrastructure Security Agency (CISA) said in December that the Star Blizzard group was «almost certainly» linked to Russia’s FSB.
According to CISA, Star Blizzard specializes in researching potential targets on social media, finding their professional contacts, and creating email accounts that masquerade as their trusted partners.
As dev.ua reported, Microsoft reported a 2.75-fold increase in ransomware attacks compared to the previous year.
Microsoft Threat Intelligence also recorded that the Russian hacking group Midnight Blizzard is sending thousands of phishing emails targeting government and non-governmental organizations, IT service providers, academia, and defense.
