Summary: Russian nation-state actor Star Blizzard has initiated a spear-phishing campaign targeting WhatsApp accounts of individuals in government, diplomacy, and organizations related to Ukraine aid. This campaign marks a tactical shift following the exposure of their previous methods, utilizing social engineering techniques to compromise accounts without malware. Victims are lured through a fake WhatsApp group invitation that ultimately leads to unauthorized access to their messages.
Threat Actor: Star Blizzard | Star Blizzard
Victim: Government officials and organizations | government officials and organizations
Keypoints :
- Star Blizzard impersonates U.S. government officials to send phishing emails.
- The campaign uses a broken QR code to elicit responses from targets.
- Victims are directed to a fake WhatsApp invitation page to link their accounts to the attacker’s device.
- No malware is involved, making detection by antivirus tools challenging.
- Users are advised to verify linked devices on their WhatsApp accounts for security.