Hackers Target Diplomats via WhatsApp in New Phishing Campaign

Russian hacking group Star Blizzard is targeting high-value diplomats and officials with a phishing campaign that exploits WhatsApp. By deceiving victims into linking their WhatsApp accounts to the hackers' devices, the group gains unauthorized access to private messages.

  • High-profile individuals in government, diplomacy, defense, international relations, and Ukraine aid organizations are being targeted.
  • Hackers impersonate U.S. government officials and send phishing emails.
  • Victims receive emails with fake invitations to join WhatsApp groups related to Ukraine support initiatives.

  • Emails contain a broken QR code to trick victims into asking for a functional link.
  • Hackers send a malicious QR code that links their device to the victim's WhatsApp account.

  • Once linked, hackers can read and export private messages using browser plugins.
  • No malware is used, making this attack difficult for antivirus tools to detect.
  • To stay safe:
    - Avoid clicking on suspicious links in emails.
    - Verify the authenticity of group invitations.
    - Regularly check WhatsApp’s "Linked Devices" option and log out of unrecognized devices.

Star Blizzard's new phishing campaign highlights the evolving tactics of cybercriminals. This attack relies entirely on deception, showing the importance of staying alert. Net Protector Cyber Security urges users to practice caution with unsolicited messages and regularly monitor their account settings. Proactive measures are key to staying safe from such threats.