Star Blizzard, a Russian-backed phishing group, has targeted WhatsApp accounts by employing a new tactic involving emails and QR codes to access users' messages.
Microsoft noted that this represents a significant departure from Star Blizzard's established tactics, indicating a shift in their operational methods to exploit WhatsApp's vulnerabilities.
The campaign starts with a phishing email posing as a US government official, inviting recipients to join a fake WhatsApp group aimed at supporting Ukraine initiatives.
The attackers leverage a cleverly disguised QR code, which when scanned compromises the WhatsApp account by linking it to the malicious actor's device.
Collection
[
|
...
]