A hacking group with ties to the Russian government has been reportedly attempting to compromise the WhatsApp accounts of staff members at non-governmental organizations providing support to Ukraine, according to a statement from Microsoft Corp.
Research from Microsoft indicates that attackers connected to Russia’s Federal Security Service (FSB) targeted individuals by sending deceptive emails inviting them to join WhatsApp groups. These phishing emails frequently appeared to originate from a US government official and included a QR code that supposedly offered information about initiatives supporting Ukraine amid its ongoing conflict with Russia. Microsoft has not confirmed whether any of these phishing attempts resulted in successful data breaches.
This campaign has been associated with the hacking group known as Star Blizzard, which is believed to be state-sponsored, Microsoft noted. Since October, the US Justice Department, with assistance from Microsoft, has taken action to seize or dismantle 180 websites linked to the group.
A spokesperson for WhatsApp emphasized the platform’s commitment to safeguarding private conversations through end-to-end encryption and advised users to be cautious about clicking on links sent by unknown contacts. The Russian Embassy in Washington has not yet provided a response to inquiries regarding this issue.
In December, the US Cybersecurity and Infrastructure Security Agency (CISA) characterized Star Blizzard as “almost certainly” connected to Russia’s FSB, referencing the group’s history of targeting American and British politicians, researchers, and professionals in the defense sector. CISA detailed that Star Blizzard excels in identifying potential targets on social media, seeking out their professional networks, and creating deceptive email accounts that impersonate trusted contacts.
© 2025 Bloomberg L.P.
(This story has not been edited by NDTV staff and is auto-generated from a syndicated feed.)
