The Power Within: The Kyiv Independent’s first-ever magazine. Be among the first to get it.

pre-order now
Skip to content
Edit post

Russian hackers target WhatsApp in new tactic, Microsoft warns

by Abbey Fenbert January 17, 2025 7:25 AM 2 min read
WhatsApp logo displayed on a phone screen is seen in this illustration photo taken in Poland on Dec. 15, 2024. (Jakub Porzycki/NurPhoto/Getty Images)
This audio is created with AI assistance

The Russian hacker group Star Blizzard launched a spear phishing campaign in November via the messaging platform WhatsApp, marking a change in longstanding tactics, Microsoft reported in a blog post on Jan. 16.

Phishing messages use social engineering tactics to manipulate recipients, exploiting emotions to trick targets into revealing sensitive information or clicking malicious links.

Star Blizzard sent invitations to join a WhatsApp group to current and former officials in government and diplomacy, international relations and defense researchers, and people and organizations offering assistance to Ukraine amid Russia's full-scale war, according to Microsoft.

This is the first time the hacker group has been observed using this tactic.

The shift to WhatsApp may be related to successful cybersecurity efforts exposing Star Blizzard's techniques, Microsoft said.

In the most recent campaign, Star Blizzard hackers impersonated U.S. government officials in emails directing recipients to join a WhatsApp group via QR code. The WhatsApp group claimed to focus on "the latest non-governmental initiatives aimed at supporting Ukraine NGOs."

The purpose of the campaign was to gain access to targets' WhatsApp accounts and extract their data.

While the campaign seemed to subside in late November 2024, Microsoft warned that the shift in tactics signals Star Blizzard's versatility and "tenacity in continuing spear phishing campaigns to gain access to sensitive information."

Russian hacker groups have engaged in various forms of cyber warfare throughout the full-scale war, including cyberattacks against Ukraine, hacks of civilian infrastructure in Europe, and interference in foreign elections.

How Ukraine captured a North Korean POW, told by the soldiers who took part
Editor’s note: In accordance with the security protocols of the Ukrainian military, soldiers featured in this story are identified by first names and callsigns only. It was a month-long mission with one primary goal — capturing a North Korean soldier alive. One of the biggest obstacles facing the…

News Feed

5:14 PM

Lithuanian FM on Europe's role in ending Russia's war.

The Kyiv Independent’s Francis Farrell sat down with Lithuanian Foreign Minister Kestutis Budrys during his visit to Kyiv on April 1 to discuss the future of Europe during U.S. President Donald Trump's administration, whether European sanctions remain an effective instrument to stop Russia’s war against Ukraine, and Lithuania's contribution to the "coalition of the willing."
2:30 PM

Russian Railways hit by major cyberattack.

The state-owned Russian railway operator described the incident as a "massive DDoS (distributed denial-of-service) attack," saying that efforts to restore operations are underway.
MORE NEWS

Editors' Picks

Enter your email to subscribe
Please, enter correct email address
Subscribe
* indicates required
* indicates required
Subscribe
* indicates required
* indicates required
Subscribe
* indicates required
Subscribe
* indicates required
Subscribe
* indicates required

Subscribe

* indicates required
Subscribe
* indicates required
Subscribe
* indicates required
Explaining Ukraine with Kate Tsurkan
* indicates required
Successfuly subscribed
Thank you for signing up for this newsletter. We’ve sent you a confirmation email.