Russian Cyberspies Caught Spear-Phishing with QR Codes, WhatsApp Groups
securityweek
Microsoft researchers have uncovered Russian intelligence agencies using spear-phishing tactics to target victims with QR codes and WhatsApp group chats.
Redmond’s threat intelligence team documented the discovery Thursday with a warning that the Russian APT — tracked as Star Blizzard — has shifted its longstanding spear-phishing tactics to focus on WhatsApp groups.
According to Microsoft, the Kremlin-linked cyberspies are reaching out to typical targets — government or diplomatic figures, defense policy researchers, and organizations offering assistance to Ukraine — via emails that contain intentionally broken QR codes.
“When the recipient responds, Star Blizzard sends a second email containing a Safe Link wrapped t[.]ly shortened link as the alternative link to join the WhatsApp group,” Microsoft warned.
“When this link is followed, the target is redirected to a webpage asking them to scan a QR code to join the group,” the researchers explained, noting that the QR code is actually used by WhatsApp ...
Copyright of this story solely belongs to securityweek . To see the full text click HERE