A hacking group linked to Russia’s government tried stealing WhatsApp data of employees at non-governmental organisations offering assistance to Ukraine, according to Microsoft Corp.
Attackers associated with Russia’s Federal Security Service, or FSB, sent emails to specific targets asking them to join WhatsApp groups, Microsoft researchers said in a blog post Thursday. The phishing messages often appeared to be from a US government official and contained a QR code that purportedly would provide details about initiatives meant to support Ukraine in its ongoing war against Russia. Microsoft didn’t say whether any of the attempted intrusions resulted in successful breaches.
The cyberattacks were linked to Star Blizzard, an allegedly state-backed hacking group, according to Microsoft. The US Justice Department has seized or taken down 180 websites associated with the group since October with the help of Microsoft, the Redmond, Washington-based company said.
A WhatsApp spokesperson said in a statement the company protects personal conversations with end-to-end encryption, and encouraged users only to click on links from people they know and trust. The Russian Embassy in Washington didn’t immediately respond to a request for comment.
The US Cybersecurity and Infrastructure Security Agency, or CISA, in December said the Star Blizzard group is “almost certainly” linked to Russia’s FSB, citing the group’s history trying to compromise American and British politicians, academics and people in the defense sector. Star Blizzard specialises in researching potential targets on social media, finding their professional contacts and creating email accounts that masquerade as their trusted associates, CISA said.
© 2025 Bloomberg L.P.
(This story has not been edited by NDTV staff and is auto-generated from a syndicated feed.)
