Support us on Patreon
Eng
Esp
Support us on Patreon

Russian hackers attack WhatsApp to obtain data on Ukraine

Russian hackers are masquerading as US government officials to infiltrate WhatsApp groups of NGOs supporting Ukraine, marking an aggressive shift in cyber warfare tactics that directly targets humanitarian aid networks.
byBenjamin Looijen
16/01/2025
2 minute read
Illustrative image, photo via Freepik.
Illustrative image, photo via Freepik.
Russian hackers attack WhatsApp to obtain data on Ukraine

A group of hackers allegedly linked to Russia’s Federal Security Service (FSB) tried to steal WhatsApp data from employees of non-governmental organizations providing assistance to Ukraine, Microsoft reports.

Microsoft’s revelation of these attacks by the FSB-linked Star Blizzard group demonstrates how Russia is increasingly targeting the support infrastructure for Ukraine, attempting to disrupt international aid efforts through cyber espionage while simultaneously gathering intelligence on organizations and individuals involved in Ukraine’s defense and support network.

Microsoft Threat Intelligence has noted that the cyberattacks were organized by a group known as Star Blizzard, which is likely to be supported by the Russian state. The researchers found that the attackers sent phishing emails posing as representatives of the US government.

These messages invited recipients to join WhatsApp groups, allegedly to receive information about initiatives to support Ukraine. The emails contained QR codes that supposedly provided additional data, but were most likely used to steal confidential information.

Microsoft has not confirmed whether the hackers have successfully hacked into any systems. However, Microsoft noted that, in cooperation with them, the US Department of Justice has already removed or blocked 180 Star Blizzard-related websites since October 2024.

Star Blizzard has continuously improved their detection evasion capabilities while remaining focused on email credential theft against the same targets.

Microsoft Threat Intelligence reports that Star Blizzard, whose activities have historically supported both espionage and cyber influence objectives, continues to prolifically target individuals and organizations involved in international affairs, defense, and logistics support to Ukraine, as well as academia, information security companies, and other entities aligning with Russian state interests.

Microsoft has provided practical recommendations for users to harden networks against the Star Blizzard activity on its website.

Related:

You could close this page. Or you could join our community and help us produce more materials like this.  We keep our reporting open and accessible to everyone because we believe in the power of free information. This is why our small, cost-effective team depends on the support of readers like you to bring deliver timely news, quality analysis, and on-the-ground reports about Russia's war against Ukraine and Ukraine's struggle to build a democratic society. A little bit goes a long way: for as little as the cost of one cup of coffee a month, you can help build bridges between Ukraine and the rest of the world, plus become a co-creator and vote for topics we should cover next. Become a patron or see other ways to support. Become a Patron!

To suggest a correction or clarification, write to us here

You can also highlight the text and press Ctrl + Enter

Please leave your suggestions or corrections here



    Euromaidan Press

    We are an independent media outlet that relies solely on advertising revenue to sustain itself. We do not endorse or promote any products or services for financial gain. Therefore, we kindly ask for your support by disabling your ad blocker. Your assistance helps us continue providing quality content. Thank you!

    Related Posts