Search for an article

Select a plan

Choose a plan from below, subscribe, and get access to our exclusive articles!

Monthly plan

$
13
$
0
billed monthly

Yearly plan

$
100
$
0
billed yearly

All plans include

  • Donec sagittis elementum
  • Cras tempor massa
  • Mauris eget nulla ut
  • Maecenas nec mollis
  • Donec feugiat rhoncus
  • Sed tristique laoreet
  • Fusce luctus quis urna
  • In eu nulla vehicula
  • Duis eu luctus metus
  • Maecenas consectetur
  • Vivamus mauris purus
  • Aenean neque ipsum
Customize Consent Preferences

We use cookies to help you navigate efficiently and perform certain functions. You will find detailed information about all cookies under each consent category below.

The cookies that are categorized as "Necessary" are stored on your browser as they are essential for enabling the basic functionalities of the site. ... 

Always Active

Necessary cookies are required to enable the basic features of this site, such as providing secure log-in or adjusting your consent preferences. These cookies do not store any personally identifiable data.

No cookies to display.

Functional cookies help perform certain functionalities like sharing the content of the website on social media platforms, collecting feedback, and other third-party features.

No cookies to display.

Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics such as the number of visitors, bounce rate, traffic source, etc.

No cookies to display.

Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.

No cookies to display.

Advertisement cookies are used to provide visitors with customized advertisements based on the pages you visited previously and to analyze the effectiveness of the ad campaigns.

No cookies to display.

HomeCyber BalkansStar Blizzard Targets WhatsApp Users

Star Blizzard Targets WhatsApp Users

Published on

spot_img

In a recent development, the Russian-linked cyber threat group, Star Blizzard, also known as SEABORGIUM, has been reported to have shifted its tactics towards spear-phishing campaigns targeting WhatsApp accounts. This shift marks a departure from the group’s usual modus operandi of credential harvesting through phishing emails and Evilginx-powered pages. The change in strategy is believed to be a response to previous exposure of the group’s activities, with the aim of evading detection.

Reports suggest that the primary targets of this new spear-phishing campaign are individuals from government and diplomatic sectors, as well as researchers in defense policy and international relations. The group also seems to be focusing on individuals providing support to Ukraine in the context of the ongoing conflict with Russia. The spear-phishing emails sent by Star Blizzard appear to be from legitimate sources, such as U.S. government officials, in an attempt to increase the likelihood of the victim engaging with the message. These emails contain QR codes that lead recipients to join a WhatsApp group, but instead redirect them to a malicious website.

Upon visiting the website, victims are prompted to scan a QR code that seemingly links them to the WhatsApp group, but in reality connects their account to an attacker’s device. This unauthorized access allows Star Blizzard to intercept WhatsApp messages and potentially exfiltrate data using browser add-ons. While the campaign appears to have been relatively limited in scope and reportedly winding down by the end of November 2024, previous actions taken against the group by Microsoft and the U.S. Department of Justice, including seizing over 180 domains, likely forced Star Blizzard to adapt its tactics.

Star Blizzard has a history of employing various tactics to obfuscate the origin of its attacks. Previous operations saw the group using platforms like ProtonMail, HubSpot, and MailerLite to conceal their email infrastructure, thus avoiding the need for actor-controlled domains. The shift towards targeting WhatsApp instead of email demonstrates the group’s resilience and determination to continue its cyber-espionage activities. Security experts caution individuals in government, diplomacy, and defense sectors to exercise vigilance when handling suspicious emails containing links to external sources or QR codes.

Overall, the evolving tactics of Star Blizzard serve as a reminder of the constant threat posed by cybercriminals, particularly those with sophisticated capabilities and intent. It underscores the importance of remaining vigilant and implementing robust cybersecurity measures to mitigate the risks associated with such attacks. As the digital landscape continues to evolve, staying informed and proactive in safeguarding sensitive information becomes paramount in safeguarding against cyber threats.

Source link

Latest articles

Open-source malware usage increases as data exfiltration attacks become more prevalent

In a recent report by Sonatype, it has been revealed that there has been...

Undetected Wireless Attack Steals Passwords

Cybersecurity experts have uncovered a new form of cyber attack known as the Channel...

Hunters International deems ransomware too risky, according to The Register

In a surprising turn of events, the big-game ransomware crew known as Hunters International...

Data Breach of Twitter X and Royal Mail Found on Dark Web

In a recent turn of events, Royal Mail has been thrust into the spotlight...

More like this

Open-source malware usage increases as data exfiltration attacks become more prevalent

In a recent report by Sonatype, it has been revealed that there has been...

Undetected Wireless Attack Steals Passwords

Cybersecurity experts have uncovered a new form of cyber attack known as the Channel...

Hunters International deems ransomware too risky, according to The Register

In a surprising turn of events, the big-game ransomware crew known as Hunters International...