The QR Code You Received Over WhatsApp Conceals a Dark Russian Secret

Consider this: a public official receives a QR code via email from "American government officials" who claim to help Ukrainian NGOs.

This purposefully harmful QR code does not direct the recipient to a genuine domain and is intended to tempt consumers to respond to the threat actors.

The recipient was hooked in two ways: first, for the cause, and second, for the technological annoyance. When the recipient responds, Star Blizzard will send them a second email with a link to the initial WhatsApp group.

From there, the victim is led to a new QR code, which, when scanned, grants threat actors access to the communications in their account, allowing Star Blizzard to exfiltrate the data.

The QR code you got on WhatsApp hides a Russian secret

Star Blizzard, a Russian hacking organization that has been targeting Western think tanks, journalists, and retired military and intelligence personnel since 2017, has designed a brand-new strategy.

This QR code fraud was stopped in November 2024. Still, the shift away from their usual mode of operation, which involves contacting via emails and social media, might indicate a more direct approach, shooting from the hip on WhatsApp.

According to Microsoft, this group is adaptable and tenacious in getting sensitive and secret information using all possible methods.

These attacks, launched using an open-source platform and social media, have mostly targeted targets in the United Kingdom and the United States.

More to explore: Chinti & Parker Adds QR Codes for Digital Passports