Star Blizzard, a Russian threat actor, has launched a new spear-phishing campaign targeting WhatsApp accounts. The campaign, observed in mid-November 2024, marks a shift in the actor's tactics. Targets include government officials, diplomats, and researchers focused on Russia-related topics. The attack involves sending emails with broken QR codes, followed by malicious links that trick victims into granting access to their WhatsApp accounts. This change in strategy is likely a response to previous exposures of their tactics. The campaign, while limited, demonstrates the actor's persistence in seeking sensitive information despite operational disruptions. Microsoft recommends vigilance when dealing with emails containing external links, especially for those in sectors typically targeted by Star Blizzard.