Meta recently announced that it had blocked a “small cluster” of WhatsApp accounts associated with an Iranian hacking group targeting officials linked to President Joe Biden and former President Donald Trump. These accounts were believed to have originated from APT42, an Iranian state-sponsored cyber espionage actor. The group has a history of targeting activists, non-government organizations, media outlets, and other public figures.
The main goal of the scheme was to exploit political and diplomatic officials, as well as other public figures, including those connected to the administrations of President Biden and former President Trump. The campaign also targeted individuals in Israel, Palestine, Iran, and the U.K., showing a wide range of targets.
With the November election fast approaching, Meta is under increased public scrutiny due to concerns about how Facebook has been exploited and manipulated in previous presidential campaigns. The company assured that there was no evidence of any WhatsApp user accounts being compromised. They are now working closely with law enforcement and industry peers to share more information about the incident.
Meta’s security team was able to identify APT42’s involvement by analyzing suspicious messages reported by users from the fraudulent WhatsApp accounts. These accounts were posing as technical support for popular email services like AOL, Google, Yahoo, and Microsoft. Some users targeted by APT42 reported these suspicious messages using WhatsApp’s in-app reporting tools.
This is not the first time that foreign actors have been involved in cyber attacks on political campaigns. The Trump campaign recently reported that a foreign actor had compromised its network and obtained internal communications. Microsoft also identified Iranian hacking groups attempting to influence the U.S. presidential election. A group affiliated with APT42 even sent spear phishing emails to high-ranking officials in presidential campaigns.
In 2019, Microsoft revealed that several hackers linked to the Iranian government had targeted an unspecified U.S. presidential campaign, along with other government officials and media outlets. This highlights the ongoing threats posed by state-sponsored hacking groups targeting sensitive information and influential individuals.
Leave a Reply