Key Points:
- Meta blocked WhatsApp accounts linked to Iranian hacking group APT42 targeting U.S. political figures.
- Identified as a state-sponsored cyber espionage group by Google, APT42 has targeted various high-profile entities.
- Meta detected the threat through user reports and collaborates with law enforcement and industry peers.
- The Trump campaign and Microsoft reported similar Iranian hacking attempts, highlighting ongoing cyber threats.
Meta announced on Friday that it had blocked a “small cluster” of WhatsApp accounts linked to an Iranian hacking group known as APT42. This group was allegedly targeting officials associated with President Joe Biden and former President Donald Trump, among other high-profile individuals.
According to Meta’s blog post, the bogus accounts appeared to be part of a scheme by APT42, which has been identified by other tech companies, including Google, as an “Iranian state-sponsored cyber espionage actor.” Iranian hacking group APT42 has previously targeted activists, non-government organizations, media outlets, and other entities. The hackers also targeted individuals in Israel, Palestine, Iran, and the United Kingdom.
As the November election approaches, Meta is under increased scrutiny due to past instances of its platforms being manipulated during previous presidential campaigns. The company found no evidence of compromised WhatsApp accounts in this incident. Meta has shared the information with law enforcement and other industry peers to prevent further breaches.
Meta’s security team detected APT42’s involvement after analyzing suspicious messages reported by users who had received them from fraudulent WhatsApp accounts. The hackers posed as technical support for well-known companies like AOL, Google, Yahoo, and Microsoft to deceive their targets.
In a related event, the Trump campaign recently reported that a foreign actor had compromised its network, illegally obtaining internal communications. Microsoft also revealed that several Iranian hacking groups, including one affiliated with APT42, were attempting to influence the U.S. presidential election.
In June, the Iranian hacking group APT42 allegedly sent a spear-phishing email to a high-ranking official on a presidential campaign using the compromised email account of a former senior advisor. In 2019, Microsoft identified several hackers linked to the Iranian government believed to have targeted a U.S. presidential campaign and other government officials and media outlets.
