Meta recently announced that they had blocked a “small cluster” of WhatsApp accounts connected to an Iranian hacking group. These accounts were targeting officials associated with both President Joe Biden and former President Donald Trump. The company revealed that the accounts were linked to the Iranian threat actor known as APT42, previously described by Google as an “Iranian state-sponsored cyber espionage actor.”
Targets of the Hacking Group
The hacking group targeted a wide range of individuals and organizations, including activists, non-government organizations, media outlets, and public figures associated with the administrations of Biden and Trump. The scheme also extended to people in Israel, Palestine, Iran, and the U.K. This is a concerning revelation, especially with less than 75 days left until the upcoming November election.
Meta’s Response
Meta assured users that there was no evidence of any WhatsApp accounts being compromised. The security team at Meta was able to detect APT42’s involvement by analyzing suspicious messages reported by users. These messages posed as technical support for popular companies like AOL, Google, Yahoo, and Microsoft. Users who found these messages suspicious reported them using WhatsApp’s in-app reporting tools.
This is not the first time that such cyber attacks have taken place. Earlier this month, the Trump campaign reported that a foreign actor had breached its network and obtained internal communications illegally. Similarly, Microsoft identified multiple Iranian hacking groups attempting to influence the U.S. presidential election. A group affiliated with APT42 was found to have sent a spear-phishing email to a high-ranking official from a presidential campaign.
In 2019, Microsoft revealed that hackers linked to the Iranian government had targeted an unspecified U.S. presidential campaign, along with government officials and media outlets. These findings highlight the ongoing threat posed by state-sponsored cyber espionage actors like APT42.
The recent actions taken by Meta to block these WhatsApp accounts are a step in the right direction towards protecting users from malicious activities. However, it is crucial for individuals and organizations to remain vigilant against such cyber threats and take necessary precautions to safeguard their digital presence.
Leave a Reply