Meta, formerly known as Facebook, announced on Friday that it had blocked a “small cluster” of WhatsApp accounts that were linked to an Iranian hacking group targeting officials associated with President Joe Biden and former President Donald Trump. This action by Meta comes at a time when the company is attracting increased public attention due to concerns about the platform being exploited and manipulated in previous presidential campaigns.
The bogus WhatsApp accounts, believed to be linked to the Iranian threat actor APT42, targeted various activists, non-government organizations, media outlets, and political and diplomatic officials, including those associated with the administrations of President Biden and former President Trump. The campaign also extended to individuals in Israel, Palestine, Iran, and the U.K. Meta’s security team was able to identify the involvement of APT42 after analyzing suspicious messages reported by users who received messages from the fraudulent accounts.
Meta stated that it has not found any evidence of WhatsApp users’ accounts being compromised, and the company is cooperating with law enforcement agencies and sharing information with industry peers. In a blog post, Meta revealed that the fraudulent WhatsApp accounts posed as technical support for popular tech companies like AOL, Google, Yahoo, and Microsoft, a tactic commonly used in phishing schemes. Some individuals targeted by APT42 reported these suspicious messages using WhatsApp’s in-app reporting tools.
This incident is not the first time that Iranian hacking groups have been implicated in cyber espionage activities targeting political entities. In 2019, Microsoft identified several hackers linked to the Iranian government who targeted an unspecified U.S. presidential campaign, in addition to government officials and media organizations. The Trump campaign also reported that a foreign actor had compromised its network and obtained internal communications. Microsoft noted that a group affiliated with APT42 had sent spear phishing emails to high-ranking officials on a presidential campaign using compromised email accounts.
The recent revelation of Iranian state-sponsored cyber espionage activities targeting political figures underscores the ongoing threat of malicious actors exploiting digital platforms for political influence. Meta’s proactive approach to blocking suspicious accounts and cooperating with authorities demonstrates the importance of cybersecurity vigilance in an increasingly interconnected world.
Leave a Reply
You must be logged in to post a comment.