Meta announced Friday that it blocked a “small cluster” of WhatsApp accounts linked to an Iranian hacking group that was targeting officials associated with President Joe Biden and former President Donald Trump.
The company explained in a blog post that these fake WhatsApp accounts appeared to originate from the Iranian threat actor known as APT42, which has been described by other tech companies like Google as an “Iranian state-sponsored cyber espionage actor.” The group has previously targeted activists, non-government organizations, media outlets, and others.
Meta revealed that the scheme aimed to exploit political and diplomatic officials and other public figures, including some associated with the administrations of President Biden and former President Trump.
The campaign also targeted individuals in Israel, Palestine, Iran, and the U.K. With less than 75 days until the November election, Meta is under increased scrutiny due to past instances of Facebook being manipulated in prior presidential campaigns.
The company stated that it hasn’t found any evidence that the accounts of WhatsApp users were compromised and is sharing more information with law enforcement and industry peers. Meta’s security team identified APT42’s involvement after analyzing suspicious messages reported by users, with the accounts posing as technical support for companies like AOL, Google, Yahoo, and Microsoft.
Peoplesmind
