Meta On Friday, it said it had blocked a “small number” of WhatsApp accounts linked to an Iranian hacking group that were targeting officials associated with President Joe Biden and former President Donald Trump.
The company said in a blog post that the fake WhatsApp accounts appeared to come from an Iranian threat actor known as APT42, which other tech companies have also been following. Google Previously described as an “Iranian state-sponsored cyber espionage actor,” the group has targeted a range of activists, non-governmental organizations, and media outlets.
Meta said the plan was “to exploit political and diplomatic officials, as well as other public figures associated with the administrations of President Biden and former President Trump.” The campaign also targeted Israelis, Palestinians, Iranians and the United Kingdom.
With less than 75 days until the November election, Meta is in the public eye for the way Facebook has been exploited and manipulated in the last two presidential campaigns. The company said it has not seen any evidence that WhatsApp users’ accounts have been compromised and is sharing more information with “law enforcement and industry colleagues.”
Meta said its security team was able to detect APT42’s involvement after analyzing suspicious messages that an unspecified number of users reported receiving from a fraudulent WhatsApp account.
“These accounts impersonated technical support for AOL, Google, Yahoo, and Microsoft,” Meta said in a blog post. “Some of those targeted by APT42 reported these suspicious messages to WhatsApp using the in-app reporting tool.”
The Trump campaign said earlier this month that foreign actors had breached its networks and illegally obtained internal communications. Microsoft also identified several Iranian hacking groups that were attempting to influence the U.S. presidential election at the time, and said a group affiliated with APT42 “sent spear-phishing emails to senior campaign officials from the compromised email account of a former senior adviser in June.”
Microsoft said in 2019 that it had identified several hackers linked to the Iranian government who were believed to have targeted unspecified U.S. presidential campaigns, as well as other government officials and media organizations.
see: Big Tech: Too Big to Split