Meta announced on Friday that it has successfully blocked a group of fake WhatsApp accounts associated with an Iranian hacker group. This group was found to be targeting individuals working on U.S. presidential election campaigns.
The hackers used a deceptive tactic by pretending to be tech support agents from well-known companies like Google, Yahoo, and Microsoft. Their main objective was to infiltrate high-profile individuals, including political figures in the United States, the United Kingdom, Israel, and Iran.
Meta uncovered this scheme after receiving reports from WhatsApp users about suspicious messages. It was discovered that these attempts were part of a broader phishing campaign conducted by APT42, a well-known group that has a history of stealing online credentials.
While Meta did not find any evidence of the targeted accounts being compromised, as a precautionary measure, the company decided to share its findings with law enforcement agencies and other tech companies.
This hacker group, also known as UNC788 and Mint Sandstorm, has previously been associated with targeting individuals in the Middle East, including the Saudi military, dissidents, and human rights activists from Israel and Iran. They have also targeted politicians in the United States, as well as academics, activists, and journalists around the world who are focused on Iran-related issues, according to Meta.
Although there is no evidence indicating that the specific WhatsApp accounts were compromised, Meta chose to publicly disclose their findings and share information with law enforcement agencies and industry peers as a precautionary measure, Meta stated in a press release.
Google has linked the same hacking group to Iran’s Revolutionary Guard. Recently, Google’s threat intelligence division revealed that this Iranian group had attempted to gain unauthorized access to the personal email accounts of approximately a dozen individuals associated with both Biden and Trump since May.
Additionally, Microsoft reported a suspected Iranian cyber intrusion in this year’s presidential election just a few days earlier.
The FBI has stated that attempts to hack into U.S. presidential campaigns is not new and is part of an ongoing pattern of increasingly aggressive Iranian activity during the current election cycle.
Furthermore, the Office of the Director of National Intelligence released an assessment last month stating that Iranian groups are actively working to sow distrust in U.S. institutions and amplify social discord. These groups have notably been exploiting the Israel-Gaza conflict to spread disinformation using various fake online personas and propaganda outlets.
Discover more from Tension News
Subscribe to get the latest posts sent to your email.