According to Meta, a “small cluster” of WhatsApp accounts linked to Iranian hackers targeted officials connected to President Joe Biden and former President Donald Trump. The company mentioned that the fake WhatsApp accounts were traced back to APT42, an Iranian hacking group known for cyber espionage activities.
APT42, previously flagged by Google as an “Iranian state-sponsored cyber espionage actor,” has a history of targeting activists, NGOs, and media organizations globally. Meta revealed that the scheme aimed at political, diplomatic officials, and public figures associated with the Biden and Trump administrations, as well as individuals in Israel, Palestine, Iran, and the U.K.
As the November elections approach, Meta is under scrutiny for potential misuse of its platforms. The company assured that there is no indication of WhatsApp user accounts being compromised and is cooperating with law enforcement and industry peers to address the situation.
Meta’s security team detected APT42’s involvement by examining suspicious messages reported by users from the fraudulent WhatsApp accounts. The hacker group masqueraded as tech support for major companies like AOL, Google, Yahoo, and Microsoft to target their victims.
Earlier this month, the Trump campaign reported a breach in its network by a foreign actor, while Microsoft identified multiple Iranian hacking groups attempting to sway the U.S. election. Microsoft also disclosed that an APT42 affiliate conducted spear phishing in June targeting a senior campaign official.
In a similar incident in 2019, Microsoft highlighted Iranian government-linked hackers targeting a U.S. presidential campaign. The company’s efforts to combat such cyber threats are ongoing to protect political entities, officials, and critical infrastructure.
VIDEO: Assessing the dominance of Big Tech in today’s digital landscape