Meta said it had blocked a “small group” of WhatsApp accounts linked to an Iranian hacking group targeting officials associated with President Joe Biden and former President Donald Trump.
The company said in a blog post that the fake WhatsApp account originated from an Iranian threat actor called APT42, which is favored by other tech companies. Google previously described as an “Iranian state-sponsored cyber espionage actor.” This group has targeted various activists, non-governmental organizations, media and others.
Meta said the scheme was intended to exploit “political and diplomatic officials, and other public figures, including some associated with the administration of President Biden and former President Trump.” The campaign also targets people in Israel, Palestine, Iran and the UK
With less than 75 days until the November election, Meta is drawing public attention because of the way Facebook has been exploited and manipulated in the two previous presidential campaigns. The company said there was no evidence that WhatsApp user accounts were compromised, and shared other information with “law enforcement and our industry partners.”
Meta said its security team was able to identify the involvement of APT42 after analyzing suspicious messages unknown to users that they reported receiving from fake WhatsApp accounts.
“These accounts are technical support for AOL, Google, Yahoo and Microsoft,” Meta said in a blog post. “Some people targeted by APT42 reported these suspicious messages to WhatsApp using the in-app reporting tool.”
The Trump campaign said earlier this month that foreign actors had compromised networks and illegally obtained internal communications. Microsoft also said at the time that it identified several Iranian hacking groups that were trying to influence the US presidential election, and that a group affiliated with APT42 “sent spear phishing emails in June to high-ranking officials in the presidential campaign from a compromised email account of a former senior adviser.”
In 2019, Microsoft said it had identified several hackers linked to the Iranian government believed to be targeting an unspecified US presidential campaign in addition to other government officials and media.
WATCH: Big Tech: too big to split
