Meta announced on Friday that it has thwarted a group of fake WhatsApp accounts linked to an Iranian hacker group identified by the U.S. intelligence community for targeting staff members working on U.S. presidential election campaigns.
These hackers posed as tech support agents from reputable companies like Google, Yahoo, and Microsoft in an attempt to target prominent individuals, including political figures in the United States, the United Kingdom, Israel, and Iran.
Meta uncovered this scheme after receiving reports of suspicious messages from WhatsApp users. The group responsible, known as APT42, is notorious for phishing campaigns aimed at stealing online credentials.
While Meta did not find any evidence of compromised accounts, the company decided to share its findings with law enforcement and other tech firms as a precautionary measure.
The hacker group, also referred to as UNC788 and Mint Sandstorm, has a history of targeting individuals in the Middle East, including the Saudi military, dissidents, human rights activists from Israel and Iran, as well as politicians in the U.S. and academics, activists, and journalists globally focused on Iran.
Google has tied this hacking group to Iran’s Revolutionary Guard. Earlier this month, the tech giant’s threat intelligence division revealed that the same Iranian group had tried to breach the personal email accounts of approximately twelve individuals associated with Biden and Trump since May.
In addition, Microsoft reported a suspected Iranian cyber intrusion in this year’s presidential election just days prior.
The FBI stated that the attempted hack of the U.S. presidential campaign is not a new occurrence and is part of “increasingly aggressive Iranian activity” during the current election cycle.
The Office of the Director of National Intelligence, in an IC assessment released last month, highlighted Iranian groups’ efforts to sow distrust towards U.S. institutions and escalate social discord. These groups have notably fueled tensions over the Israel-Gaza conflict using extensive networks of online personas and propaganda mills to disseminate disinformation.
Joseph Lord and The Associated Press contributed to this report.
