Summary: Meta has reported that a hacking group linked to Iran, known as APT42, was responsible for malicious activities on WhatsApp, targeting political and diplomatic officials. The company has blocked several accounts posing as support agents and is sharing its findings with law enforcement and industry peers.
Threat Actor: APT42 | APT42
Victim: Meta | Meta
Key Point :
- APT42 is known for persistent phishing campaigns targeting political and diplomatic figures.
- The malicious activity originated in Iran and aimed at individuals in multiple countries, including the US and UK.
- Meta has not found evidence of account compromises but is taking precautionary measures.
- The hacking group is linked to Iran’s Islamic Revolutionary Guard Corps and has previously targeted US election campaign staff.
Social media giant Meta said on Friday that a hacking group linked to Iran was responsible for “malicious activity” on Whatsapp.
Meta’s security team had blocked a “small cluster” of Whatsapp accounts posing as support agents for tech companies. Meta-owned companies include WhataApp, Facebook and Instagram.
“Our investigation linked this activity to APT42, an Iranian threat actor known for its persistent phishing campaigns across the internet targeting political and diplomatic officials, and other public figures,” Meta said in a statement.
The malicious activity originated in Iran and attempted to target individuals in Israel, Palestine, Iran, the United States and the United Kingdom, Meta said.
Political and diplomatic officials, and other public figures, including some associated with administrations of US President Joe Biden and former president Donald Trump, had been targeted, Meta said.
The company said it had no evidence that those targeted had had their accounts compromised.
“But out of an abundance of caution, weβre sharing our findings publicly, in addition to sharing information with law enforcement and our industry peers,” Meta said.
On Monday, US intelligence agencies said that Iran was responsible for the hack of Trump’s presidential campaign, while Google said the APT42 hacker group, linked to Iran’s elite Islamic Revolutionary Guard Corps, had accessed email accounts belonging to around a dozen Democratic and Republican election campaign staff in May and June.
Source: https://www.yahoo.com/news/meta-says-iran-backed-hackers-055723107.html