Summarize

Simplifying... Inshort

Iranian hackers, posing as tech support from big-name companies, targeted WhatsApp accounts of Trump and Biden staffers, according to Meta.
The company has blocked some accounts in response, but found no evidence of successful breaches.
The hacks, linked to Iranian group APT42, are part of a broader strategy to disrupt US democracy, weaken Israel support, and counter certain political candidates.

Was a long read? Making it simpler...

Next Article

Hackers reportedly posed as tech support agents

Iranian hackers targeted WhatsApp accounts of Trump, Biden staffers: Meta

By Akash Pandey

Aug 24, 2024

06:09 pm

What's the story

Meta has revealed that an Iranian hacking group, attempted to compromise the WhatsApp accounts of staff members from both President Joe Biden and former President Donald Trump's administrations. The group is suspected to be the same one that recently targeted the Democratic and Republican presidential campaigns, as revealed by Google earlier this month. Meta uncovered this network after receiving reports about suspicious WhatsApp messages from individuals who were targeted.

Disguise tactics

Hackers posed as tech support agents

The hackers involved in this operation disguised themselves as tech support agents from well-known companies like Microsoft, AOL, Google, and Yahoo. Meta's investigators linked these activities to the same network responsible for a hacking incident reported by Trump's campaign. The FBI has also acknowledged that a hack by Iran on the Trump campaign and an attempted breach of the Biden-Harris campaign, were part of a broader Iranian strategy to interfere with US presidential elections.

Preventive measures

Meta's response to the hacking attempts

In response to these hacking attempts, Meta has blocked a small group of accounts. The company stated that it has not found evidence of the targeted WhatsApp accounts being compromised. However, as a precautionary measure, it is publicly sharing its findings and also providing information to law enforcement agencies and industry peers.

Motives

US intelligence on Iran's cyber strategies

US intelligence officials have suggested that Iran's escalating use of cyberattacks and disinformation campaigns aims to destabilize voter confidence in US democracy, weaken support for Israel, and counter candidates likely to escalate tensions between Washington and Iran. In July, Director of National Intelligence Avril Haines, disclosed that Iran's government covertly backed American protests against Israel's war against Hamas in Gaza.

Threat actor

Hacking efforts linked to APT42

Meta's investigation has connected the hacking attempts to APT42 (also known as UNC788 and Mint Sandstorm)—an Iranian threat actor. This group is notorious for its persistent adversarial campaigns using basic phishing techniques across the internet to steal data from people's online accounts. Meta previously shared threat research related to this group targeting individuals in West Asia, including Saudi military personnel, dissidents and human rights activists from Israel and Iran, US politicians, and journalists globally.