California, August 24:
A small cluster of identities on the messaging network WhatsApp were blocked by Meta's security staff. These accounts were impersonating help representatives for tech businesses. Meta is the parent corporation of Facebook, Instagram, and WhatsApp. Meta said in a statement on August 23 that the WhatsApp accounts were connected to an Iranian hacking group that had also tried to conduct email phishing attacks on individuals associated with US President Joe Biden, US Vice President Kamala Harris, former US President Donald Trump, and other political and diplomatic officials.
Meta has taken the position that it has not found any proof of successful hacking of the targeted WhatsApp accounts, but it has informed both law enforcement and other tech companies of this fact.
Iran was officially charged by the US of trying to sabotage the US presidential elections earlier. "The Iranian government views the upcoming elections as having the potential to significantly affect its national security interests, which has led to an increase in Tehran's efforts to influence the outcome," stated a joint statement released on August 19 by the FBI, the Office of the Director of National Intelligence, and the federal cybersecurity agency CISA.
"We have observed increasingly aggressive Iranian activity during this election cycle, specifically involving influence operations targeting the American public and cyber operations targeting Presidential campaigns," according to the statement.
In the upcoming US presidential election in November, former US Vice President and Democratic candidate Kamala Harris will square off against Donald Trump, the Republican nominee and a former US president.
According to Meta's statement from August 23, the current "malicious activity" had Iranian roots and sought to harm people in Iran, Israel, Palestine, the US, and the UK.
The hackers posed as AOL, Google, Yahoo!, or Microsoft technical help on WhatsApp, according to the report.
After looking into user reports, the tech company's security teams banned a small cluster of what they called "likely social engineering activity" on WhatsApp.
The business claimed it discovered the operation when some of the victims reported unusual messages to WhatsApp, and that the hackers had tried to deceive them into divulging vital information including account passwords.
According to Meta's findings, the Iranian threat actor APT42—also known as UNC788 and Mint Sandstorm—was behind the hacking efforts. APT42 is notorious for its ongoing antagonistic attacks that use basic phishing tactics to obtain login credentials from people's online accounts throughout the internet.
The American business claimed to have previously shared threat intelligence about the organization with individuals in West Asia, including Saudi military personnel, Israeli and Iranian dissidents and human rights advocates, US lawmakers, and Iranian-focused scholars, activists, and journalists worldwide.
