Meta cracks down on Iranian hackers targeting US elections, takes down their WhatsApp accounts

Meta has taken action against Iranian hackers by blocking WhatsApp accounts involved in a suspected social engineering campaign. The company traced this activity to APT42, also known as UNC788 and Mint Sandstorm, a group previously linked by the FBI to a phishing campaign that targeted members of both the Trump and Harris camps.

This suspicious activity on WhatsApp appeared to target individuals in Israel, Palestine, Iran, the United States, and the UK, focusing particularly on political and diplomatic officials associated with both US presidential candidates.

The hackers posed as technical support representatives from companies like AOL, Google, Yahoo, and Microsoft, though Meta did not provide details on how they attempted to compromise their targets’ accounts.

Some of the targeted individuals reported the suspicious activity, prompting Meta to launch an investigation. The company believes that the hackers’ efforts were unsuccessful, as it found no evidence that the targets’ accounts were compromised.

Nonetheless, Meta reported the activity to law enforcement and shared relevant information with both presidential campaigns.

Earlier in the month, Google released a report revealing that APT42 had been targeting high-profile users in Israel and the US for years. While many of APT42’s attempts were unsuccessful, the group did manage to infiltrate the account of Roger Stone, a close political confidante of Trump.

The hackers used Stone’s account to send phishing emails to his contacts, further illustrating the threat posed by this group.

Meta’s actions demonstrate the ongoing efforts by tech companies to safeguard the integrity of political processes in the face of sophisticated cyber threats.