Iranian Campaign Targets WhatsApp Users

Uploaded on 2024-09-09 in NEWS-Cybersecurity News, INTELLIGENCE-Hot Spots-Iran, FREE TO VIEW

Meta, the parent company of Facebook, Instagram and WhatsApp has said that its security teams had blocked a small cluster of accounts on the WhatsApp messaging platform, who were posing as support agents.

Meta’s security teams identified and blocked a cluster of WhatsApp accounts impersonating techniical supprts staff for major tech companies inclusing AOL, Google, Yahoo, and Microsoft.

This sophisticated social engineering attack, attributed to the Iranian hacker group APT42 (also known as UNC788 and Mint Sandstorm), aimed at political and diplomatic officials, as well as other prominent figures connected to both the Biden and Trump administrations.

The Attack’s scope spanned individuals in Israel, the Palestinian Authority, Iran, the US, and  Britain.

APT42 is notorious for its persistent phishing campaigns that exploit basic tactics to steal credentials for online accounts.Previously, this group has been linked to similar activities targeting Saudi military personnel, dissidents, human rights activists from Israel and Iran, and journalists worldwide. In this latest campaign, APT42’s phishing attempts involved creating fake technical support accounts, which were promptly reported by users.

APT42 is assessed by Mandiant to operate on behalf of the Islamic Revolutionary Guard Corps Intelligence Organisation (IRGC-IO), and according to Cybernews, this group is known for deploying surveillance software that can record phone calls, steal text messages, and activate cameras and microphones without the user’s knowledge.

Researchers following the group have linked APT42’s activities to broader efforts to infiltrate US presidential campaigns. This connection was highlighted by recent reports from Microsoft and Google, which also detailed Iranian attempts to interfere in the upcoming US presidential election. However, considering the high-profile nature of the targets, Meta has chosen to disclose these findings publicly. The company has also informed law enforcement and presidential campaigns to enhance vigilance against potential adversarial activities.

The ability of Meta’s users to recognise and report these suspicious accounts played a crucial role in preventing further damage. The reported accounts were blocked before they could cause significant harm. With the next US elections and heightened security concerns, Meta is urging public figures, journalists, and political candidates to stay alert.

Meta recommends using available privacy and security settings, avoiding interactions with unknown contacts, and reporting any suspicious activity immediately. These events highlight the importance of cyber security vigilance in an increasingly interconnected world, particularly for high-profile individuals and organisations.

I-HIS     |     The Print     |     X.com     |     Trend Micro   |    Mandiant 

Image: arivera

You Might Also Read:

Iranian Hackers Target Israeli Citizens:

If you like this website and use the comprehensive 7,000-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

« Hackers Attack Russia & Belarus
Cyber Attack Hits German Air Traffic Control »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Wall Street Technology Association (WSTA)

Wall Street Technology Association (WSTA)

The Wall Street Technology Association (WSTA) provides financial industry technology professionals with forums to learn from and connect with each other.

Tufin

Tufin

Tufin enables organizations to automate their security policy visibility, risk management, provisioning and compliance across their multi-vendor, hybrid environment.

Itaccel

Itaccel

IT Accel began a decade ago as a band of technical recruiters who wanted to bring our experience and depth of knowledge to solving complex human resou

SecuPi

SecuPi

SecuPi delivers data-centric security with data-flow discovery, real-time monitoring, behavior analytics, and protection across web and enterprise applications and big data environments.

CIO Dive

CIO Dive

CIO Dive provides news and analysis for IT executives in areas including IT strategy, cloud computing, cyber security, big data, AI, software, infrastructure, dev ops and more.

QSecure

QSecure

QSecure specializes in the provision of information security and risk management services.

ThirdWatch

ThirdWatch

ThirdWatch is a Data Science company with real-time automated fraud prevention solutions.

Swiss Accreditation Service (SAS)

Swiss Accreditation Service (SAS)

SAS is the national accreditation body for Switzerland. The directory of members provides details of organisations offering certification services for ISO 27001.

EUROCONTROL

EUROCONTROL

EUROCONTROL is a pan-European, civil-military organisation dedicated to supporting European aviation. We help our stakeholders protect themselves against cyber threats.

Jandnet Recruitment

Jandnet Recruitment

Jandnet Recruitment is a small specialist company working in the IT sector. We recruit across all IT disciplines including cyber security and digital identity.

Vigilant Technology Solutions

Vigilant Technology Solutions

Vigilant is a global cyber security technology company offering solutions to manage entire IT & cyber security lifecycles.

US Coast Guard Cyber Command

US Coast Guard Cyber Command

US Coast Guard Cyber Command’s focus is to ensure the security of our cyberspace, maintain superiority over our adversaries,and safeguard our Nation’s critical maritime infrastructure.

RiskOptics

RiskOptics

RiskOptics (formerly Reciprocity) equips organizations with one of the most intuitive and powerful information security and cyber risk management solutions in the market.

Emtec

Emtec

Emtec’s cyber security team provides advisory, assessment, & managed security services that help you build the cyber security policies, toolsets & best practices to elevate your cyber security posture

Raito

Raito

Raito's unique solution integrates with the data development process and lets data teams monitor, manage, and automate data security across the data stack.

Rapifuzz

Rapifuzz

At Rapifuzz, our goal is to help organizations test and secure their APIs enabling trust, innovation and Seamless Secured Digital Experiences.