Iranian Campaign Targets WhatsApp Users

Uploaded on 2024-09-09 in NEWS-Cybersecurity News, INTELLIGENCE-Hot Spots-Iran, FREE TO VIEW

Meta, the parent company of Facebook, Instagram and WhatsApp has said that its security teams had blocked a small cluster of accounts on the WhatsApp messaging platform, who were posing as support agents.

Meta’s security teams identified and blocked a cluster of WhatsApp accounts impersonating techniical supprts staff for major tech companies inclusing AOL, Google, Yahoo, and Microsoft.

This sophisticated social engineering attack, attributed to the Iranian hacker group APT42 (also known as UNC788 and Mint Sandstorm), aimed at political and diplomatic officials, as well as other prominent figures connected to both the Biden and Trump administrations.

The Attack’s scope spanned individuals in Israel, the Palestinian Authority, Iran, the US, and  Britain.

APT42 is notorious for its persistent phishing campaigns that exploit basic tactics to steal credentials for online accounts.Previously, this group has been linked to similar activities targeting Saudi military personnel, dissidents, human rights activists from Israel and Iran, and journalists worldwide. In this latest campaign, APT42’s phishing attempts involved creating fake technical support accounts, which were promptly reported by users.

APT42 is assessed by Mandiant to operate on behalf of the Islamic Revolutionary Guard Corps Intelligence Organisation (IRGC-IO), and according to Cybernews, this group is known for deploying surveillance software that can record phone calls, steal text messages, and activate cameras and microphones without the user’s knowledge.

Researchers following the group have linked APT42’s activities to broader efforts to infiltrate US presidential campaigns. This connection was highlighted by recent reports from Microsoft and Google, which also detailed Iranian attempts to interfere in the upcoming US presidential election. However, considering the high-profile nature of the targets, Meta has chosen to disclose these findings publicly. The company has also informed law enforcement and presidential campaigns to enhance vigilance against potential adversarial activities.

The ability of Meta’s users to recognise and report these suspicious accounts played a crucial role in preventing further damage. The reported accounts were blocked before they could cause significant harm. With the next US elections and heightened security concerns, Meta is urging public figures, journalists, and political candidates to stay alert.

Meta recommends using available privacy and security settings, avoiding interactions with unknown contacts, and reporting any suspicious activity immediately. These events highlight the importance of cyber security vigilance in an increasingly interconnected world, particularly for high-profile individuals and organisations.

I-HIS     |     The Print     |     X.com     |     Trend Micro   |    Mandiant 

Image: arivera

You Might Also Read:

Iranian Hackers Target Israeli Citizens:

If you like this website and use the comprehensive 7,000-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

« Hackers Attack Russia & Belarus
Cyber Attack Hits German Air Traffic Control »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

ForeScout Technologies

ForeScout Technologies

ForeScout delivers pervasive network security by allowing organisations to continuously monitor & mitigate security exposures & cyberattacks.

Cognizant

Cognizant

Cognizant offer services and solutions for IT Infrastructure Security, Enterprise Mobility and Internet of Things.

Swiss Cyber Storm

Swiss Cyber Storm

Swiss Cyber Storm is a non profit organization hosting the international Swiss Cyber Storm Conference and running the Swiss part of the European Cyber Security Challenges.

National Cyber Summit (NCS)

National Cyber Summit (NCS)

The National Cyber Summit is the preeminent event for cyber training, education and workforce development aimed at protecting our nation's infrastructure from the ever-evolving cyber threat.

Ergon Informatik

Ergon Informatik

Ergon Informatik AG is Switzerland's leading provider of customised software solutions and software products including fraud detection and the Airlock web security suite.

RiskRecon

RiskRecon

RiskRecon makes it easy to gain deep, risk contextualized insight into the cybersecurity risk performance of all of your third parties.

Identifi Global Recruitment

Identifi Global Recruitment

Identifi Global is one of the UK's leading Cyber Security & IT Recruitment specialists.

7layers

7layers

7layers has established itself as one of the world’s leading test house groups for mobile devices and the growing number of wireless devices, modules and chipsets.

Cegeka

Cegeka

Cegeka is a family-owned IT company providing end-to-end IT solutions, services & consultancy.

C3.ai Digital Transformation Institute

C3.ai Digital Transformation Institute

The C3.ai Digital Transformation Institute is a research consortium dedicated to accelerating the benefits of artificial intelligence for business, government, and society.

Data Priva

Data Priva

Data Priva is the UK's leading subscription-based data protection, governance, risk and and compliance service.

Transparity Cyber

Transparity Cyber

Transparity Cyber is dedicated to cybersecurity. As part of the Transparity Group we’re an established name in the Microsoft Cloud landscape, with a focus on cybersecurity excellence.

ISSQUARED

ISSQUARED

ISSQUARED is a leading provider of Cyber Security, Cloud, Infrastructure, Consulting and Digital Transformation services.

BSS

BSS

BSS is a solutions and services business based in the UK with a focus on Cyber Security, Data, Financial Crime, Internal Audit, Change, Risk and Resilience.

Mindcore Technologies

Mindcore Technologies

Mindcore provide cyber security services, managed IT services and IT consulting services to businesses in NJ, FL, and throughout the United States.

SpectrumWise

SpectrumWise

SpectrumWise is a business technology specialist that provides Managed Services and Managed Security for small and medium IT Networks.