Meta Facebook Inc said Friday it has banned a “small group” of WhatsApp accounts linked to an Iranian hacking group that was targeting officials linked to President Joe Biden and former President Donald Trump.
The company said in a blog post that the fake WhatsApp accounts appear to have originated from an Iranian threat actor called APT42, which other tech companies such as Google The group has previously been described as an “Iranian state-sponsored cyber espionage entity.” The group has targeted numerous activists, NGOs, media outlets, and others.
Meta said the scheme was aimed at exploiting “political officials, diplomats, and other public figures, including some associated with the Biden and former Trump administrations.” The campaign also targeted people in Israel, Palestine, Iran, and the United Kingdom.
With less than 75 days to go until the November election, Meta is attracting increasing public attention over the ways Facebook was exploited and manipulated in the past two presidential campaigns. The company said it has seen no evidence that any WhatsApp user accounts were compromised, and is sharing more information with “law enforcement and our industry peers.”
Meta said its security team was able to detect APT42's involvement after analyzing suspicious messages that an unspecified number of users reported receiving from fraudulent WhatsApp accounts.
“These accounts were posing as technical support for AOL, Google, Yahoo, and Microsoft,” Meta said in a blog post. “Some of the people targeted by APT42 reported these suspicious messages to WhatsApp using in-app reporting tools.”
The Trump campaign said earlier this month that a foreign actor had hacked its network and illegally obtained internal communications. Microsoft also said at the time that it had identified several Iranian hacking groups that were trying to influence the U.S. presidential election, and that an APT42 affiliate “sent a phishing email in June to a senior presidential campaign official from the hacked email account of a former senior adviser.”
In 2019, Microsoft said it had identified several hackers linked to the Iranian government who were believed to have targeted an unspecified U.S. presidential campaign as well as other government officials and media outlets.
Watch: Big Tech: Too Big to Break Up