Social engineering: Meta blocks suspicious WhatsApp accounts
Meta has blocked several accounts following suspected Iranian cyberattacks on political actors in the US.
(Image: iHaMoo/Shutterstock.com)
Meta has blocked WhatsApp accounts after cybercriminals behind the accounts posed as support staff from AOL, Google, Yahoo and Microsoft. Following investigations, Meta suspects that it is the Iranian threat actor "APT42", also known as UNC788 and Mint Sandstorm. This is according to a Meta report.
The APT42 group is said to have attempted to attack political and diplomatic representatives and public figures in Israel, Palestine, Iran, the USA and the UK and gain access to their accounts. According to Meta, the efforts were apparently linked to "the administrations of President Biden and former President Trump". Those affected had reported the suspicious messages. According to Meta, however, there is no evidence that the accounts of these individuals were compromised.
It recently became known that the communications of Republican presidential candidate Donald Trump's campaign team had been leaked to various news portals such as Politico. The FBI (Federal Bureau of Investigation) is now investigating. There have also been similar incidents that failed. Microsoft also reported "significant influence by Iranian actors".
Simple phishing methods
APT42 is known for its persistent approach, using simple phishing methods in an attempt to steal access data to people's online accounts. According to Meta, the group has already targeted dissidents and human rights activists from Israel and Iran in the past, "as well as politicians in the US and Iran-focused academics, activists and journalists worldwide".
(mack)
