Meta announced on Friday that it had detected an ongoing hacking campaign targeting WhatsApp accounts of US officials from both the Biden and Trump administrations. The company identified the perpetrators as APT42, an Iranian hacker group linked to an intelligence division within Iran’s military. This group is known for installing surveillance software on mobile devices to record calls, steal text messages, and activate cameras and microphones.
According to Meta’s blog post, the hacking attempts involved a small number of accounts posing as technical support for various online services, including AOL, Google, Yahoo, and Microsoft. Meta blocked these accounts after users flagged them as suspicious. The company stated that there was no evidence suggesting that the targeted WhatsApp accounts had been successfully compromised.
APT42’s activities have been linked to recent efforts to breach US presidential campaigns, as reported by Microsoft and Google earlier this month, ahead of the November US presidential election. Meta’s blog post did not specify the targeted individuals but mentioned that the hackers appeared to focus on political and diplomatic officials, business figures, and other public figures, including some associated with both President Biden’s and former President Trump’s administrations. The targeted individuals were located in Israel, the Palestinian territories, Iran, the United States, and the United Kingdom.
According to NBC News, both the US government and Google have confirmed that a cyberespionage group associated with Iran’s Islamic Revolutionary Guard Corps has attempted to target the presidential campaigns of both major parties. The hacking group successfully breached former President Trump’s campaign, while Kamala Harris’s campaign remained unaffected.