California (US): Meta, the parent company of Facebook, Instagram, and WhatsApp, has blocked several WhatsApp accounts linked to Iranian hackers posing as tech support agents. These hackers attempted phishing attacks on U.S. political and diplomatic officials, including individuals connected to President Joe Biden, Vice President Kamala Harris, and former President Donald Trump.
What Happened?
Meta’s security teams identified and blocked a small group of WhatsApp accounts that were part of a larger effort by hackers affiliated with Iran. These hackers pretended to be technical support for major companies like AOL, Google, Yahoo, and Microsoft, in an attempt to trick targets into revealing sensitive information, such as passwords.
The Bigger Picture
This recent activity is part of a broader pattern of Iranian cyber operations targeting the U.S. In a statement on August 19, the Office of the Director of National Intelligence, the FBI, and the cybersecurity agency CISA warned of Iran’s increased efforts to influence the upcoming U.S. presidential elections.
Meta has shared its findings with law enforcement and other tech companies. Although no evidence has been found that the targeted WhatsApp accounts were successfully compromised, Meta’s quick response highlights the ongoing threat posed by cyber operations from state-affiliated actors like APT42, an Iranian group known for its persistent phishing campaigns.
Global Impact
The malicious activity originating in Iran has also targeted individuals in Israel, Palestine, Iran, the United States, and the UK. Meta has been proactive in identifying and blocking these threats, continuing to investigate and protect users from such attacks.
Meta’s statement on August 23 emphasized that the company will remain vigilant in defending its platforms against these and other threats, working closely with global partners to ensure user safety.
TECH READ | Regulators pressure Musk’s X over default AI data harvesting