Meta said Friday that it blocked a “small cluster” of WhatsApp accounts linked to an Iranian hacking group that was targeting officials related to President Joe Biden and former President Donald Trump.
The corporate said in a blog post that the bogus WhatsApp accounts appeared to originate from the Iranian threat actor dubbed APT42, which other tech firms like Google previously described as an “Iranian state-sponsored cyber espionage actor.” The group has targeted various activists, non-government organizations, media outlets and others.
Meta said the scheme was intended to take advantage of “political and diplomatic officials, and other public figures, including some related to administrations of President Biden and former President Trump.” The campaign also targeted people in Israel, Palestine, Iran and the U.K.
With lower than 75 days until the November election, Meta is attracting increased public attention attributable to ways in which Facebook has been exploited and manipulated within the two prior presidential campaigns. The corporate said it hasn’t seen any evidence that the accounts of any WhatsApp users were compromised, and it’s sharing more information with “law enforcement and our industry peers.”
Meta said its security team was capable of spot APT42’s involvement after analyzing suspicious messages that an unspecified variety of users reported receiving from the fraudulent WhatsApp accounts.
“These accounts posed as technical support for AOL, Google, Yahoo and Microsoft,” Meta said within the blog post. “A few of the people targeted by APT42 reported these suspicious messages to WhatsApp using our in-app reporting tools.”
The Trump campaign said earlier this month that a foreign actor had compromised its network and illegally obtained internal communications. Microsoft also said on the time that it identified several Iranian hacking groups that were attempting to influence the U.S. presidential election, and that a gaggle  affiliated with APT42 “sent a spear phishing email in June to a high-ranking official on a presidential campaign from the compromised email account of a former senior advisor.”
In 2019, Microsoft said it had identified several hackers linked to the Iranian government who were believed to have targeted an unspecified U.S. presidential campaign along with other government officials and media.
WATCH: Big Tech: too big to separate
