© 2024 CoolTechZone - Latest tech news,
product reviews, and analyses.

Meta disrupts cyber espionage campaign linked to Iranian hacking group on WhatsApp


Meta’s security team has blocked a limited number of WhatsApp accounts posing as support agents for tech companies.

Investigation showed that these accounts were related to an Iranian hacking group called APT42. The operation is infamous for its persistent phishing campaigns across the internet, targeting political and diplomatic officials, as well as other public figures.

In the past, APT42, also known as UNC788 and Mint Sandstorm, has attempted to aim its malicious activities against targets in Israel, Palestine, Iran, the United States, and the United Kingdom, including people associated with both President Biden and former president Donald Trump. This was recently confirmed by Microsoft’s Threat Intelligence Team and Google.

According to Meta, the Iranian hacking group deploys basic phishing tactics to steal login credentials. In order to do that, the hackers pretend to be technical support employees for tech companies like AOL, Google, Yahoo, and Microsoft. So far, they have targeted people living in the Middle East and the United States, including the Saudi military, dissidents, human rights activists, politicians, scientists, and journalists.

These threat actors often rely on WhatsApp to swipe login credentials. Some of the targeted people reported suspicious messages to Meta, who then investigated the matter. The Menlo Park-based company saw evidence that those accounts were compromised and decided to block a small number of them. It also shared information about malicious activities with law enforcement agencies and the presidential campaigns.

“We continue to monitor information coming from our industry peers, our own investigations, and user reports and will take action if we detect further attempts by malicious actors to target people on our apps,” Meta says in a blog post.

The owner of Facebook, Instagram, and WhatsApp strongly recommends public figures, journalists, and political candidates to remain vigilant, avoid engaging with people they don’t know and report suspicious activities to the company.

“As a reminder, cyber espionage actors typically target people across the internet to collect intelligence, manipulate them into revealing information, and compromise their devices and accounts. When we disrupt these operations, we take down their accounts, block their domains from being shared on our platform, and notify people who we believe were targeted by these malicious groups,” Meta states.


Leave a Reply

Your email address will not be published. Required fields are marked