Iranian state-sponsored threat operation APT42 had a "small cluster" of WhatsApp accounts believed to have been leveraged for social engineering efforts against the upcoming U.S. elections dismantled by Meta, reports CyberScoop.
Attacks involved the utilization of accounts spoofing Microsoft, Google, Yahoo, and AOL IT support to target other WhatsApp accounts belonging to individuals in the U.S., Iran, Israel, Palestine, and the UK, according to Meta researchers. "This effort appeared to have focused on political and diplomatic officials, and other public figures, including some associated with administrations of President Biden and former President Trump," said Meta, emphasizing the absence of evidence suggesting a successful compromise. Such a development comes days after APT42's hack-and-leak attack against the campaign of former President Donald Trump was confirmed by the FBI, Cybersecurity and Infrastructure Security Agency, and the Office of the Director of National Intelligence to have been associated with the attempted spearphishing attack reported by Microsoft and Google.