On Friday, Meta reported possible hacking attacks by Iranian actors on the WhatsApp accounts of US officials amid growing concerns about Tehran’s interference in the US election.
These officials are in contact with both President Joe Biden and former President Donald TrumpThe company traced these attempts to APT42, an Iranian hacking group widely believed to be linked to an intelligence branch of the Iranian military. The group has a history of conducting invasive surveillance operations, often targeting political figures and activists abroad.
According to Meta, the parent company of Facebook, Instagram and WhatsApp, the hacks were identified as part of a “small group of likely social engineering activities on WhatsApp.” The attackers reportedly posed as technical support staff from companies such as AOL, Google, Yahoo and Microsoft to gain unauthorized access. However, Meta quickly intervened and blocked the accounts after flagging them as suspicious. There is no evidence that WhatsApp accounts were specifically compromised.
Beginning of the monthMicrosoft and Google reported attempts to break into US presidential campaigns ahead of the November election. The hackers apparently focused their efforts on political and diplomatic officials, business leaders and other public figures in the US, Israel, the Palestinian territories and the UK.
Last week, U.S. intelligence agencies, including the FBI, the Office of the Director of National Intelligence, and the Cybersecurity and Infrastructure Security Agency (CISA), released a joint statement confirming the involvement of Iranian state actors in recent cyberattacks on former President Trump’s campaign. The statement highlighted an escalation of Iranian efforts to interfere in the current election cycle, particularly through influence operations and cyber activities aimed at compromising presidential campaigns of both political parties.
According to a Friday report from ReutersAPT42, also known as “Charming Kitten” in the cybersecurity community, is notorious for its sophisticated cyber espionage operations. The group has a well-documented history of installing surveillance software on its targets’ mobile phones, allowing them to record calls, steal text messages, and even remotely activate cameras and microphones. This invasive approach poses a significant threat, especially given the group’s focus on high-value targets in Washington and Israel.
Researchers at Mandiant, a leading U.S. cybersecurity firm, told Reuters about the physical dangers of APT42’s activities. There are documented cases where the group’s cyber surveillance preceded physical attacks on Iranian activists and protesters, some of whom were subsequently detained or threatened in Iran.
Tehran has consistently Participation refused involved in these cyber activities. In response to the recent US intelligence report attributing the hacking of the Trump campaign to Iranian state actors, the Iranian mission to the United Nations issued a statement last week calling the allegations “baseless and groundless.” It stressed that Iran had neither the intention nor the motive to interfere in the US presidential election and called on the US to provide concrete evidence of the alleged interference.
These developments appear to be part of a broader pattern of increasing Iranian cyber activity aimed at influencing the U.S. presidential election. Reports earlier this summer also suggested that Iran was hatching a plan to assassinate Trump, although Tehran has denied those allegations as well.
