Meta blocks suspicious activity linked to Iranian hacker group APT42, targeting political figures from Biden and Trump administrations
Meta, the parent company of Facebook, Instagram, and WhatsApp, reported on Friday that it had identified possible hacking attempts on the WhatsApp accounts of U.S. officials from the administrations of both President Joe Biden and former President Donald Trump. The company linked the activity to the same Iranian hacker group, APT42, which was previously implicated in compromising the Trump campaign.
In a blog post, Meta described the incident as a “small cluster of likely social engineering activity” on WhatsApp, with hackers posing as technical support for services like AOL, Google, Yahoo, and Microsoft. The accounts were blocked after users flagged the suspicious activity, and Meta stated that no evidence suggested the targeted WhatsApp accounts had been compromised.
APT42, widely believed to be connected to an intelligence division within Iran’s military, is known for deploying surveillance software on victims’ mobile phones. This software can record calls, steal text messages, and remotely activate cameras and microphones. Meta also linked this group’s recent activity to efforts to breach U.S. presidential campaigns, as reported by Microsoft and Google earlier this month.
Although Meta did not disclose the names of the targeted individuals, the blog post noted that the hackers appeared to focus on political and diplomatic officials, business figures, and other public personalities associated with the administrations of President Biden and former President Trump. The targeted figures were located in Israel, the Palestinian territories, Iran, the United States, and the United Kingdom.
