Biden and Trump administration accounts have been attacked by Iranian hackers

Meta announced that it has blocked a small cluster of WhatsApp accounts associated with Iranian-backed hackers that were posing as support agents and tech companies. The move came after the parent company of the messenger app, Facebook and Instagram, received reports from users alerting them to potential phishing campaigns.

The resulting investigation was able to link the suspicious activity to APT42 (also known as UNC788 and Mint Sandstorm), an Iranian threat actor that has persistently targeted diplomatic and political officials as well as public figures, some of which are associated with the administrations of both President Joe Biden and former President Donald Trump.

Biden and Trump administration accounts have been attacked by Iranian hackers

The announcement from Meta is just the most recent to reveal attempts by Iranian-backed hackers to gain access to individuals’ accounts in order to influence the 2024 US presidential campaign.

In recent weeks Google and Microsoft warned about Iranian hackers targeting both parties’ US presidential campaigns. The FBI also said that Iran was behind the “hack and leak” operation that targeted Roger Stone and tried to pawn stolen Trump campaign documents to the press.

Meta said in its statement that “the vigilance of these users to report the messages to us suggests that these efforts were unsuccessful. We have not seen evidence that their accounts were compromised.” The tech company made their findings public “out of an abundance of caution and given the heightened threat environment ahead of the US election.”

Furthermore, Meta has encouraged the campaigns to “stay cautious against potential adversarial targeting.” To those who reported the phishing scheme, which came from accounts posing as technical support for AOL, Google, Yahoo and Microsoft, the company has called on them to “take steps to ensure their online accounts are safe across the internet.”