Metas have expressed concern about a small cluster of potentially malicious activity, which appears to be related to social engineering exercises, on their platform. According to the report, investigators have identified the source of the exercise as APT42, also known as UNC788 or Mint Sandstorm, which was previously linked by the FBI to a sophisticated phishing operation targeting individuals affiliated with both the Trump and Harris campaigns. According to the corporate statement, a suspicious activity was detected on WhatsApp that targeted individuals from specific countries, including Israel, Palestine, Iran, the United States, and the United Kingdom. The investigation further revealed that the exercise focused on political and diplomatic officials, including those affiliated with both presidential campaigns.
Malicious individuals posing as technical support agents from prominent tech companies like AOL, Google, Yahoo, and Microsoft deceived unsuspecting users on WhatsApp, attempting to gain unauthorized access to their online accounts with unknown methods targeting the vulnerabilities of their victims’ digital presence. Some of the targets anonymously reported the suspicious activity to corporate, prompting an internal investigation to commence. Meta asserts that the attempted hacking efforts were ineffective, with no evidence suggesting that the targeted accounts have been breached. The company promptly reported the suspicious activity to law enforcement agencies and cooperated fully by sharing relevant information with both presidential campaigns.
Recently, Google published a report revealing that APT42 has been targeting prominent individuals in both Israel and the United States over an extended period. The corporate stated it detected “unfruitful attempts” to breach accounts linked to President Biden, Vice President Harris and former President Trump. Notably, while Google characterised APT42’s actions as “unsuccessful”, the group did successfully infiltrate at least one prominent target: Roger Stone, a longtime political ally of Trump. The FBI previously disclosed that the individual was compromised after falling victim to phishing emails sent by Iranian hackers, who subsequently utilized his account to distribute further phishing emails to his contacts.
