There is meta WhatsApp has blocked their accounts engages in “a small group of suspected social engineering activities” in the service. In his report, he revealed that he traced his activities to APT42 (called UNC788 and Mint Sandstorm), which the FBI previously linked to a phishing campaign targeting members of the Trump and Harris camps. The company said the suspicious activity on WhatsApp “attempted to target individuals in Israel, Palestine, Iran, the United States and the United Kingdom.” It also targeted political and diplomatic officials, including those associated with both presidential candidates.
Bad actors on WhatsApp posed as tech support representatives from AOL, Google, Yahoo and Microsoft, although Meta did not disclose how they attempted to compromise their targets’ accounts. Some of these targets tipped off the company about the activity, prompting it to launch an investigation. Meta said it believes the criminals’ efforts were unsuccessful and has seen no evidence that the targets’ accounts have been compromised. However, it reported malicious activity to law enforcement and shared information with both presidential campaigns.
Earlier this month, Google also published a report detailing how APT42 has been targeting high-profile users in Israel and the US for years. The company said it had observed “unsuccessful attempts” to take over the accounts of individuals associated with President Biden, Vice President Harris and former President Trump. Although Google called APT42’s attacks “failed,” the group successfully infiltrated the account of at least one high-profile victim: Roger Stone, a close political confidant of Trump. The FBI previously said he was the victim of phishing emails sent by Iranian hackers, who then used his account to send more phishing emails to his contacts.