Iran’s APT42 Targets WhatsApp Users With Spear-Phishing Attacks



Spear Phishing Bigger ProblemResearchers at Meta have published details on Iranian spear-phishing attacks targeting WhatsApp accounts. The activity is attributed to APT42, a threat actor tied to Iran’s Islamic Revolutionary Guard Corps (IRGC). 

The threat actor is targeting WhatsApp accounts belonging to individuals in Israel, Palestine, Iran, the United States, and the UK, focusing on “political and diplomatic officials, and other public figures, including some associated with administrations of President Biden and former President Trump.”

APT42 uses well-known social engineering techniques to compromise its victims. In this case, the threat actor impersonated tech support employees at major companies.

“These accounts posed as technical support for AOL, Google, Yahoo, and Microsoft,” Meta says. “Some of the people targeted by APT42 reported these suspicious messages to WhatsApp using our in-app reporting tools. Those reported messages enabled us to investigate this latest campaign and link it to the same hacking group responsible for similar attempts aimed at political, military, diplomatic and other officials, as reported by our industry peers at Microsoft and Google.”

The researchers add that there’s no evidence that the threat actor succeeded in compromising any accounts, but WhatsApp users should remain on the lookout. 

“The vigilance of these users to report the messages to us suggests that these efforts were unsuccessful,” Meta says. “We have not seen evidence that their accounts were compromised. We have encouraged those who reported to us to take steps to ensure their online accounts are safe across the internet.

Out of an abundance of caution and given the heightened threat environment ahead of the US election, we also shared information about this malicious activity with law enforcement and with the presidential campaigns to encourage them to stay cautious against potential adversarial targeting.”

KnowBe4 empowers your workforce to make smarter security decisions every day. Over 70,000 organizations worldwide trust the KnowBe4 platform to strengthen their security culture and reduce human risk.

Meta has the story.


Free Phishing Security Test

Would your users fall for convincing phishing attacks? Take the first step now and find out before bad actors do. Plus, see how you stack up against your peers with phishing Industry Benchmarks. The Phish-prone percentage is usually higher than you expect and is great ammo to get budget.

PST ResultsHere's how it works:

  • Immediately start your test for up to 100 users (no need to talk to anyone)
  • Select from 20+ languages and customize the phishing test template based on your environment
  • Choose the landing page your users see after they click
  • Show users which red flags they missed, or a 404 page
  • Get a PDF emailed to you in 24 hours with your Phish-prone % and charts to share with management
  • See how your organization compares to others in your industry

Go Phishing Now!

PS: Don't like to click on redirected buttons? Cut & Paste this link in your browser:

https://www.knowbe4.com/phishing-security-test-offer



Subscribe to Our Blog


Comprehensive Anti-Phishing Guide




Get the latest about social engineering

Subscribe to CyberheistNews