Meta Platforms has disrupted efforts by Iranian hackers linked to the Islamic Revolutionary Guard Corps, aimed at influencing the 2024 U.S. presidential election. Known as APT42, these hackers targeted individuals linked to President Joe Biden and former President Donald Trump by pretending to offer tech support.
Social Engineering Tactics Unveiled
The hackers used social engineering tactics, pretending to be tech support from firms like AOL, Google, Yahoo, and Microsoft. Their goal was to trick targets into revealing sensitive information, notably account passwords. Meta acted after users reported suspicious messages on WhatsApp, which were flagged through the platform's reporting tools.
Meta shared information about compromised accounts with law enforcement and other tech firms. Both Microsoft and Google have reported similar phishing attempts aimed at individuals associated with Trump, Biden, and Vice President Kamala Harris. The U.S. government has confirmed that Iran has attempted to breach both Republican and Democratic campaigns to influence the election.
Historical Context and Broader Targeting
APT42 is known for targeting political and diplomatic figures, business leaders, and public personalities across countries such as Israel, Palestine, Iran, the U.S., and the U.K. Their operations often focus on perceived adversaries, dissidents, human rights advocates, and journalists. Meta's research has previously detailed APT42's activities against military personnel, dissidents, and activists in the Middle East, as well as politicians and scholars in the U.S.
The Office of the Director of National Intelligence, the FBI, and CISA have noticed increased Iranian influence operations this election cycle. Meta's response is part of a larger effort to combat state-sponsored cyber threats. The company remains vigilant in monitoring and addressing malicious activities to protect the electoral process.
Meta advises public figures, journalists, and political campaigns to stay alert. The company recommends using robust privacy and security settings, avoiding unknown contacts, and reporting any suspicious interactions to safeguard against adversarial targeting as the election approaches.
Meta's CrowdTangle Shutdown
Meta is already playing a role in security during the elections after choosing to close its CrowdTangle feature this month. The decision has sparked extensive criticism from academics, politicians, and regulators, especially with the U.S. elections fast approaching. Meta's announcement in March to shut down CrowdTangle by August 14 and has now fulfilled that plan.
Meta proposes replacing CrowdTangle with the Meta Content Library (MCL) and Content Library API, which aim to offer broad access to public content archives on Facebook and Instagram. However, academics have raised doubts about the efficacy of this new system. The European Commission is also probing the decision and questioning Meta's planned CrowdTangle replacement.