August 15, 2024 at 09:21AM
Google has disrupted an Iranian state-sponsored hacking campaign targeting individuals linked to the US elections. The campaign, attributed to APT42, targeted personal email accounts of former US officials and affiliates of President Biden and former President Trump. Google has proactively referred the activity to law enforcement and observed the use of phishing tactics and tactics to compromise accounts.
Certainly! From the meeting notes, it is clear that Google has disrupted an Iranian state-sponsored hacking campaign targeting personal email accounts associated with the US elections.
The campaign, attributed to APT42, took place in May and June, targeting dozens of individuals, including former US government officials and individuals affiliated with President Biden and former President Trump’s election campaigns. Google has blocked numerous login attempts and referred the activity to law enforcement while continuing to cooperate with them.
The hacking involved phishing campaigns that included malicious links in emails and PDF attachments, as well as the use of social engineering to lure victims into video meetings and then sending them links to phishing pages. The threat actor abused popular services such as Google Sites, Google Meet, OneDrive, Dropbox, and Skype for phishing attacks, and also used legitimate attachments to encourage engagement on other platforms.
Furthermore, it is noted that the APT42 phishing campaigns were supported by reconnaissance and that the threat actor is adept at targeting multi-factor authentication protections.
The group has been intensifying attacks against high-profile users in Israel, targeting individuals in the defense sector, diplomats, academics, and civil society, including NGOs and political entities. APT42 also impersonated organizations of interest to the targets of its phishing attacks.
Overall, APT42 is described as a sophisticated, persistent threat actor and has shown the ability to run numerous simultaneous phishing campaigns, particularly focused on Israel and the US, with the expectation of increased campaigns as hostilities between Iran and Israel intensify.