On Friday, Meta Platforms became the latest in a line of tech giants—following in the footsteps of Microsoft, Google, and OpenAI—to expose the covert maneuvers of an Iranian state-aligned cyber adversary. This group, operating through a network of WhatsApp accounts, sought to compromise individuals spanning Israel, Palestine, Iran, the U.K., and the U.S.
This particular set of activities, emanating from Iranian soil, appeared to zero in on political and diplomatic figures, including individuals tied to both the Biden and Trump administrations, according to Meta’s disclosures.
Meta identified this cyber entity as APT42, a nation-state actor also recognized under several aliases: Charming Kitten, Damselfly, Mint Sandstorm (formerly Phosphorus), TA453, and Yellow Garuda. This group is suspected to have affiliations with Iran’s Islamic Revolutionary Guard Corps (IRGC).
Renowned for deploying intricate social engineering schemes, this threat actor often engages in spear-phishing campaigns designed to infect targets of interest with malware and exfiltrate their credentials. Proofpoint recently uncovered that this cyber collective targeted a prominent Jewish figure, attempting to infiltrate their device with a malware strain known as AnvilEcho.
Meta noted that this “small cluster” of WhatsApp accounts impersonated technical support for major tech companies like AOL, Google, Yahoo, and Microsoft. However, it appears these efforts largely fell short of their objectives, as the accounts have since been terminated.
“We have not observed any evidence indicating that their accounts were compromised,” Meta, the parent company of Facebook, Instagram, and WhatsApp, stated. “We have advised those who brought this to our attention to enhance the security of their online accounts across the digital landscape.”
This revelation follows the U.S. government’s formal accusation against Iran, alleging that the nation attempted to destabilize U.S. elections, fan the flames of division among the American populace, and undermine confidence in the electoral process through the amplification of propaganda and the gathering of political intelligence.