Iran-linked hacking group targeted emails of individuals from Biden and Trump campaigns
An organization linked with Iran aimed at the personal email accounts of “approximately a dozen” individuals tied to the Trump and Biden campaigns, including current and former U.S. government officials, as stated in a Google report published on Wednesday.
“Throughout May and June, APT42 targets included the personal email accounts of around a dozen individuals connected with President Biden and former President Trump, along with current and former officials in the U.S. government and individuals related to the respective campaigns. We blocked numerous APT42 attempts to access the personal email accounts of targeted individuals,” the report mentioned, referring to a hacking group linked with Iran’s Islamic Revolutionary Guard Corps (IRGC).
As per Google, the organization has primarily focused on users in Israel and the United States, including some who are high profile.
“Recent public reports indicate that APT42 has successfully penetrated accounts across multiple email providers,” as per the report. “We observed that the group managed to gain access to the personal Gmail account of a prominent political advisor. Along with our usual actions of promptly securing any compromised account and sending government-backed attacker alerts to the targeted accounts, we proactively reported this malicious activity to law enforcement in early July and are currently collaborating with them.”
The company notified campaign officials that they detected “increased malicious activity originating from foreign state actors and emphasized the importance of enhanced account security measures on personal email accounts.”
The report is the most recent from a major technology company cautioning about malicious Iranian activities during this election season.
Microsoft recently alerted that Iranians were targeting an undisclosed campaign official from a presidential campaign, among other disinformation campaigns they were conducting.
MORE: US says it’s preparing for ‘significant’ Iran attack on Israel as early as ‘this week’
The FBI previously confirmed they were looking into the hack on the Trump campaign, and sources indicated that they were also investigating the attempted hack on the Biden campaign.
Israeli officials have also been targeted.
“APT42 tried to use social engineering to target former senior Israeli military officials and an aerospace executive by sending emails pretending to be a journalist seeking comment on recent air strikes,” as per Google. “They also sent social engineering emails to Israeli diplomats, academics, NGOs, and political entities. The emails were sent from accounts hosted by various email service providers and did not contain harmful content.”
They have also utilized fake petitions from legitimate organizations to carry out phishing attacks.
“APT42 is a sophisticated, persistent threat actor and they show no signs of stopping their attempts to target users and deploy novel tactics,” according to Google. “This spring and summer, they have shown the ability to run numerous simultaneous phishing campaigns, particularly focused on Israel and the U.S. As hostilities between Iran and Israel intensify, we can expect to see increased campaigns there from APT42.”