HQ/EMEAFind out how we can help your business
An alleged Iranian-backed hacking group have increased its phishing campaigns that target various individuals in Israel and the United States, especially the ones associated with the US presidential campaigns.
Based on reports, APT42 is the threat group that operates this surge of phishing attacks. The group gained its notoriety after targeting former senior Israeli military officers, diplomats, academics, political institutions, and other individuals during the last six months.
Researchers have revealed that the hacking group is slowly but steadily increasing its credential phishing operation in the United States.
APT42 targeted the email accounts of people linked to the US presidential campaigns.
In May and June, the Iran-based threat group targeted the personal email accounts of a dozen individuals connected to the US presidential campaigns, regardless of party affiliation.
Researchers also revealed that APT42 employs advanced social engineering techniques, such as impersonating respectable individuals or organisations, such as the Brookings Institution or the Institute for the Study of War, to acquire their targets’ trust.
In one incident, the group attempted to target former senior Israeli military officials and an aerospace executive by impersonating a journalist and soliciting inquiries on recent airstrikes. The hackers’ initial emails frequently contained no hostile attachments and were intended to engage the recipients in discussion to convince them of their legitimacy and breach them gradually.
In another recent study, Microsoft warned that Iranian state-sponsored threat groups had improved their efforts to influence the upcoming US election, seeking to compromise the process and hack into the campaign of an unknown presidential contender and creating fake news websites targeting conservative and liberal voters.
Google also claimed that it is still monitoring APT42’s attempts to hack the personal accounts of Vice President Kamala Harris, persons affiliated with both parties and current and former government officials.
These attacks have resulted in US officials expressing their concern over Iran’s potential attempts to intervene in the US elections through cyberattacks, espionage and influence campaigns.
Therefore, cybersecurity providers, especially those in charge of the US elections, are expected to fortify defences to avoid unwanted events that could disrupt upcoming political events.
