After Microsoft’s warning, Google has now alerted that Iranian hackers are targeting the upcoming US presidential election. According to Google’s latest intelligence, a group called APT42, linked to the Islamic Revolutionary Guard Corps (IRGC), is behind these threats. Over the past six months, 60% of APT42’s cyber activities have been focused on Israel and the US, using phishing and social engineering tactics to compromise Gmail accounts, especially those of high-profile individuals.
APT42 has targeted sectors like military, defense, diplomacy, academia, and civil society, stealing credentials through phishing. In the US, they have focused on the Trump and Biden campaigns, targeting the personal email accounts of former government officials and campaign staff. Despite ongoing countermeasures, APT42 continues to attempt, albeit unsuccessfully, to breach accounts linked to President Biden, Vice-President Kamala Harris, and former President Donald Trump.
Google has noted that APT42 uses sophisticated tactics, including spoofing two-factor authentication (2FA) prompts to appear legitimate. In response, Google recommends high-risk individuals, such as elected officials, candidates, campaign workers, journalists, and government officials, enroll in its Advanced Protection Program to safeguard against such attacks.
As the US presidential election approaches, the risk of cyber threats from groups like APT42 is expected to remain high, making enhanced security measures essential.
