Hackers linked to the APT42 group targeted US presidential campaigns, according to a Google report. (seksan Mongkhonkhamsao/Getty Images)
- Google reported that Iranian hackers, associated with the
group “APT42” linked to Iran’s Islamic Revolutionary Guard Corps,
targeted the US presidential campaigns of Kamala Harris and Donald Trump. - The hackers
employed phishing techniques to attempt to steal login information and have
been consistently targeting individuals affiliated with President Joe Biden,
Vice President Harris, and Donald Trump without success. - Google says it thwarted previous attempts by APT42
targeting the campaigns of Biden and Trump in 2020.
Google on Tuesday confirmed that hackers backed by Iran are
targeting the campaigns of US presidential rivals Kamala Harris and Donald
Trump.
A hacker group known as “APT42” linked to Iran’s
Islamic Revolutionary Guard Corps went after high-profile individuals and organisations
in Israel and the United States, including government officials and political
campaigns, according to a threat report released by Google.
Democratic presidential candidate Kamala Harris’s campaign
said Tuesday it had been targeted by foreign hackers, days after rival Donald
Trump’s campaign suggested that it had been hacked by Iran.
“In July, the campaign legal and security teams were
notified by the FBI that we were targeted by a foreign actor influence
operation,” a Harris campaign official told AFP.
“We have robust cybersecurity measures in place and are
not aware of any security breaches of our systems resulting from those
efforts.”
FOLLOW IT LIVE | DEVELOPING: Trump heads to North Carolina as allies push for messaging shift
Google’s threat analysis group continues to see unsuccessful
attempts from APT42 to compromise personal accounts of individuals affiliated
with President Joe Biden, Vice President Harris and Trump, the report said.
Phishing
The hacking group works by gleaning information about
targets and tailoring “phishing” efforts to dupe victims into
revealing log-in information for accounts like Gmail.
Examples given in the report included posing as a think tank
or other credible contact to lure victims to fake video meeting landing pages,
where log-in credentials are needed to take part.
While technical tools abound in hacker arsenals, some opt
for “social engineering” tactics that trick people into clicking on
booby-trapped links or logging in to realistic replicas of legitimate web
pages.
Google said it disrupted APT42 attempts to hack the
campaigns of Biden and Trump in 2020.
In May and June of this year, the Iranian hacker group’s
targets included personal email accounts of about a dozen people affiliated
with Biden or Trump and Google blocked numerous attempts by APT42 to log in to
their accounts, according to the report.
Google also reported that the group got into the personal
Gmail account of an influential political consultant.
“APT42 is a sophisticated, persistent threat actor and
they show no signs of stopping their attempts to target users and deploy novel
tactics,” Google said.
“This spring and summer, they have shown the ability to
run numerous simultaneous phishing campaigns, particularly focused on Israel
and the United States.”
Google urged high-risk individuals associated with the
coming election to remain vigilant and to take advantage of ramped-up defences
offered by the internet firm.
The US State Department warned Iran on Monday of
consequences over election interference following the Trump campaign’s
announcement that it had been hacked.
The Trump campaign has suggested that Iran was behind the
breach, which resulted in private documents being sent to reporters, including
research the campaign used to vet running mate J.D. Vance.
It warned media outlets against reprinting the documents,
saying that such action would be “doing the bidding of America’s
enemies.”
The tone was different from 2016, when Trump said at a news
conference that he hoped Russia would “find” Hillary Clinton’s
emails, remarks widely viewed as encouraging further hacks of his election
opponent.
US intelligence concluded that Russia intervened in the 2016
election to support Trump, who has rejected the findings.
