Google confirmed on Tuesday that Iranian-backed hackers are targeting the US presidential campaigns of Kamala Harris and Donald Trump.
According to a Google threat report, a hacking group known as “APT42,” which is linked to Iran’s Islamic Revolutionary Guard Corps, has been focusing on high-profile individuals and organizations in Israel and the United States, including government officials and political campaigns.
The Harris campaign acknowledged the threat, stating that they were notified by the FBI in July about being targeted by a foreign influence operation.
Despite the attempts, they reported no successful breaches. Google’s analysis shows ongoing, unsuccessful efforts by APT42 to access personal accounts associated with President Biden, Vice President Harris, and Trump.
The hackers primarily use phishing techniques, pretending to be credible contacts to trick victims into revealing their login information.
For example, they might pose as representatives of think tanks and lure victims into entering credentials on fake video meeting pages.
Google disrupted similar attempts by APT42 to hack Biden and Trump’s campaigns during the 2020 election cycle.
In recent months, the group has tried to infiltrate personal email accounts of individuals connected to Biden and Trump, but Google’s security measures blocked these attempts.
The report also highlighted that APT42 successfully compromised the Gmail account of a prominent political consultant.
Google described APT42 as a sophisticated and persistent threat, capable of running multiple phishing campaigns simultaneously, particularly targeting Israel and the United States.
The company urged high-risk individuals involved in the upcoming election to stay vigilant and take advantage of enhanced security measures.
