Google issued warning against the Iranian Hackers

Google has issued a warning about an Iran-backed hacking group targeting US presidential election campaigns

The group, known as APT42, has been linked to Iran’s Islamic Revolutionary Guard Corps and has consistently targeted high-profile users in the US and Israel. According to Google’s Threat Analysis Group, APT42 uses various tactics, including email phishing campaigns, to compromise the personal accounts of individuals affiliated with political campaigns and government officials. Google has confirmed that there have been failed attempts by APT42 to compromise the personal accounts of individuals associated with President Joe Biden, Vice President Kamala Harris, and former President Donald Trump. The company notes that APT42 is a sophisticated and persistent threat actor that shows no signs of stopping its attempts to target users and deploy novel tactics.

Multiple phishing campaigns under APT42 involve hosting malware, phishing pages, and malicious redirects, often abusing services such as Google Drive, Dropbox, and OneDrive. Google has informed campaign officials about the heightened malicious activity from foreign state actors and underscored the importance of enhanced account security protections on personal email accounts. The warning comes as hackers and threat actors often increase their activity ahead of significant political events. Google’s blog post highlights the need for vigilance and robust security measures to protect against these threats. The company’s Threat Analysis Group is working to disrupt APT42’s activities and protect users from their phishing campaigns.