(AFP) – Google on Tuesday confirmed that hackers backed by Iran are targeting the campaigns of U.S. presidential rivals Kamala Harris and Donald Trump. A hacker group known as “APT42,” linked to Iran’s Islamic Revolutionary Guard Corps, went after high-profile individuals and organizations in Israel and the United States, including government officials and political campaigns, according to a threat report released by Google.
Democratic presidential candidate Kamala Harris’s campaign said Tuesday it had been targeted by foreign hackers, just days after rival Donald Trump’s campaign suggested that it had been hacked by Iran. “In July, the campaign legal and security teams were notified by the FBI that we were targeted by a foreign actor influence operation,” a Harris campaign official told AFP. “We have robust cybersecurity measures in place and are not aware of any security breaches of our systems resulting from those efforts.”
Google’s threat analysis group continues to see unsuccessful attempts from APT42 to compromise personal accounts of individuals affiliated with President Joe Biden, Vice President Harris, and Trump, the report stated.
The hacking group operates by gleaning information about targets and tailoring “phishing” efforts to dupe victims into revealing login information for accounts like Gmail. Examples given in the report included posing as a think tank or other credible contact to lure victims to fake video meeting landing pages, where log-in credentials are needed to participate. While technical tools abound in hacker arsenals, some opt for “social engineering” tactics that trick people into clicking on booby-trapped links or logging in to realistic replicas of legitimate web pages.
Google stated that it disrupted APT42 attempts to hack the campaigns of Biden and Trump in 2020. In May and June of this year, the Iranian hacker group’s targets included personal email accounts of about a dozen people affiliated with Biden or Trump, and Google blocked numerous attempts by APT42 to log in to their accounts, according to the report. Google also reported that the group accessed the personal Gmail account of an influential political consultant.
“APT42 is a sophisticated, persistent threat actor, and they show no signs of stopping their attempts to target users and deploy novel tactics,” Google said. “This spring and summer, they have shown the ability to run numerous simultaneous phishing campaigns, particularly focused on Israel and the United States.”
Google urged high-risk individuals associated with the upcoming election to remain vigilant and to take advantage of ramped-up defenses offered by the internet firm. The U.S. State Department warned Iran on Monday of consequences over election interference, following the Trump campaign’s announcement that it had been hacked. The Trump campaign has suggested that Iran was behind the breach, which resulted in private documents being sent to reporters, including research the campaign used to vet running mate J.D. Vance.
It warned media outlets against reprinting the documents, stating that such action would be “doing the bidding of America’s enemies.” This tone was notably different from 2016, when Trump said at a news conference that he hoped Russia would “find” Hillary Clinton’s emails, remarks widely viewed as encouraging further hacks of his election opponent. U.S. intelligence concluded that Russia intervened in the 2016 election to support Trump, who has rejected the findings.
– Glenn CHAPMAN
© 2024 AFP
