MercoPress. South Atlantic News Agency

Iranian hackers target Trump and Harris' camps

Google singled out ATP42 to be behind the maneuvers

The Iranian State-backed hacking group APT42 has been targeting the campaign headquarters of the two main political parties in the United States, Google said.

“The personal email accounts of roughly a dozen individuals affiliated with President Biden and with former President Trump,” Google's Threat Analysis Group wrote Wednesday.

“In May and June, APT42 targeted the messaging accounts of a dozen people close to President Joe Biden and former President Donald Trump, including former and current US government officials and people associated with their respective campaigns,” the Google team analyzing online threats warned.

Although “numerous attempts by APT42 to connect to the personal messages of the individuals under attack” have been blocked, the threat is still ongoing, the Google specialists noted. The cybersecurity experts “continue to observe unsuccessful attempts by APT42 to compromise the accounts of people affiliated with President Joe Biden, Vice President Kamala Harris, and former President Donald Trump,” they insisted.

The cyberpirates were said to contact their targets by posing as journalists to then send “phishing” emails containing fake links with which they seek to gain access to their victims' accounts.

According to Google, APT42 is a group of hackers associated with the Islamic Revolutionary Guard Corps (IRGC). The group has also tried to infiltrate government and diplomatic officials both in the US and Israel, it was explained.

Campaign teams of Vice President Kamala Harris and former President Donald Trump have both acknowledged they had suffered cyber attacks from abroad. On Monday, the United States warned Iran that it would be exposed to retaliation if it tried to interfere in the presidential elections.

APT42 is an Iranian state-sponsored cyber espionage group tasked with collecting information on individuals and organizations of strategic interest to Tehran by using highly targeted spear-phishing and social engineering techniques designed to build trust and rapport with their victims to access their personal or corporate email accounts or to install Android malware on their mobile devices. In addition, APT42 infrequently uses Windows malware to complement their credential harvesting and surveillance efforts.