Google's Threat Team Reports Iranian Targeting of US Political Campaigns

Thursday, 15 August 2024, 18:26
Google confirms Iranian-backed APT42 targeting Trump, Biden, and Harris campaigns. This group is exploiting various methods to breach security across major platforms.
Ars Technica
Google's Threat Team Reports Iranian Targeting of US Political Campaigns

Google Discovers Iranian Cyber Threats

Google's Threat Analysis Group has confirmed that Iranian cyber actors, specifically APT42, are actively targeting Google accounts associated with significant US presidential campaigns, including Trump, Biden, and Harris. These attacks are part of a broader strategy to disrupt political processes using advanced tactics.

Methods of Attack

APT42 employs a variety of malicious techniques:

  • Hosted malware
  • Phishing pages
  • Malicious redirects

These methods aim to compromise cloud-based accounts on services like Google Drive and Dropbox.

Response from Google

In response, Google's TAG has reset compromised accounts, dispatched warnings, and blacklisted domains linked to phishing attempts initiated by APT42. According to reports, the Iranian group even fabricated Google Sites pages masquerading as petitions from genuine activists, leading users to phishing sites.

This article was prepared using information from open sources in accordance with the principles of Ethical Policy. The editorial team is not responsible for absolute accuracy, as it relies on data from the sources referenced.

Related posts

Newsletter

Subscribe to our newsletter for the most reliable and up-to-date tech news. Stay informed and elevate your tech expertise effortlessly.

Subscribe