Google says it has found Iranian hackers hitting top US presidential election targets

News
By published

Google releases intelligence on Iranian attacks against US election campaigns

Google's Mountain View headquarters
(Image credit: Shutterstock / Michael Vi)

Google has issued a warning about Iranian threat actors targeting the US presidential elections.

Following earlier research from Microsoft lifting the lid on similar threats, Google has now published an intelligence report showing that a threat actor tracked as APT42 has targeted a number of organizations related to the US presidential election.

The report claims 60% of the attacks from APT42 have targeted Israel and the US over the past six months, including phishing attacks and social engineering to compromise Gmail accounts of high-profile individuals.

APT42 targeting US elections

APT42 has connections to the Islamic Revolutionary Guard Corps (IRGC), and has launched a number of social engineering campaigns using fake pages that disguise themselves as the Jewish Agency for Israel calling for a ceasefire. APT42 has also targeted a number of military, defense, diplomatic, academic, and civil targets with phishing campaigns for credential theft.

In the US however, APT42 has targeted both the Trump and Biden campaigns in phishing attacks aimed at the personal email accounts of many former US government and campaign officials. Several of these attacks were successful, including one against a high-profile political consultant.

These phishing campaigns have not ceased, and Google states that it is seeing continued unsuccessful attacks against individuals related to President Biden, Vice-President Kamala Harris, and former president Donald Trump.

APT42 has been observed using tactics such as identifying accounts that use Device Prompts for two-factor authentication, and then use login or account recovery attempts spoofed to appear in the same geographic location alongside their credentials to appear as an authentic second factor prompt.

Google recommends high-risk individuals, including elected officials, candidates, campaign workers, journalists, election workers, government officials, should sign up to Google’s Advanced Protection Program, which provides free additional protection measures against phishing and unauthorized access.

More from TechRadar Pro

TOPICS
Benedict Collins
Benedict Collins
Staff Writer (Security)

Benedict has been writing about security issues for over 7 years, first focusing on geopolitics and international relations while at the University of Buckingham. During this time he studied BA Politics with Journalism, for which he received a second-class honours (upper division), then continuing his studies at a postgraduate level, achieving a distinction in MA Security, Intelligence and Diplomacy. Upon joining TechRadar Pro as a Staff Writer, Benedict transitioned his focus towards cybersecurity, exploring state-sponsored threat actors, malware, social engineering, and national security. Benedict is also an expert on B2B security products, including firewalls, antivirus, endpoint security, and password management.

Read more
A hand reaching out to touch a futuristic rendering of an AI processor.
Google says Gemini is being misused to launch major cyberattacks
QR Code
Hackers are targeting Signal with new QR code-linked cyberattack
China
Microsoft says Chinese Silk Typhoon hackers are targeting cloud and IT apps to steal business data
Flags of Iran, China, Russia and North Korea on a wall. China North Korea Iran Russia alliance
Cybercrime is helping fund rogue nations across the world - and it's only going to get worse, Google warns
Hook on Keyboard
Fake DocuSign and HubSpot phishing emails target 20,000 Microsoft Azure accounts
Fraude en ligne phishing
Google Search ads are being hacked to steal account info
Latest in Pro
Squarespace
Build a website for less with 10% off Squarespace subscriptions
UK Prime Minister Sir Kier Starmer
UK PM says AI should soon replace civil servants
Image depicting hands typing on a keyboard, with phishing hooks holding files, passwords and credit cards.
Microsoft warns about a new phishing campaign impersonating Booking.com
Ransomware
Microsoft uncovers sleuthy new XCSSET MacOS malware campaign
An image of network security icons for a network encircling a digital blue earth.
Why effective cybersecurity is a team effort
Computer Hacked, System Error, Virus, Cyber attack, Malware Concept. Danger Symbol
Meta warns of worrying security flaw hitting open source type software
Latest in News
A graphic of the PC Gaming Show
Get ready for a bounty of PC games on June 8, as the PC Gaming show is back
A smartphone on a sofa showing the WhatsApp, Telegram and Signal apps
Forget AI – WhatsApp is planning a simple messages feature that could be its most useful upgrade in years
NordicTrack Ultra 1
The new NordicTrack Ultra 1 treadmill looks like it was designed by an architect and costs $15,000
An Nvidia GeForce RTX 5070
Nvidia RTX 5080 stock is so barren that retailers are holding competitions where you can "win" the right to buy one for MSRP
Assassin's Creed Shadows
Ubisoft shareholder accuses publisher of 'misleading investors', plans protest outside Paris HQ
Google Gemini AI logo on a smartphone with Google background
I made an AI version of Bilbo Baggins using Goggle Gemini for free, and shared a pipe with him outside Bag End – here’s what you can now do with Gems
More about pro
Ransomware

Microsoft uncovers sleuthy new XCSSET MacOS malware campaign
Hand holding smartphone and scan fingerprint biometric identity for unlock her mobile phone

Biometrics add another layer of security to passwordless authentication
Global Special Forces server

AI server designed for Chinese military use wins major global design award in Europe
See more latest
Most Popular
Global Special Forces server
AI server designed for Chinese military use wins major global design award in Europe
Ransomware
Microsoft uncovers sleuthy new XCSSET MacOS malware campaign
A smartphone on a sofa showing the WhatsApp, Telegram and Signal apps
Forget AI – WhatsApp is planning a simple messages feature that could be its most useful upgrade in years
A graphic of the PC Gaming Show
Get ready for a bounty of PC games on June 8, as the PC Gaming show is back
Hand holding smartphone and scan fingerprint biometric identity for unlock her mobile phone
Biometrics add another layer of security to passwordless authentication
An Nvidia GeForce RTX 5070
Nvidia RTX 5080 stock is so barren that retailers are holding competitions where you can "win" the right to buy one for MSRP
Assassin's Creed Shadows
Ubisoft shareholder accuses publisher of 'misleading investors', plans protest outside Paris HQ
Gemini 2.0
Gemini Deep Research just got even smarter and it’s now free for everyone to try - here's why you should give it a go
Google Gemini AI logo on a smartphone with Google background
I made an AI version of Bilbo Baggins using Goggle Gemini for free, and shared a pipe with him outside Bag End – here’s what you can now do with Gems
Google Gemini with Search history access. Image says "Get help from AI that gets you"
Google just gave Gemini a superpower by allowing it to access your Search history - here's why I'm excited and also a little terrified