APT42's Active Israel Phishing
Google is verifying recent accusations that APT42 has been targeting accounts related to the US presidential election
APT42, which is linked to Iran’s Islamic Revolutionary Guard Corps (IRGC), frequently targets prominent users in Israel and the United States
APT42 increased Israeli consumer targeting in April 2024. They targeted academics, NGOs, diplomats, and Israeli military and defence officials
In their email phishing efforts, APT42 employs a range of strategies, such as hosting malware, creating phishing pages, and using malicious redirects
TAG destroyed APT42's infrastructure by resetting stolen accounts, notifying targeted users of government-backed attacker warnings
Google removed several Google Sites set up by APT42 that purported to be a petition from the authentic Jewish Agency for Israel
The emails didn’t contain any malicious material, and they were sent from accounts housed by different email service providers
TAG discovered and stopped a tiny but consistent pattern of phishing attempts using APT42’s Cluster C credential
APT42 has been successful in breaching accounts with a number of different email providers
For more details Visit Govindhtech.com