According to researchers at Microsoft, hackers with ties to the Iranian government attempted to break into the account of a “high ranking official” on the U.S. presidential campaign in June.
No details were released on the official’s identity, but the researchers said that the breaches related to increasing attempts to influence the U.S. presidential election in November.
“Iranian actors have recently laid the groundwork for influence operations aimed at US audiences and potentially seeking to impact the 2024 US presidential election. This recent cyber-enabled influence activity arises from a combination of actors which are conducting initial cyber reconnaissance and seeding online personas and websites into the information space,” according to the Aug. 9 report.
The attempted breach occurred just weeks after the account of a county-level U.S. official was compromised, the report said.
“A group run by the Islamic Revolutionary Guard Corps (IRGC) intelligence unit sent a spear-phishing email to a high-ranking official of a presidential campaign,” and “another group with assessed links to the IRGC compromised a user account with minimal access permissions at a county-level government,” the report said.
U.S. Intelligence officials recently stated that Iran had been hard at work sowing political discord in the United States via the use of clandestine or ghost social media accounts. Iran has denied that such practices are taking place and said that any actions against the U.S. are purely defensive and do not involve cyber-attacks.
The report went on to say that the hackers’ activity also covered a wider scope, which involved gaining intelligence on U.S. political campaigns, which allowed Iranian groups to target political swing states in the U.S.
It also stated that the previous breach involving the county official, which happened in May, was part of a wider “password spray operation.” Such an operation involves the use of common or leaked passwords, which hackers use on multiple accounts until they find a match and break into one.
The report confirmed that no other accounts were compromised through the breach and that all other targeted officials were notified of the cyber attack.
Furthermore, another Iranian group also created fake news sites using AI, which took content from legitimate news sites and distributed the collected information to U.S. voters on opposite sides of the political spectrum, according to the researchers.
The report named two sites: Nio Thinker, a left-leaning site, and Savannah Time, a conservative site.
Upon review on Aug. 9, both websites’ “About Us” pages had similar formats but did not list any contact details.
Nio Thinker referred to itself as “your go-to destination for insightful, progressive news and analysis that challenges the status quo.”
Savannah Time said it is “a reflection of the values that make Savannah unique” and a place “where conservative values meet local insight.”
The Office of the Director of National Intelligence (ODNI) released a statement in late July in which it confirmed that Iranian groups had targeted the U.S. political campaign, specifically that of former President Donald Trump, to influence the upcoming election.
“The US intelligence community has observed Tehran working to influence the presidential election, probably because Iranian leaders want to avoid an outcome they perceive would increase tensions with the United States.”
Reuters contributed to this article