Microsoft researchers report Iran hackers targeting US officials before election

The hackers weren’t able to access any other accounts through that breach and the targets were notified, the report added. (AFP/File)
Short Url
  • Breaches appear to be part of a broader, coordinated campaign that also involves covert social media accounts, news site
  • ‘US presidential election is matter in which Iran does not interfere,’ Tehran mission to UN says

WASHINGTON: Microsoft researchers said on Friday that Iran government-tied hackers tried breaking into the account of a “high ranking official” on the US presidential campaign in June, weeks after breaching the account of a county-level US official.
The breaches were part of Iranian groups’ increasing attempts to influence the US presidential election in November, the researchers said in a report that did not provide any further detail on the “official” in question.
The report follows recent statements by senior US Intelligence officials that they’d seen Iran ramp up use of clandestine social media accounts with the aim to use them to try to sow political discord in the United States.
Iran’s mission to the United Nations in New York told Reuters in a statement that its cyber capabilities were “defensive and proportionate to the threats it faces” and that it had no plans to launch cyberattacks. “The US presidential election is an internal matter in which Iran does not interfere,” the mission added in response to the allegations in the Microsoft report.
“A group run by the Islamic Revolutionary Guard Corps (IRGC) intelligence unit sent a spear-phishing email to a high-ranking official of a presidential campaign” and “another group with assessed links to the IRGC compromised a user account with minimal access permissions at a county-level government,” the report said.
It said the activity appeared part of a broader push by Iranian groups to gain intelligence on US political campaigns and target US swing states. It said the county employee’s account was breached in May as part of a wider “password spray operation” — one where hackers use common or leaked passwords en masse on many accounts until they can break into one.
The hackers weren’t able to access any other accounts through that breach and the targets were notified, the report added.
The researchers also said another Iranian group had been launching “covert” news sites that used artificial intelligence to lift content from legitimate news sites, and targeted US voters on opposite sides of the political spectrum. It named the two sites as Nio Thinker — a left-leaning site — and a conservative site called Savannah Time.
When browsed on Friday, both websites had similar formats on their ‘About Us’ page, and neither listed any contact detail. Nio Thinker calls itself “your go-to destination for insightful, progressive news and analysis that challenges the status quo,” while Savannah Time says it is “a reflection of the values that make Savannah unique” and a place “where conservative values meet local insight.”

The Yazidi nightmare
Ten years after the genocide, their torment continues

Enter


keywords