close
close

Google accuses Iranian group of trying to hack US presidential campaigns

Posted on by angelo
Google accuses Iranian group of trying to hack US presidential campaigns

NEW YORK –

Google announced Wednesday that an Iranian group linked to the Revolutionary Guards had attempted to infiltrate the personal email accounts of a dozen people linked to President Joe Biden and former President Donald Trump since May.

The tech company’s threat intelligence arm said the group was still actively targeting people associated with Biden, Trump and Vice President Kamala Harris, who replaced Biden as the Democratic nominee last month when he dropped out of the presidential race. It said those targeted included current and former government officials, as well as presidential campaign affiliates.

A new report from Google’s threat intelligence group confirms and expands on a Microsoft report released Friday that revealed a suspected Iranian hack into this year’s U.S. presidential election. It sheds light on how foreign adversaries are stepping up their efforts to disrupt the election that’s less than three months away.

According to Google’s report, its threat researchers have detected and disrupted a “low but steady cadence” of attacks by Iranian attackers using email credential phishing, a type of cyberattack in which the attacker impersonates a trusted sender to try to trick an email recipient into sharing their login information. John Hultquist, the company’s chief threat intelligence analyst, said the company sends suspected targets of these attacks a Gmail pop-up warning them that a government-backed attacker may be trying to steal their passwords.

According to the report, Google observed that the group had gained access to the personal Gmail account of a top political consultant. Google reported the incident to the FBI in July. Microsoft’s report released Friday shared similar information, noting that the email account of a former senior adviser to a presidential campaign was compromised and used as a weapon to send a phishing email to a senior campaign official.

The group is well-known to Google’s threat intelligence arm and other researchers, and this isn’t the first time it has tried to interfere in U.S. elections, Hultquist said. The report notes that the same Iranian group targeted the Biden and Trump campaigns with phishing attacks during the 2020 cycle, starting in June of that year.

The group has also conducted other cyber espionage activities, including in the Middle East, the report said. In recent months, as the war between Israel and Hamas has fueled tensions in the region, these activities have included launching email phishing campaigns targeting Israeli diplomats, academics, nongovernmental organizations and military affiliates.

Trump’s campaign claimed Saturday that its system had been hacked and sensitive internal documents stolen and distributed. It blamed Iranian actors for the attacks.

The same day, Politico revealed that it had received leaked internal Trump campaign documents via email, though it was unclear whether the leaked documents were related to alleged Iranian cyber activity. The Washington Post And The New York Times I also received the documents.

While the Trump campaign has not provided specific evidence linking Iran to the hack, Trump and his longtime friend and former adviser Roger Stone have both said they were contacted by Microsoft about alleged computer intrusions. Stone’s email was compromised by hackers targeting the Trump campaign, a person familiar with the matter said.

Google and Microsoft declined to identify the individuals targeted by the Iranian intrusion attempts or confirm that Stone was among them. Google confirmed that the Iranian group mentioned in its report, which it calls APT42, is the same one mentioned in Microsoft’s research. Microsoft refers to the group as Mint Sandstorm.

The Harris campaign declined to say whether it had identified any attempted intrusions at the state level, but said it was vigilantly monitoring cyber threats and was not aware of any security breaches in its systems.

The FBI confirmed Monday that it was investigating the Trump campaign intrusion. Two people familiar with the matter said the FBI was also investigating attempts to access the Biden-Harris campaign.

The reports of Iranian hacks come as U.S. intelligence agencies have warned of persistent and growing efforts by Russia and Iran to influence U.S. elections through their online activities. Beyond these hacking incidents, groups linked to these countries have used fake news sites and social media accounts to produce content that appears designed to influence voters’ opinions.

While neither Microsoft nor Google have elaborated on Iran’s intentions in the U.S. presidential race, U.S. officials have previously suggested that Iran is particularly opposed to Trump. U.S. officials have also expressed concern about Tehran’s efforts to seek retaliation for a 2020 strike against an Iranian general ordered by Trump.

The Iranian mission to the United Nations, asked about the Trump campaign’s allegations, denied any involvement.

“We do not believe this information,” the mission told The Associated Press. “The Iranian government has no intention or motive to interfere in the U.S. presidential election.”

The mission did not immediately respond to a request for comment Wednesday on Google’s report.