A hacking group associated with the Iranian government attempted to infiltrate the email accounts of staff members involved in U.S. presidential campaigns as part of a broader effort to gather intelligence before the U.S. election, Microsoft Corp. announced on Friday.
In June, attackers linked to the Islamic Revolutionary Guard Corps used a compromised email account from a former political adviser to attempt phishing a high-ranking official from a presidential campaign, according to findings from Microsoft’s Threat Analysis Center. The group, identified by Microsoft as Mint Sandstorm, also made an unsuccessful attempt to access the account of a former presidential candidate. The report did not disclose the names of the targets.
Additionally, the report highlighted that other Iranian groups are using artificial intelligence to create and disseminate content online that insults former President Donald Trump and to produce inflammatory posts on contentious issues such as gender reassignment surgery.
Microsoft researchers further noted that Iranian groups, historically involved in efforts to undermine trust in the electoral system, have been preparing since March to launch influence operations. These operations use websites filled with fabricated and plagiarized content to amplify polarizing political messages on topics such as presidential candidates and the Israel-Hamas conflict.
These findings provide further evidence that foreign governments are engaging in covert activities ahead of the U.S. elections in November. In July, American intelligence officials warned that Russia, China, and Iran were recruiting individuals within the U.S. to spread propaganda. An Iranian government representative denied these allegations.
In 2020, Iranian operatives impersonated members of the right-wing Proud Boys group as part of a voter intimidation effort, leading to charges against two men. That same year, Iranian hackers breached a website used by a U.S. municipal government to publish election results, though they were caught before executing any malicious actions, according to U.S. cybersecurity officials.
Nation-state hackers have long targeted American political campaigns through email attacks, such as the 2016 Russian hack in which a state-sponsored group ultimately leaked internal emails from Hillary Clinton’s staffers.
On Wednesday, the U.S. State Department identified six alleged Iranian hackers accused of compromising industrial control systems used by American public utilities.
The Iranian government did not immediately respond to requests for comment.
