Microsoft: Iran-aligned hackers targeted 'high-ranking official' in US presidential campaign

Microsoft says Iranian group is linked to the Islamic Revolutionary Guard Corps

A group of hackers aligned with Iran’s Islamic Revolutionary Guard Corps have targeted a "high-ranking official" inside a U.S. presidential campaign ahead of this November’s election, Microsoft has revealed. 

The technology company says the alleged incident is part of a wave of activity "we’ve been tracking that increasingly points to Iran’s intent to influence" the race. 

Microsoft wrote on its blog that the Iranian group linked to the IRGC "sent a spear phishing email in June to a high-ranking official on a presidential campaign from the compromised email account of a former senior advisor." 

"The email contained a link that would direct traffic through a domain controlled by the group before routing to the website of the provided link. Within days of this activity, the same group unsuccessfully attempted to log into an account belonging to a former presidential candidate," it added. "We’ve since notified those targeted." 

SECURITY FIRM EXPERIENCING NIGHTMARE AFTER LEARNING REMOTE EMPLOYEE IS NORTH KOREAN HACKER 

Microsoft did not identify which campaign the target belonged to, but at that time, President Biden was running for re-election against former President Trump and Vice President Harris had yet to enter the race. 

Representatives for the Biden, Trump and Kennedy campaigns did not immediately respond Friday to requests for comment from FOX Business. A Harris campaign official tells FOX Business that the campaign has not been notified by Microsoft of any campaign accounts having been targeted in this manner.

Ticker Security Last Change Change %
MSFT MICROSOFT CORP. 415.76 +0.76 +0.18%

A separate Iranian group has managed though to infiltrate the account of a county-level government employee in a swing state, according to Microsoft. 

DEMOCRATS LAUNCH ‘CRYPTO FOR HARRIS’ CAMPAIGN TO COUNTER TRUMP’S INDUSTRY APPEAL 

"The compromise was part of a broader password spray operation and Microsoft Threat Intelligence did not observe the actor gain additional access beyond the single account, making it hard to discern the group’s ultimate objectives," it said. "Since early 2023, [that] group’s operations have focused on strategic intelligence collection particularly in satellite, defense, and health sectors with some targeting of U.S. government organizations, often in swing states." 

Microsoft also says that a third Iranian group has been launching bogus news websites aimed at American voters on both sides of the political spectrum. 

It described one of the sites as catering to left-leaning audiences – with insults of former President Trump – while another "claims to be a ‘trusted source for conservative news in the vibrant city of Savannah’ and focuses on topics including LGBTQ+ issues and gender reassignment." 

CLICK HERE TO READ MORE ON FOX BUSINESS        

"The evidence we found suggests the sites are using AI-enabled services to plagiarize at least some of their content from U.S. publications," Microsoft said, adding that "we share intelligence like this so voters, government institutions, candidates, parties, and others can be aware of influence campaigns and protect themselves from threats." 

Load more..