Firing up #Irangate? Microsoft says US presidential campaign accounts targeted by Iran hackers

4 Oct, 2019 17:00 / Updated 5 years ago

A ‘threat group’ believed to originate in Iran has attacked some 241 email accounts, including some associated with a US presidential campaign and current and former US officials, according to Microsoft.

The hacking group, dubbed “Phosphorous,” used personal information gathered by researching the targets, including phone numbers, to game password reset and account recovery features and gain entry into their email accounts, Microsoft reported on Friday.

While the attacks were “not technically sophisticated,” they still managed to compromise four of the targeted accounts - though not, Microsoft stressed, any of those associated with presidential campaigns or government officials.

Also on rt.com Pompeo claims Iran is transferring oil off Syrian coast, calls for international response if cargo is delivered to Damascus

Between August and September, Phosphorous made over 2,700 attempts to identify targets’ email accounts and then attacked 241 of them, Microsoft claims. In addition to government figures, they went after journalists and prominent Iranian expats. The amount of personal information used suggests the hackers are “highly motivated and willing to invest significant time and resources” gathering information, the company warned.

Microsoft believes Phosphorous is connected to the Iranian government, though the company did not explain how it reached that conclusion, and that they are operating from within Iran.

Also on rt.com Iran says it foiled ASSASSINATION plot against elite Quds brigade commander Soleimani

The company also took the opportunity to advertise its AccountGuard software, which monitors sign-in efforts and password resets, and its “Defending Democracy Program,” including ElectionGuard - a “cybersecurity toolkit” developed in partnership with a defense contractor owned by the Pentagon to “secure” democratic elections. The latter has raised eyebrows from privacy advocates who don’t believe the Pentagon has any business “protecting” the vote.

Even before specific information about whose accounts had been targeted emerged, Twitter’s blue-checks were already blaming President Donald Trump.

Trump's open invitation to foreign government intelligence services that they should interfere in our elections has been received loud and clear,” smirked one user. “Interference in our elections is OK only when President Trump personally invites it—at least that’s the message we’ll soon be hearing,” sneered another. 

The Democratic National Committee circulated an alert warning that Phosphorous may “create believable spear phishing emails and fake LinkedIn profiles as primary tactics” and warned officials to beef up their security.

The US has targeted Iran with cyberattacks of its own for nearly a decade, starting with the Stuxnet virus developed in conjunction with Israeli intelligence that was used to knock out Iranian nuclear centrifuges in 2010 and allegedly including attacks on rocket launch pads and other infrastructure. Iranian Foreign Minister Javad Zarif warned Washington last month that while the US may have started the cyber-war, “it won’t be able to finish” it.

If you like this story, share it with a friend!