Iranian Hackers Reportedly Targeting US Officials and Distributing Fake News Before Election

• Hackers tied to the Iranian government tried to break into the account of a high-value target connected to the U.S. elections.
• The breaches were part of an Iranian campaign to influence the fall presidential election.
• Efforts coming from Iran are reportedly intensifying in relation to the 2024 U.S. presidential elections.

Iranian government-backed hackers tried infiltrating the account of an important U.S. presidential campaign official in June via spear-phishing, according to a recent Microsoft report. A few weeks before, they breached the account of a county-level U.S. official who had minimal access permissions.

The report also mentions the intelligence unit of the Iran-based Islamic Revolutionary Guard Corps (IRGC) sending a spear-phishing email to the first official and another group believed to be connected with IRGC compromised the latter official’s user account in May as part of a massive password spray operation.

Iranian groups are allegedly targeting U.S. swing states, trying to gain intelligence on U.S. political campaigns and influence the November presidential election. The report added that no other accounts were affected by that breach, and the targets were notified.

"The U.S. presidential election is an internal matter in which Iran does not interfere," Iran's mission to the United Nations in New York told Reuters in response to the Microsoft report allegations, adding it had no plans to launch cyber attacks.

Apparently, another Iranian group had been launching various domains with fake news sites targeting liberal and conservative voters, trying to derail one of the presidential campaigns. 

Two websites, left-leaning Nio Thinker and conservative Savannah Time, used artificial intelligence to scrape content from legitimate news sites, targeting voters on opposite political sides.

Senior U.S. Intelligence officials recently stated they observed the increased use of Iranian covert social media accounts trying to ruffle up and divide public opinion on American political matters.

Iranian state actors use increasingly sophisticated tools, including cloud environments and custom implants, and quickly exploit new vulnerabilities. 

Meanwhile, Tehran deploys cyber operations to influence European NATO member states, scare Israeli citizens, foment Shi’ite unrest in the Gulf, and suppress perceived opponents of the regime, the report says.

The U.S. State Department recently identified six Iranian security officials linked to the IRGC responsible for the cyberattacks on U.S. water utilities in 2023 and is offering a $10 million reward via the Rewards for Justice program for information leading to the identification or location of these individuals.