Microsoft has revealed details of Iran’s big hacking operation targeted at the US presidential campaign between August and September.
Iran’s hackers have made more than 2,700 attempts to break into email accounts belonging to the US presidential campaign, current and former US government officials, as well as journalists and prominent Iranians living outside the country, according to Tom Burt, Microsoft’s corporate vice president for customer security and confidence, on Friday.
Microsoft refused to name which presidential campaign the hackers of Iran are targeting. Reuters confirmed on Friday that the hackers were targeting President Donald Trump’s campaign, adding that his campaign’s official website is the only candidate connected to Microsoft’s cloud email service.
The team that Microsoft called Phosphorous targeted 241 email accounts and successfully compromised four accounts in its project, the company said. U.S. government leaders and the presidential campaign have not been among the four compromised accounts.
Microsoft said it suspects the hackers are linked to the government of Iran. We were given access to four accounts by tricking the password reset apps, the company said.
“While the attacks we’re disclosing today were not technically sophisticated, they attempted to use a significant amount of personal information both to identify the accounts belonging to their intended targets and in a few cases to attempt attacks,” Burt said in the post.
Chris Krebs, Director of the US Cyber Security and Infrastructure Security Agency, said the Agency is aware of hacking attempts and is collaborating with Microsoft to investigate them.
“While much of this activity can likely be attributed to run-of-the-mill foreign intelligence service work, Microsoft’s claims that a presidential campaign was targeted is yet more evidence that our adversaries are looking to undermine our democratic institutions,” Krebs said in a statement.