Advertisement

Microsoft Claims Iranian Hackers 'Targeted U.S Election'

Hackers linked to the Iranian government targeted a US presidential campaign along with government officials, media targets and others, Microsoft says.

Microsoft says hackers linked to the Iranian government have targeted a U.S.presidential campaign, as well as government officials, media targets and prominent expatriate Iranians.

Image: Raymond Boyd/Getty Images

Overall, the hackers attempted to access 241 accounts - four successfully - though none of those penetrated was associated with presidential campaigns or current or past U.S. officials, Microsoft said.

Sources familiar with the operation said the hackers tried to break into U.S. President Donald Trump's re-election campaign, but did not succeed Foreign hackers have long targeted U.S. government and politicians, generally with little notice.

Iran in particular could have a stake in the outcome of the U.S. election after Trump withdrew the United States from a nuclear agreement and stepped up sanctions against the country.

Photo: Reuters.

The U.S. Department of Homeland Security said it was working with Microsoft to "assess and mitigate impacts". Director of the department's Cybersecurity and Infrastructure Security Agency Chris Krebs said much of the activity is likely "run-of-the-mill" foreign intelligence service work.

But, "Microsoft's claims that a presidential campaign was targeted is yet more evidence that our adversaries are looking to undermine our democratic institutions", Krebs said.

READ MORE: Warning Issued Over Phone Hacking Equipment Selling For Just $50

 

READ MORE: 12 Russians Charged With Hacking Democrats During 2016 US Election

In a blog post released on Friday, Microsoft corporate vice president for customer security and trust Tom Burt said owners of four accounts compromised by the hackers have been notified.The attacks by a group Microsoft calls Phosphorous occurred during a 30-day period between August and September.

Burt said the Iranian hackers used password reset and account recovery features to try to take over accounts. For example, they gathered phone numbers belonging to targets to help with a password reset.

In other cases, they tried to get into secondary email accounts that might be linked to the Microsoft account to gain access via a verification email. The hackers researched their targets, making more than 2700 attempts to identify emails belonging to a specific Microsoft customer.

7:23 AM