close
close

Iran uses hacking, online disinformation to interfere in US election, Microsoft report says

Posted on by darion

Top line

Iranian government-linked groups are seeking to interfere in the U.S. presidential election through a large-scale online disinformation campaign and hacking attempts targeting high-ranking campaign officials, Microsoft researchers said in a report released Friday.

Key facts

According to the report, an Iranian group called Storm-2035 has launched several fake news websites that target both left-wing and right-wing voters and that have “polarized messaging on issues such as U.S. presidential candidates, LGBTQ rights, and the Israel-Hamas conflict.”

Examples of such sites highlighted in the report include a site called “Nio Thinker,” which targets liberals by attacking Trump, and another aimed at conservatives called “Savannah Time,” which addresses LGBTQ issues, “specifically gender reassignment.”

Microsoft researchers say they found evidence that these sites “are using AI-based services to plagiarize at least some of their content from U.S. publications” and other AI tools to increase their reach in search engines.

Another Iran-linked group called Sefid Flood “began” conducting election interference operations in March. It specializes in impersonating social and political activist groups to “sow doubts about the integrity of elections” and incite violence against political figures, among other things.

Get text alerts for breaking news from Forbes: We’re introducing SMS alerts so you’ll always know the biggest stories shaping the headlines of the day. Send SMS “Alerts” to (201) 335-0739 or register Here.

Peg’s News

In addition to online disinformation, the election interference campaign also included hacking operations by groups affiliated with the Islamic Revolutionary Guard Corps (IRGC). In June, the IRGC-backed hacking group Mint Sandstorm sent a spear-phishing email to a senior official of an anonymous presidential campaign using the hacked email ID of a former senior advisor. Spear-phishing is a targeted attack intended to steal confidential information by tricking the victim into opening a malicious link or file. In this case, the phishing email contained a fake hyperlink that directed the target to a domain controlled by the hacker and then sent them to the actual website listed in the link. Mint Sandstorm also unsuccessfully attempted to access an account belonging to an anonymous former presidential candidate.

Tangent

In May, another IRGC-linked hacking group, Peach Sandstorm, compromised a user account at a county government in a swing state. The report notes that the compromised account had only minimal access privileges, and researchers did not observe any escalation of privileges — which could apply to more sensitive accounts or data.

Further reading

Microsoft finds Russian operations to influence U.S. election begin (Reuters)