A hacking group that is connected to the Iranian government tried to penetrate President Trump's re-election campaign, Microsoft said on Friday afternoon. The hacking group called Phosphorus was discovered by the Microsoft Threat Intelligence Center (MSTIC) when it attempted repeated breaches in August and September.
"Microsoft has notified the customers related to these investigations and threats and has worked as requested with those whose accounts were compromised to secure them" per @TomBurt45— Jeff Seldin (@jseldin) October 4, 2019
More here: https://t.co/se9R6LlgRS
MSTIC said, "targeted accounts are associated with a U.S. presidential campaign, current and former U.S. government officials, journalists covering global politics and prominent Iranians living outside Iran."
According to Microsoft, at least four accounts that were "compromised" but none were associated with the U.S. presidential campaign or current and former U.S. government officials.
NEW: #Iran-based #cyber group "Phosphorus" targeted a US presidential campaign and current/former government officials & journalists, per @Microsoft's @TomBurt45— Jeff Seldin (@jseldin) October 4, 2019
4 accounts were breached but NOT any associated w/the presidential campaign or current/former US gvt officials
The attempted hack comes days after Iranian Foreign Minister Mohammad Javad Zarif said that his government wouldn't meddle with the U.S. 2020 presidential election. Reuters spoke with President Trump's campaign's Director of Communications Tim Murtaugh, who said, "We have no indication that any of our campaign infrastructures were targeted."
Cybersecurity and Instracture Security Agency (CISA) published a full statement on Friday afternoon, acknowledging that the agency is well "aware" of the "Iranian actors targeting U.S. accounts."
MSTIC called the attempted hack "not technically sophisticated," indicating that the cybercriminals spent a significant amount of time researching their targets.
Phosphorus hackers attempted to gain access to more than 241 accounts through password resets and or account recovery features.
In a July blog post, Microsoft said that nearly 10,000 of its customers have been targeted this year by nation-state hackers, with most of the attacks originating from Russia, Iran, and North Korea.