Microsoft says Iranian hackers targeted U.S. presidential campaigns and spread AI content insulting Donald Trump

Attackers connected to the Islamic Revolutionary Guard Corps used a compromised email address from a former political adviser to try phishing another high-ranking campaign official, according to Microsoft’s Threat Analysis Center.

A hacking group linked to the Iranian government tried to breach the email accounts of presidential campaign staffers as part of a wider effort to gather intelligence ahead of the US election, Microsoft Corp. said Friday.

Attackers connected to the Islamic Revolutionary Guard Corps in June used a compromised email address from a former political adviser to try phishing another high-ranking presidential campaign official, according to findings from Microsoft’s Threat Analysis Center. That group, which Microsoft calls Mint Sandstorm, also unsuccessfully attempted to log in to the account of a former presidential candidate. The report didn’t identify the individual targets by name.

Other Iranian groups are using artificial intelligence technology to publish content online insulting former president Donald Trump and create inflammatory posts about controversial issues such as gender reassignment surgery, according to the report.

Microsoft researchers also said that Iranian groups that have historically tried to undermine trust in the electoral system have since March been preparing to launch influence operations. Using websites with fabricated and plagiarized content, supposed media operations launched by Iranian groups also have sought to amplify polarizing political messaging about topics such as presidential candidates and Israel’s war against Hamas, researchers found.

The findings are the latest evidence that foreign governments are conducting clandestine operations ahead of US elections in November. American intelligence officials in July warned that Russia, China and Iran were recruiting people in the US to spread propaganda. A representative from the Iranian government denied that allegation.

Iranian operatives in 2020 impersonated members of the right-wing Proud Boys group as part of a voter intimidation effort, according to the FBI, resulting in charges against two men. That same year, Iranian hackers breached a website that a municipal government in the US used to publish election results, though the attackers were caught before carrying out any nefarious activity, US cybersecurity officials said.

Nation-state hackers have long used email attacks to try infiltrating American political campaigns, such as the Russian hack in 2016 in which a state-sponsored group ultimately published internal emails from Hillary Clinton’s staffers.

The US State Department on Wednesday identified six alleged Iranian hackers accused of compromising industrial control systems used by American public utilities.

The Iranian government didn’t immediately respond to a request for comment.

Recommended Newsletter: CEO Daily provides key context for the news leaders need to know from across the world of business. Every weekday morning, more than 125,000 readers trust CEO Daily for insights about–and from inside–the C-suite. Subscribe Now.