Microsoft: Iranian cyberattack targeted a US presidential campaign

Phosphorous also pursued officials, journalists and expatriates.

Sponsored Links

AP Photo/Kamran Jebreili
AP Photo/Kamran Jebreili

Iran has apparently been engaged in a large-scale cyberattack bent on compromising American politics. Microsoft reported that Phosphorous, a known group it believes is linked to the Iranian government, attacked 241 email accounts in a 30-day period between August and September, including those for a US presidential campaign as well as current and former US officials, journalists covering world politics as well as "prominent" expatriate Iranians. Four of these accounts were compromised, though this didn't include the presidential run or any officials.

The intruders "were not technically sophisticated," Microsoft said, but they were determined. They conducted extensive research of personal info to identify accounts and potentially fool account recovery systems, sometimes obtaining phone numbers used for two-factor authentication. There were over 2,700 attempts to identify accounts over the roughly month-long stretch. Phosphorous frequently used spear phishing in hopes it might trick users into providing login details through fake web forms.

Microsoft said it had notified Phosphorous' targets, and was helping compromised users secure their accounts. It also recommended that political figures use its AccountGuard program to get advanced monitoring and threat alerts.

Iran hasn't acknowledged its involvement in the attacks. However, they wouldn't be surprising in light of escalating tensions between the US and Iran that have included digital warfare. Iran has also been accused of conducting a Russia-like disinformation campaign meant to skew American politics ahead of the 2020 presidential election. If Iran is involved, this would mainly represent one of the most overt attacks to date.

Turn on browser notifications to receive breaking news alerts from Engadget
You can disable notifications at any time in your settings menu.
Not now

All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission. All prices are correct at the time of publishing.
Popular on Engadget