Hackers Backed By Iran Targeted Presidential Campaign, Microsoft Says
WASHINGTON – Hackers backed by the Iranian government have been targeting the email accounts of at least one presidential campaign, current and former federal government officials and journalists covering political campaigns, Microsoft revealed Friday.
In a blog post on its website, the tech giant says that over a 30-day period between August and September, the Microsoft Threat Intelligence Center observed a group it has dubbed “Phosphorus” making more than 2,700 attempts to identify consumer email accounts belonging to specific Microsoft customers and then attack 241 of those accounts.
“While the attacks we’re disclosing today were not technically sophisticated, they attempted to use a significant amount of personal information both to identify the accounts belonging to their intended targets and in a few cases to attempt attacks,” Tom Burt, corporate vice president of Customer Security and Trust at Microsoft, wrote in the post.
“This effort suggests Phosphorous is highly motivated and willing to invest significant time and resources engaging in research and other means of information gathering,” he said.
Microsoft has not revealed the name of the presidential campaign, but its disclosure is just more evidence that U.S. adversaries are now picking up where Russia’s interference in the 2016 United States presidential election left off.
Burt said that Phosphorus used information gathered from researching their targets or other means to game password reset or account recovery features and attempt to take over some targeted accounts.
For example, they would seek access to a secondary email account linked to a user’s Microsoft account, then attempt to gain access to a user’s Microsoft account through verification sent to the secondary account.
In some instances, they gathered phone numbers belonging to their targets and used them to assist in authenticating password resets.
The company says four accounts were compromised as a result of these attempts. The four accounts were not associated with the U.S. presidential campaign or current and former U.S. government officials.
In addition to helping to secure those accounts, Microsoft’s Digital Crimes Unit has also taken legal and technical steps to combat Phosphorus attacks.
“We continue to take these types of actions,” Burt wrote.
Microsoft also reminded its customers that there are steps they can take to help secure their accounts. It is encouraging all customers to enable two-step verification on their accounts which can be done in Account Security settings.
In The News
WASHINGTON -- A powerful congressional committee is beginning an investigation into reports the Justice Department secretly subpoenaed information about members of Congress and journalists during the Trump administration. The committee’s chairman said he was concerned the Justice Department “used criminal investigations as a pretext to spy... Read More
ATLANTA (AP) — Amber McReynolds, CEO of The National Vote at Home Institute, helped state and local election officials prepare for the record number of mailed ballots cast during last year's presidential election. She also was recently confirmed by the Senate to serve on the Board... Read More
ELM GROVE, Wis. (AP) — Standing on the sidelines of her son's soccer practice in this upscale suburb, Laura Hahn looked skyward for answers when asked how she would rate President Joe Biden's first 100 days in office. Overall, Biden is doing well, she said after... Read More
Democrat Rita Hart threw in the towel Wednesday afternoon, giving up her bid to represent Iowa’s 2nd Congressional District, and effectively ending the 2020 election cycle. Hart, who had been challenging the outcome of the race before the Committee on House Administration, said in a brief... Read More
Dominion Voting Systems on Friday filed a $1.6 billion defamation lawsuit against Fox News, arguing the cable news company sought to boost faltering ratings by falsely claiming the voting machine company had rigged the 2020 election. The company, which is headquartered in Toronto, Canada and Denver,... Read More
MONTGOMERY, Ala. - Election systems in the Deep South in 2020 suffered from numerous shortcomings, making it harder for many voters -- particularly those from communities of color -- to safely cast their ballots, states a new analysis by the Southern Poverty Law Center. The report... Read More