Hackers Backed By Iran Targeted Presidential Campaign, Microsoft Says
WASHINGTON – Hackers backed by the Iranian government have been targeting the email accounts of at least one presidential campaign, current and former federal government officials and journalists covering political campaigns, Microsoft revealed Friday.
In a blog post on its website, the tech giant says that over a 30-day period between August and September, the Microsoft Threat Intelligence Center observed a group it has dubbed “Phosphorus” making more than 2,700 attempts to identify consumer email accounts belonging to specific Microsoft customers and then attack 241 of those accounts.
“While the attacks we’re disclosing today were not technically sophisticated, they attempted to use a significant amount of personal information both to identify the accounts belonging to their intended targets and in a few cases to attempt attacks,” Tom Burt, corporate vice president of Customer Security and Trust at Microsoft, wrote in the post.
“This effort suggests Phosphorous is highly motivated and willing to invest significant time and resources engaging in research and other means of information gathering,” he said.
Microsoft has not revealed the name of the presidential campaign, but its disclosure is just more evidence that U.S. adversaries are now picking up where Russia’s interference in the 2016 United States presidential election left off.
Burt said that Phosphorus used information gathered from researching their targets or other means to game password reset or account recovery features and attempt to take over some targeted accounts.
For example, they would seek access to a secondary email account linked to a user’s Microsoft account, then attempt to gain access to a user’s Microsoft account through verification sent to the secondary account.
In some instances, they gathered phone numbers belonging to their targets and used them to assist in authenticating password resets.
The company says four accounts were compromised as a result of these attempts. The four accounts were not associated with the U.S. presidential campaign or current and former U.S. government officials.
In addition to helping to secure those accounts, Microsoft’s Digital Crimes Unit has also taken legal and technical steps to combat Phosphorus attacks.
“We continue to take these types of actions,” Burt wrote.
Microsoft also reminded its customers that there are steps they can take to help secure their accounts. It is encouraging all customers to enable two-step verification on their accounts which can be done in Account Security settings.
In The News
WASHINGTON - Accustomed as they are to believing government can do a great deal of good for a great many, serious Democrats have grown increasingly concerned over the potential long-term ramifications of Medicare for all proposals. While it's easy -- and perhaps hopeful -- to view... Read More
SACRAMENTO, Calif. — California voters who are unaffiliated with a political party will be able to participate in the Democratic presidential primary next year, but they will be prohibited from casting ballots for President Donald Trump or any possible Republican challenger, according to information released Monday... Read More
MINNEAPOLIS — President Donald Trump trails several leading Democratic candidates, as well as U.S. Sen. Amy Klobuchar, at this point in the presidential campaign in Minnesota, according to a new Star Tribune Minnesota Poll. The two current front-runners for the Democratic nomination, former Vice President Joe... Read More
NEW YORK — Facebook Inc. discovered four separate misinformation networks — three tied to Iran and one to Russia — that the social network said it shut down as part of an ongoing effort to counter “foreign influence campaigns.” Facebook said that the “coordinated inauthentic behavior”... Read More
WASHINGTON — Democratic lawmakers are increasingly demanding that U.S. authorities investigate allegations raised in a recent magazine article that traders might be using nonpublic government information to reap huge illegal profits, even as the exchange where the transactions purportedly took place called the story “patently false.”... Read More
WASHINGTON - A circuit court judge in South Carolina heard more than two hours of oral arguments Friday in a lawsuit challenging the state GOP executive committee's vote last month to forgo a 2020 Republican presidential primary. In the end, Circuit Judge Jocelyn Newman indicated her... Read More