Microsoft has revealed that hackers linked to the Iranian government have been trying to influence the US presidential election for months.
Researchers at the tech giant revealed Thursday that they found several Iranian groups spreading polarizing messages and incendiary posts on controversial and politically divisive topics.
According Microsoft’s latest threat intelligence reportCybercriminals have been using covert news sites that appeal to groups of voters from opposite ends of the political spectrum to further distance themselves from both sides.
One such site, created for Democratic Party supporters and called Nio Thinker, insults former President Donald Trump by calling him “an opioid pill-pumping elephant in the MAGA china shop” and a “delusional lunatic litigatorsaur.”
The website, which began publishing in late October 2023, also publishes numerous sarcastic and long-winded articles criticizing Trump.
A website created for Democratic Party supporters called Nio Thinker insults former President Donald Trump by calling him an “opioid pill-pushing elephant in the MAGA china shop” and a “delusional, insane litigioussaur.”
On the other hand, another website called Savannah Time claims to be a “trusted source of conservative news in the vibrant city of Savannah.”
This website tends to focus heavily on Republican politics and LGBTQ issues, particularly gender reassignment, a highly controversial topic on the right.
Evidence uncovered by the company suggests that these sites have been using AI-enabled services to plagiarize some of their content from US publications.
Microsoft did not name the posts in its report. Notably, the report did not suggest that any attacks had been carried out against Vice President Kamala Harris.
Apart from this, the report also noted that an Iranian group connected to the Islamic Revolutionary Guard Corps had previously attempted to break into the email accounts of campaign officials.
The website, which began publishing in late October 2023, also publishes numerous sarcastic and long-winded articles criticizing Trump.
Notably, the report did not suggest that any attacks had been made against Vice President Kamala Harris compared to her presidential rival Trump.
The attackers had sent a phishing email in June to a high-ranking official from the compromised email account of a former senior adviser.
This fraudulent email “contained a link that directed traffic through a domain controlled by the group before directing it to the website of the link provided.”
Days after attempting to monitor traffic and access sensitive information, the same group attempted to break into an account belonging to a former presidential candidate, but was unsuccessful.
The deeply detailed report also noted that an Iranian group had managed to break into the email account of a county-level government employee in a key state.
But while hackers managed to break into one of them, Microsoft Threat Intelligence later discovered that they were unable to gain additional access beyond the single account.
The detailed report also noted that an Iranian group had managed to break into the email account of a county-level government employee in a key state.
Iranian groups that have historically sought to undermine confidence in the electoral system had been preparing to launch influence operations since March 2024, the researchers said.
The findings are the latest evidence that foreign governments are carrying out clandestine operations ahead of the US election in November.
In 2020, two Iranian men posed as members of the right-wing group Proud Boys as part of a voter intimidation effort, according to FBIThey were later charged for their involvement.
In the same election year, Iranian hackers breached a website used by a US municipal government to publish election results.
The attackers were caught before carrying out any nefarious activity, US cybersecurity officials later clarified.
