Google on Tuesday confirmed that hackers backed by Iran are targeting the campaigns of US presidential rivals Kamala Harris and Donald Trump.
A hacker group known as “APT42” linked to Iran’s Islamic Revolutionary Guard Corps went after high-profile individuals and organizations in Israel and the United States, including government officials and political campaigns, according to a threat report released by Google.
Democratic presidential candidate Kamala Harris’s campaign said Tuesday it had been targeted by foreign hackers, days after rival Donald Trump’s campaign suggested that it had been hacked by Iran.
“In July, the campaign legal and security teams were notified by the FBI that we were targeted by a foreign actor influence operation,” a Harris campaign official told AFP.
“We have robust cybersecurity measures in place and are not aware of any security breaches of our systems resulting from those efforts.”
Google’s threat analysis group continues to see unsuccessful attempts from APT42 to compromise personal accounts of individuals affiliated with President Joe Biden, Vice President Harris and Trump, the report said.
The hacking group works by gleaning information about targets and tailoring “phishing” efforts to dupe victims into revealing log-in information for accounts like Gmail.
Examples given in the report included posing as a think tank or other credible contact to lure victims to fake video meeting landing pages, where log-in credentials are needed to take part.
While technical tools abound in hacker arsenals, some opt for “social engineering” tactics that trick people into clicking on booby-trapped links or logging in to realistic replicas of legitimate web pages.
Google said it disrupted APT42 attempts to hack the campaigns of Biden and Trump in 2020.
In May and June of this year, the Iranian hacker group’s targets included personal email accounts of about a dozen people affiliated with Biden or Trump and Google blocked numerous attempts by APT42 to log in to their accounts, according to the report.
Google also reported that the group got into the personal Gmail account of an influencial political consultant.
“APT42 is a sophisticated, persistent threat actor and they show no signs of stopping their attempts to target users and deploy novel tactics,” Google said.
“This spring and summer, they have shown the ability to run numerous simultaneous phishing campaigns, particularly focused on Israel and the United States.”
Google urged high-risk individuals associated with the coming election to remain vigilant and to take advantage of ramped-up defenses offered by the internet firm.
The US State Department warned Iran on Monday of consequences over election interference following the Trump campaign’s announcement that it had been hacked.
The Trump campaign has suggested that Iran was behind the breach, which resulted in private documents being sent to reporters, including research the campaign used to vet running mate J.D. Vance.
It warned media outlets against reprinting the documents, saying that such action would be “doing the bidding of America’s enemies.”
The tone was different from 2016, when Trump said at a news conference that he hoped Russia would “find” Hillary Clinton’s emails, remarks widely viewed as encouraging further hacks of his election opponent.
US intelligence concluded that Russia intervened in the 2016 election to support Trump, who has rejected the findings.