Three Iranian nationals were charged with hacking former President Donald Trump’s campaign, stealing emails and documents and then sharing them with the news media, according to US officials and a federal indictment unsealed in Washington on Friday.
Three Iranians posing as members of Iran’s Islamic Revolutionary Guard Corps allegedly hired “malicious cyber actors” to hack and steal documents from an unidentified presidential candidate’s campaign in May.
US officials have said privately that Trump’s campaign was the victim of the attack.
The personal email accounts of Roger Stone, a former deputy director of the CIA, a former Defense Department official and a longtime Trump adviser, were also hacked, the indictment says.
“The results of the elections in our country are not decided by a foreign power, but by the American people,” said Attorney General Merrick Garland. “Not Iran and its malicious cyber activities, as disclosed in today’s indictment.”
Hackers created fake email accounts impersonating current and former US officials, as well as other publicly known organizations and individuals. They then launched spear phishing attacks that tricked individuals associated with the Trump campaign into opening emails containing malware.
In June, the hackers sent the stolen material via email Trump‘s campaign to people associated with then-presidential candidate Joe Biden’s campaign. The FBI and other US officials said there is “no information at this time” indicating that the recipients responded to the emails.
Three members of the Islamic Revolutionary Guard Corps oversaw the operation The indictment identified them as Masoud Jalili, Seyid Ali Agamiri and Yashar Balaghi. They were charged with terrorist financing, computer fraud, wire fraud and identity theft.
Iran has denied the accusations. The semi-official Fars News Agency reported earlier this month that its ambassador to the UN called them “completely baseless, devoid of any credibility or legitimacy” and “in no way acceptable”.
The hack against the Trump campaign is the latest example of Iran’s increasingly brazen approach, according to US officials and analysts. This includes alleged assassination plots against dissidents and refugees on American soil, and assassination threats against Trump.
Garland said that Russia and China are also trying to influence the US elections. Broadly speaking, Russia is trying to help Trump’s re-election efforts, Iran is trying to hurt Trump, and China is trying to influence state and local races in ways that benefit Beijing, US officials said.
Earlier this week, Matthew Olsen, the head of the department’s Homeland Security Division, told NBC News in an exclusive interview that the level of foreign interference in the current election is unprecedented. Olsen said that Iran, Russia and China are trying to influence the elections.
“Let me be as clear as I can be: This is not a hoax. This is actually happening,” Olsen said. “The Russians, Iranians, and Chinese are trying to interfere in our elections in a way that will undermine our democracy.”
Olsen said the three countries — all run by authoritarian leaders — are pursuing the same broad goals: to deepen divisions among Americans and undermine the confidence of US voters in election results and American democracy itself.
“Foreign governments are trying to undermine our country, undermine our democracy, undermine our national security,” Olsen said. “They are trying to promote their authoritarian goals by creating discord within our country and undermining our confidence in our elections.”
A senior US official told NBC News on Friday that there was no evidence that Iran, Russia and China were directly coordinating efforts to influence the election.
On a media call Friday, an FBI official declined to say definitively that the hackers had been completely purged from the Trump campaign or that they had not regained access. “When it comes to advanced persistent threat actors, you can never be absolutely certain that you’ve removed them from the environment,” the official said. “As such, we are in full contact with the victims in this case involving the presidential campaigns and individuals associated with those campaigns.”
First edition of documents
On Thursday, an American journalist who runs an independent newsletter published a document that appears to have been stolen from Trump’s presidential campaign. It was the first public release of a supposed file It is part of Iran’s efforts To manipulate US elections.
The PDF document is a 271-page opposition research file on Trump’s nominee, Sen. JD Vance, R-Ohio.
For more than two months, the hackers who stole the documents have been trying to convince representatives of the American media to write or publish about the files they stole. It didn’t make any selling points.
Thursday, then self-published reporter Ken Klippenstein at Substack Left The Intercept This year, one of the files was published.
“If the document had been hacked by some ‘anonymous’ hacker group, the news media would have known about it,” Klippenstein writes. “I just don’t believe in the news media as an arm of the government fighting foreign influence. And it should not be the gatekeeper of what the public needs to know.”
Reporters who received the documents describe the same pattern: An AOL account emailed them documents signed by someone using the name “Robert,” who declined to be identified or why he wanted the documents covered.
NBC News was not part of Robert Persona’s direct relationship, but he looked at correspondence with a reporter at another outlet.
One of Robert’s emails, previously viewed by NBC News, included three large PDF files, each of which corresponded to three of Trump’s announced finalists for the vice presidency. The Vance file appears to be the same file that Klippenstein hosts on his site.
John Hultquist, lead analyst at Google’s Threat Intelligence Group, said Iran’s Revolutionary Guard Corps “oversees many of the most daring cyber incidents we’ve seen in the Middle East, Europe and the United States, including many contractors operating under this and previous presidents.” election periods”.
“SEPAH actors regularly use destructive attacks and fake content. … They routinely pose as hacktivists or criminals and increasingly target random individuals via email and even text messages. … Most of this activity is designed to undermine confidence in security and is used to undermine confidence in elections in particular.”
Russia’s attempt to help Trump
Earlier this month, prosecutors of the Ministry of Justice accused Two RT employees, Konstantin Kalashnikov and Elena Afanasyeva, accused them of using the Tennessee-based company as part of “covert projects” to influence American politics by posting videos on TikTok, Instagram, X and YouTube.
RT employees funneled millions of dollars to prominent right-wing commentators through a media company that appears to fit the description of Tenet Media, a leading platform for pro-Trump voices, according to an NBC News review of indictment documents, business records and social media. media profiles.
According to the indictment, Tenet has posted nearly 2,000 videos on YouTube since November 2023 that have garnered more than 16 million views.
This is not clearthough how foreign influence operations affect the American electorate. In an oversaturated online space and after years of consuming hyperpolarized content online, Tenet was competing for attention among voters who tend to seek out and serve information that reinforces pre-existing beliefs.
Justice Department officials say the threat of foreign interference remains serious and will continue to investigate foreign government actions related to the 2024 election. Olsen urged Americans to be skeptical of unverified information.
“The right to vote in our free and fair elections — the decisions we make in the upcoming elections — are choices we make as Americans, and we make them alone,” he said. “And we must be extremely vigilant to protect that right.”