Iranian Hackers Target US Election Campaigns Again

Recent reports have highlighted a surge in cyberattacks linked to Iranian state hackers, particularly targeting political figures and organizations in the United States and abroad. Notably, internal documents from Donald Trump's presidential campaign were stolen, while Kamala Harris faced hacking attempts. Additionally, phishing emails have been sent to senior Israeli officials and members of the Iranian diaspora, as well as researchers and journalists in the US and UK. Google's cybersecurity division released a report on August 14 detailing the activities of a hacker group known as "APT42," also referred to as "Mint Sandstorm" or "Charming Kitten." APT42 has been active since at least 2015 and employs sophisticated email traps that mimic legitimate documents to deceive targets. This group's operations have intensified in recent months, although similar tactics have been observed in the past. Microsoft previously reported in 2020 that Iranian hackers linked to the Revolutionary Guards had targeted a US presidential campaign, although the specific campaign was not disclosed. The stealthy methods used by APT42 complicate detection and mitigation efforts, as noted by cybersecurity experts. The nature of these cyber operations extends beyond mere hacking; they often involve disinformation campaigns and the strategic leaking of documents for political gain. The FBI and cybersecurity firms attribute many of these activities to a specialized group called "Emennet Pasargad," which is believed to operate as a subcontractor for the Revolutionary Guards. This group was implicated in the January 2023 hacking of the Charlie Hebdo subscriber database, with several members already facing US sanctions for their involvement in disinformation efforts during the 2020 election.