 "Hackers with links to Iran targeted a US presidential campaign: Microsoft")
A hacking group that appears to be linked to the Iranian government has carried out a campaign against a US presidential campaign, Microsoft Corp said on Friday.
Microsoft saw "significant" cyber activity by the group that also targeted current and former US government officials, journalists covering global politics and prominent Iranians living outside Iran, the company said in a blog post.
In a 30-day period between August and September, the group, called "Phosphorous" by the company, made more than 2,700 attempts to identify consumer email accounts belonging to specific customers and then attacked 241 of those accounts.
Hacking to interfere in elections has become a concern for governments especially since United States intelligence agencies concluded that Russia ran a hacking and propaganda operation to disrupt the American democratic process in 2016 to help then-Republican candidate Donald Trump become president. Moscow has denied any interference.
In addition, tensions between the United States and Iran have risen since May 2018 when Trump withdrew from a 2015 international nuclear accord with Tehran that put limits on its nuclear program in exchange for easing of sanctions. Trump has since re-instated US sanctions, putting increased pressure on the Iranian economy, including its oil trade.
The Iranian government did not issue any immediate comment through state-run media on Microsoft's statement of any link to Phosphorous.
Microsoft said Phosphorous used information gathered from researching their targets or other means to game password reset or account recovery features and attempt to take over some targeted accounts.
The attacks disclosed by the company on Friday were not technically sophisticated, the blog said. Hackers tried to use a significant amount of personal information to attack targets, it said.
"This effort suggests Phosphorous is highly motivated and willing to invest significant time and resources engaging in research and other means of information gathering," the software company said in a blog post.
Microsoft has been tracking Phosphorus since 2013 and said in March that it had received a court order to take control of 99 websites the group used to execute attacks.
The company said it had notified the customers related to the investigations and threats and has worked with those whose accounts were compromised to secure them.
Phosphorus is also known as APT 35, Charming Kitten, and Ajax Security Team, according to Microsoft.
One subscription. Two world-class reads.
Already subscribed? Log in
Subscribe to read the full story →*Subscribe to Business Standard digital and get complimentary access to The New York Times
Smart Quarterly
₹900
3 Months
₹300/Month
SAVE 25%
Smart Essential
₹2,700
1 Year
₹225/Month
SAVE 46%
*Complimentary New York Times access for the 2nd year will be given after 12 months
Super Saver
₹3,900
2 Years
₹162/Month
Subscribe
Renews automatically, cancel anytime
Here’s what’s included in our digital subscription plans
Exclusive premium stories online
Over 30 premium stories daily, handpicked by our editors
Complimentary Access to The New York Times
News, Games, Cooking, Audio, Wirecutter & The Athletic
Business Standard Epaper
Digital replica of our daily newspaper — with options to read, save, and share
Curated Newsletters
Insights on markets, finance, politics, tech, and more delivered to your inbox
Market Analysis & Investment Insights
In-depth market analysis & insights with access to The Smart Investor
Archives
Repository of articles and publications dating back to 1997
Ad-free Reading
Uninterrupted reading experience with no advertisements
Seamless Access Across All Devices
Access Business Standard across devices — mobile, tablet, or PC, via web or app
SAVE 25%