Iranian hackers charged for ‘hack-and-leak’ plot to influence election
by Sergiu Gatlan · BleepingComputerImage: Midjourney
The U.S. Department of Justice unsealed an indictment charging three Iranian hackers with a "hack-and-leak" campaign that aimed to influence the 2024 U.S. presidential election.
Iranian nationals Masoud Jalili, Seyyed Ali Aghamiri, and Yaser Balaghi worked for Iran's Islamic Revolutionary Guard Corps (IRGC) to hack the accounts of current and former U.S. officials, individuals linked to multiple U.S. political campaigns, and media members.
According to the DOJ, their attacks were part of a broader Iranian effort attempting to steal sensitive information about American officials and influence U.S. elections.
In May 2024, after years of targeting former U.S. government officials, the trio shifted their focus to individuals connected to the Trump presidential campaign, the indictment alleges.
They successfully gained unauthorized access to campaign officials' personal accounts, stealing campaign documents and emails.
Around late June, the hackers began a "hack-and-leak" operation, attempting to leak stolen materials to U.S. media outlets and individuals associated with the Biden campaign, intending to damage Trump's 2024 presidential bid.
"Iranian malicious cyber actors in late June and early July sent unsolicited emails to individuals then associated with President Biden's campaign that contained an excerpt taken from stolen, non-public material from former Trump's campaign as text in the emails," according to a joint statement released on September 18 by CISA, the FBI, and the Office of the Director of National Intelligence.
"There is currently no information indicating those recipients replied. Furthermore, Iranian malicious cyber actors have continued their efforts since June to send stolen, non-public material associated with former President Trump's campaign to U.S. media organizations."
Their "hack-and-leak" operation started in January 2020 and involved spearphishing and social engineering tactics.
By 2022, they expanded their efforts and targeted a former U.S. government official to steal personal information that could help identify future victims.
The U.S. State Department also offers a $10 million reward for information on Jalili, Aghamiri, and Balaghi. At the same time, the Treasury Department's Office of Foreign Asset Control (OFAC) has designated Jalili for his involvement with the IRGC, imposing sanctions as part of ongoing efforts to curb foreign interference in U.S. elections.
"These hack-and-leak efforts by Iran are a direct assault on the integrity of our democratic processes," said Assistant Attorney General Matthew G. Olsen.
"This indictment alleges a serious and sustained effort by a state-sponsored terrorist organization to gather intelligence through hacking personal accounts so they can use the hacked materials to harm Americans and corruptly influence our election," U.S. Attorney Matthew Graves for the District of Columbia added today.