Trump Campaign Hacked, Microsoft Says Iran-Backed Group “Mint Sandstorm” Responsible

An Iranian group called Mint Sandstorm that is connected to the Islamic Revolutionary Guard Corps sent a spear phishing email to start the Hack

By Tom Ozimek | The Epoch Times

Microsoft’s cyber threat assessment unit said on Aug. 9 that a high-ranking official on a U.S. presidential campaign had been hacked by an Iran-backed group, with the Trump campaign later revealing that it had been the target of a cyber attack and linked the breach to “foreign sources hostile to the United States.”

The report from the Microsoft Threat Analysis Center (MTAC) indicates that an Iranian group called Mint Sandstorm that is connected to the Islamic Revolutionary Guard Corps sent a spear phishing email in June to a high-ranking official on a presidential campaign from the compromised email account belonging to a former senior campaign adviser.

“Mint Sandstorm similarly targeted a presidential campaign in May and June 2020 five to six months ahead of the last U.S. presidential election,” MTAC said, adding that the same group also tried but failed to breach an account belonging to a former presidential candidate.

No details were released on the official’s identity, but Microsoft’s threat assessment team said that the Iranian-linked breaches related to increasing attempts to influence the U.S. presidential election in November.

“This recent cyber-enabled influence activity arises from a combination of actors which are conducting initial cyber reconnaissance and seeding online personas and websites into the information space,” according to the report.

Following the release of the report, the Trump 2024 presidential campaign confirmed that it had been the target of a cyberattack in which campaign documents were stolen.

The breach, which Trump campaign spokesperson Steven Cheung told Politico on Aug. 10 has been attributed to “foreign sources hostile to the United States,” marks a significant development in the area of foreign interference in U.S. elections as the race for the White House heats up.

Politico reported that, on July 22, it began receiving emails from an anonymous source using the alias “Robert.” The emails reportedly contained internal documents from the Trump campaign, including a 271-page research dossier on Sen. JD Vance (R-Ohio), who was vetted as a potential vice presidential nominee and later chosen as former President Donald Trump’s running mate.

Cheung pointed to the Microsoft report and its finding that Iranian hackers had broken into the account of a high-ranking official on the U.S. presidential campaign as evidence of involvement of a foreign hostile power in the Trump campaign breach.

“These documents were obtained illegally from foreign sources hostile to the United States, intended to interfere with the 2024 election and sow chaos throughout our democratic process,” Cheung told the outlet.

He also linked the timing of the breach to reports of Iranian plots against Trump, who remains a target of Iranian hostility after ordering the 2020 assassination of Iranian General Qassem Soleimani.

Cheung, who did not immediately respond to a request from The Epoch Times for more details of the development, declined to tell Politico whether the Trump campaign had contacted law enforcement in regards to the breach.

U.S. intelligence officials recently stated that Iran had been hard at work sowing political discord in the United States via the use of clandestine or ghost social media accounts. Iran has denied that such practices are taking place and said that any actions against the United States are purely defensive and do not involve cyber attacks.

The Office of the Director of National Intelligence (ODNI) released a statement in July confirming that Iranian groups had targeted the U.S. political campaign, specifically that of Trump, to influence the upcoming election.

The U.S. intelligence community “has observed Tehran working to influence the presidential election, probably because Iranian leaders want to avoid an outcome they perceive would increase tensions with the United States,” the statement reads.

Microsoft’s report said that the hackers’ activity also covered a wider scope, including gaining intelligence on U.S. political campaigns, which allowed Iranian groups to target political swing states in the United States.

The report also stated that the previous breach involving the county official, which took place in May, was part of a wider “password spray operation.” This type of operation involves the use of common or leaked passwords, which hackers use on multiple accounts until they find a match and break into one.

The report confirmed that no other accounts were compromised through the breach and that all other targeted officials were notified of the cyber attack.

*********

(TLB) published this article by Tom Ozimek as posted at The Epoch Times

Header featured image (edited) credit: Trump/org.ET post article teaser

Emphasis added by (TLB)

••••

••••

Stay tuned tuned…

••••

The Liberty Beacon Project is now expanding at a near exponential rate, and for this we are grateful and excited! But we must also be practical. For 7 years we have not asked for any donations, and have built this project with our own funds as we grew. We are now experiencing ever increasing growing pains due to the large number of websites and projects we represent. So we have just installed donation buttons on our websites and ask that you consider this when you visit them. Nothing is too small. We thank you for all your support and your considerations … (TLB)

••••

Comment Policy: As a privately owned web site, we reserve the right to remove comments that contain spam, advertising, vulgarity, threats of violence, racism, or personal/abusive attacks on other users. This also applies to trolling, the use of more than one alias, or just intentional mischief. Enforcement of this policy is at the discretion of this websites administrators. Repeat offenders may be blocked or permanently banned without prior warning.

••••

Disclaimer: TLB websites contain copyrighted material the use of which has not always been specifically authorized by the copyright owner. We are making such material available to our readers under the provisions of “fair use” in an effort to advance a better understanding of political, health, economic and social issues. The material on this site is distributed without profit to those who have expressed a prior interest in receiving it for research and educational purposes. If you wish to use copyrighted material for purposes other than “fair use” you must request permission from the copyright owner.

••••

Disclaimer: The information and opinions shared are for informational purposes only including, but not limited to, text, graphics, images and other material are not intended as medical advice or instruction. Nothing mentioned is intended to be a substitute for professional medical advice, diagnosis or treatment.