Microsoft: Iran-linked hacking group has targeted 2020 U.S. campaign

Software and technology giant Microsoft said Friday a threat assessment team has detected an Iran-based cybercrime faction it believes is attempting to interfere in the 2020 U.S. presidential election.

Iranian activists burn an American flag during a demonstration to commemorate the Islamic revolution and overthrow of the U.S.-backed shah in 1979. File Photo by Maryam Rahmanian

Microsoft said its Threat Intelligence Center observed a hacking group this summer called Phospherous make more than 2,700 attempts to identify certain email accounts — including some affiliated with at least one electoral campaign and former federal officials. The TIC said Phospherous attacked nearly 250 of those accounts.

“The targeted accounts are associated with a U.S. presidential campaign, current and former U.S. government officials, journalists covering global politics and prominent Iranians living outside Iran,” Microsoft wrote in a blog post titled, “Recent cyberattacks require us all to be vigilant.”

Microsoft said the Phospherous group originates in Iran and is linked to the Iranian government.

The company said the hack attempts were seen over a 30-day period in August and September, and that four accounts — which were not related to any 2020 campaign — were compromised.

“In some instances, they gathered phone numbers belonging to their targets and used them to assist in authenticating password resets,” the blog post states, noting the hack attempts were “not technically sophisticated.”

Microsoft did not specify which presidential campaign was targeted.

“Publishing this information should help others be more vigilant and take steps to protect themselves,” the Redmond, Wash.-based company said.

“This effort suggests Phosphorus is highly motivated and willing to invest significant time and resources engaging in research and other means of information gathering.”

ByNicholas Sakelaris