The three hackers, all tied to Iran’s Islamic Revolutionary Guard Corps, allegedly gained access to campaign officials’ accounts using social engineering and spear phishing, a tactic that attempts to trick victims into revealing sensitive information. They then used the hijacked accounts to steal non-public campaign documents and emails and share them with the media.
As described in the indictment, the U.S. linked the hackers to an Iranian Internet service provider, Respina Networks, which it said allowed them “unrestricted” access to the Internet outside Iran. It also describes how they used commercial virtual private networks (VPNs) to create a number of fake domain names, such as “tinyurl.ink” and “mailer-daemon.online,” which they ultimately used to mislead their victims.
The United States has charged three hackers with wire fraud, providing material support to terrorist groups and conspiring to obtain information from protected computers. “These hacking breaches by Iran are a direct attack on the integrity of our democratic process,” Assistant Attorney General Matthew G. Olson of the Justice Department’s National Security Division said in a press release. “Iranian government actors have long sought to use cyber means to harm U.S. interests.”
