ARTICLE AD
The U.S. Department of Justice announced criminal charges against three hackers working for Iran’s Islamic Revolutionary Guard Corps (IRGC), accusing the trio of a four-year-long hacking campaign that included this year’s hack of Donald Trump’s presidential campaign.
On Friday, U.S. prosecutors published an indictment accusing Masoud Jalili, Seyyed Ali Aghamiri, and Yasar (Yaser) Balaghi of targeting the Trump campaign, former White House and senior government officials, and members of Congress, as part of a hack-and-leak operation.
According to the indictment, the operation was launched in part in retaliation for the killing of Iranian general Qasem Soleimani by the Trump administration in 2020, for which the Iranian government vowed revenge. U.S. officials have since charged at least one individual with the attempted assassination of John Bolton, a former National Security Advisor, as part of the wider Iranian effort to target former members of the Trump administration.
U.S. Attorney General Merrick Garland said at a press conference Friday that the Iranian hacking campaign was in part aimed at influencing the upcoming 2024 presidential election.
“The defendant’s own words make clear that they were attempting to undermine former President Trump’s campaign in advance of the 2024 U.S. presidential election,” said Garland. “We know that Iran is continuing its brazen efforts to stoke discord, erode confidence in the U.S. electoral process and advance its malign activities to the IRGC, a designated foreign terrorist organization.”
“These authoritarian regimes which violate the human rights of their own citizens do not get a say in our country’s democratic process,” said Garland. “The American people and the American people alone will decide the outcome of our country’s elections.”
Masoud Jalili, Seyyed Ali Aghamiri, and Yasar (Yaser) Balaghi, the three Iranian hackers indicted for a hacking campaign that included the intrusion against the Donald Trump presidential campaign. (Image: U.S. Department of Justice).The indictment said the Iranian operation was designed to “stoke discord and erode confidence in the U.S. electoral process,” by targeting former senior government officials with phishing lures that were used to compromise their online accounts and steal campaign material with the goal of leaking the files to the media.
In August, Politico, The New York Times, The Washington Post and others received documents allegedly stolen from the Donald Trump campaign. Politico reported that an individual going by the name “Robert” had reached out and shared documents that appeared to have been stolen from the Republican candidate’s camp.
Since the beginning, the story had the hallmarks of a hack-and-leak operation, akin to what the Russian government orchestrated in 2016, after hacking the Democratic National Committee and people connected to the Hillary Clinton campaign. Unlike 2016, however, the news organizations decided to not report on the content of the documents, let alone release them. Instead, the reporters focused on the fact that the files had been stolen and leaked.
Kevin Collier, a journalist at NBC News, who said he has seen some of the documents, said the files did not contain much worth writing about.
“At least half a dozen outlets and independent reporters have received hacked Trump files from ‘Robert,’ a front for Iranian intelligence. To date, no reporter who’s seen them has found news in them,” Collier wrote on X on Thursday.
Ten days after Politico’s report, the FBI, the Office of the Director of National Intelligence and U.S. cybersecurity agency CISA released a joint statement accusing the government of Iran of being behind the hack-and-leak operation.
“The [Intelligence Community] is confident that the Iranians have through social engineering and other efforts sought access to individuals with direct access to the presidential campaigns of both political parties. Such activity, including thefts and disclosures, are intended to influence the U.S. election process,” read the statement. “It is important to note that this approach is not new. Iran and Russia have employed these tactics not only in the United States during this and prior federal election cycles but also in other countries around the world.”
Microsoft and Google also accused Iranian government-backed hackers of being behind the targeting of people affiliated with both the Trump and the Biden campaign.
On Thursday, more than a month after the first report saying journalists had the documents, independent journalist Ken Klippenstein published a 271-page dossier on Republican vice presidential nominee J.D. Vance. Klippenstein wrote that since June, “the news media has been sitting on it (and other documents), declining to publish in fear of finding itself at odds with the government’s campaign against ‘foreign malign influence.’”
“I disagree. The dossier has been offered to me and I’ve decided to publish it because it’s of keen public interest in an election season,” wrote Klippenstein.