DOJ indicts Iranians for alleged Trump campaign ‘hack-and-leak’ scheme
The US Department of Justice has charged three Iranian nationals linked with a cyberattack against Donald Trump’s presidential campaign, according to an indictment on Friday.
The three hackers, all of whom have ties to Iran’s Islamic Revolutionary Guard Corps, allegedly gained access to the accounts of campaign officials using social engineering and spearphishing, a tactic that attempts to trick victims into disclosing sensitive information. They then used the hijacked accounts to steal non-public campaign documents and emails, which they shared with the press.
As outlined in the indictment, the US linked the hackers to an Iranian internet service provider, Respina Networks, which allegedly allowed them “unrestricted” internet access outside Iran. It also goes over how they used a commercial virtual private network (VPN) to create numerous phony domains like “tinyurl.ink” and “mailer-daemon.online” which they eventually used to mislead their victims.
You can read the full details in the indictment below.
While the indictment doesn’t mention which presidential candidate was the target of these cyberattacks, the Trump campaign confirmed last month that it had been hacked. The news outlets that received the stolen documents didn’t report on them, but this week, independent journalist Ken Klippenstein published a dossier on Vice Presidential candidate JD Vance allegedly sent by the hackers. He was later suspended from X.
The US is charging the three hackers with wire fraud, material support to a terrorist organization, and conspiracy to obtain information from protected computers. “These hack-and-leak efforts by Iran are a direct assault on the integrity of our democratic processes,” Assistant Attorney General Matthew G. Olsen of the Justice Department’s National Security Division said in the press release. “Iranian government actors have long sought to use cyber-enabled means to harm U.S. interests.”
The US Treasury Department is offering a reward of up to $10 million for information on the three hacking suspects.