- Home
- China
- World
- Europe
- Politics
- Business
- Opinions
- Tech & Sci
- Culture
- Sports
- Travel
- Nature
- Picture
- Video
- Live
- TV
- Specials
Share
Copied
Microsoft said Friday that hackers linked to the Iranian government targeted a U.S. presidential campaign, as well as government officials, media targets and prominent expatriate Iranians.
Overall, the hackers attempted to penetrate 241 accounts — four successfully — though none of those penetrated was associated with presidential campaigns or current or past U.S. officials, Microsoft said. A company spokeswoman declined to identify those targeted, citing customer privacy.
Trump's official campaign website is the only one of the remaining major contenders' sites that is linked to Microsoft's cloud email service, according to an inspection of publicly available mail exchanger records, Reuters reported.
VCG Photo
The U.S. Department of Homeland Security said it was working with Microsoft to "assess and mitigate impacts." Chris Krebs, director of the department's Cybersecurity and Infrastructure Security Agency, said much of the activity is likely "run-of-the-mill" foreign intelligence service work.
In a blog post released Friday, Microsoft's Tom Burt, corporate vice president for customer security and trust, said that owners of four accounts that were compromised by the hackers have been notified. The company would not identify those accounts.
The attacks by a group Microsoft calls Phosphorous occurred during a 30-day period between August and September.
Burt said the Iranian hackers used password reset and account recovery features to try to take over accounts. For example, they gathered phone numbers belonging to targets to help with a password reset. In other cases, they tried to get into secondary email accounts that might be linked to the Microsoft account to gain access via a verification email.
The hackers researched their targets, making more than 2,700 attempts to identify emails belonging to a specific Microsoft customer. A spokeswoman declined to provide more details.
Department of Homeland Security workers listen to the talk at the National Cybersecurity and Communications Integration Center. /VCG Photo
The company has previously taken legal steps to combat Iran-linked hackers, suing them in federal court in Washington, D.C., so Microsoft could take control of websites Phosphorous used to conduct hacking operations and to stop attacks.
In July, Microsoft announced that it had detected more than 740 infiltration attempts by nation-state actors in the past year targeting U.S.-based political parties, campaigns and other democracy-focused organizations including think tanks and other nonprofits.
The company declined to name or further characterize the targets or the actors. It said at the time that such targeting had similarly occurred in the early stages of the 2016 and 2018 elections.
(With input from AP)