Microsoft security researchers say Iranian hackers attempted to hack into a US presidential candidate. The hackers also allegedly attempted to break into the accounts of journalists and high-ranking American officials.
Microsoft does not say in the investigation which presidential candidate it is. The attack would not have been successful, the researchers say. The attackers would come from a hacker group that Microsoft calls Phosphorous. The group is said to have made more than 2,700 attempts to discover the personal email accounts of Microsoft users. These included accounts the company said were part of a presidential campaign, government officials, journalists and prominent Iranians.
According to Microsoft, the attacks were barely successful. A total of 241 Microsoft accounts were attacked. Four accounts were eventually compromised, but they were not part of the presidential campaign. The attackers allegedly collected information about the targets and then used it to perform account resets. They also tried to collect phone numbers or other e-mail accounts to request password resets. Microsoft says the attacks are technically unintelligent, but that a lot of personal information was used to carry them out. ‘This indicates that Phosphorous is highly motivated and willing to invest a lot of money and resources into this information collection.’
The attack took place over a 30-day period in August and September. The research was conducted by Microsoft’s Threat Intelligence Center. “By sharing this we want to show that together with governments and the business community we are becoming more transparent about attacks by countries that disrupt the democratic process,” the company wrote. ‘We also want to protect others from attacks and encourage them to take steps to protect themselves.’