Three Iranian hackers linked to the IRGC indicted for a "hack-and-leak" campaign targeting the 2024 U.S. election to manipulate political outcomes

Continue reading
In a landmark cybercrime case, the U.S. Department of Justice (DOJ) has unsealed an indictment accusing three Iranian hackers of orchestrating a _"hack-and-leak"_ campaign.
This cyberattack was strategically aimed at manipulating the outcome of the 2024 U.S. presidential election.
Iranian nationals Masoud Jalili, Seyyed Ali Aghamiri, and Yaser Balaghi—affiliated with Iran's Islamic Revolutionary Guard Corps (IRGC)—are accused of hacking into the accounts of U.S. government officials, individuals tied to several U.S. political campaigns, and members of the media.
As per the DoJ, these cyberattacks were part of a larger Iranian effort to steal classified information about U.S. officials and manipulate the outcome of American elections.
In May 2024, after years of targeting former U.S. government officials, the hackers allegedly shifted their focus toward individuals associated with the Trump 2024 presidential campaign, as outlined in the indictment.

*WANTED POSTER*
The hackers successfully infiltrated the personal accounts of campaign officials, illicitly obtaining confidential campaign documents and sensitive emails.
By late June, the hackers initiated a _"hack-and-leak"_ operation, attempting to disseminate stolen materials to U.S. media outlets and individuals tied to the Biden campaign, with the intention of undermining Trump's 2024 presidential bid.
Between late June and early July, Iranian cyber actors sent unsolicited emails to individuals associated with President Biden's campaign.
These emails contained excerpts from stolen, non-public materials tied to Trump’s former campaign, according to a joint statement released by CISA, the FBI, and the Office of the Director of National Intelligence on September 18.
This _"hack-and-leak"_ campaign began in January 2020, deploying spear phishing and social engineering techniques to compromise high-profile targets.
By 2022, their operations expanded, targeting a former U.S. government official to steal personal information that would aid in identifying future victims.
The U.S. State Department has offered a $10 million reward for information on Jalili, Aghamiri, and Balaghi. Concurrently, the Treasury Department's Office of Foreign Asset Control (OFAC) has designated Jalili for his IRGC involvement, imposing sanctions to thwart foreign interference in U.S. elections.
Assistant Attorney General Matthew G. Olsen stated, _"Iran's hack-and-leak efforts are a direct assault on the integrity of our democratic processes."_

U.S. Army recruiting pages hijacked to display fake 404 errors reading ‘Kurdistan’, exploiting a third-party tool and exposing .mil web security gaps.