On Friday, Microsoft disclosed that it had found evidence that a group of hackers originating from Iran attempted to access email accounts belonging to a 2020 presidential candidate.
In its blog post announcing the discovery, Microsoft declines to name the targeted presidential candidate, but it affirms that their account was not compromised by the threat group the company refers to as Phosphorous. CNBC later reported that the Donald Trump 2020 campaign suffered the cyberattack. However, Tim Murtaugh, the Trump campaign’s communications director told The Verge, “We have no indication that any of our campaign infrastructure was targeted.”-
The campaign was only one out of a group of accounts the Iranian hackers attempted to compromise within a 30-day period between August and September of this year. Microsoft says that its threat intelligence center observed the group making over 2,700 attempts to identify email accounts and then go on to “attack” 241 of them.
“The targeted accounts are associated with a U.S. presidential campaign, current and former U.S. government officials, journalists covering global politics and prominent Iranians living outside Iran,” Tom Burt, Microsoft’s vice president of customer security and trust, said. “Four accounts were compromised as a result of these attempts.”
According to Microsoft, Phosphorous attempted to obtain access to the secondary email accounts linked to the Microsoft ones in order to break into them. They also would try to steal the phone numbers associated with the users. Burt said that the attacks weren’t “technically sophisticated,” but “they attempted to use a significant amount of personal information” belonging to their targets.
Updated at 10/4/2019 at 3:46 p.m.: Updated to include reporting from CNBC.
Updated at 10/4/2019 at 4:56 p.m.: Added Trump campaign statement.