A ‘threat group’ believed to originate in Iran has attacked some 241 email accounts, including some associated with a US presidential campaign and current and former US officials, according to Microsoft.
The hacking group, dubbed “Phosphorous,” used personal information gathered by researching the targets, including phone numbers, to game password reset and account recovery features and gain entry into their email accounts, Microsoft reported on Friday.
While the attacks were “not technically sophisticated,” they still managed to compromise four of the targeted accounts – though not, Microsoft stressed, any of those associated with presidential campaigns or government officials.
Between August and September, Phosphorous made over 2,700 attempts to identify targets’ email accounts and then attacked 241 of them, Microsoft claims. In addition to government figures, they went after journalists and prominent Iranian expats. The amount of personal information used suggests the hackers are “highly motivated and willing to invest significant time and resources” gathering information, the company warned.
Microsoft believes Phosphorous is connected to the Iranian government, though the company did not explain how it reached that conclusion, and that they are operating from within Iran.
The company also took the opportunity to advertise its AccountGuard software, which monitors sign-in efforts and password resets, and its “Defending Democracy Program,” including ElectionGuard – a “cybersecurity toolkit” developed in partnership with a defense contractor owned by the Pentagon to “secure” democratic elections. The latter has raised eyebrows from privacy advocates who don’t believe the Pentagon has any business “protecting” the vote.
If you like this story, share it with a friend!