F.B.I. Investigating Efforts to Infiltrate Presidential Campaigns, Possibly by Iran
The F.B.I. said on Monday that it was investigating what appeared to be the hacking of the Trump campaign and an effort to gain access to the accounts of top Democrats in a cyberattack possibly originating from Iran, according to a senior law enforcement official.
In a brief statement, an F.B.I. spokeswoman confirmed that the bureau was investigating “a campaign cyberintrusion,” days after former President Donald J. Trump said Iran had targeted his campaign. The bureau did not specifically name Iran or Mr. Trump. Nor did the bureau address the extent of the breach or the possibility that it encompassed other campaigns or political figures.
But investigators are also looking into an attempt to infiltrate accounts associated with the Democrats’ presidential campaign, according to the law enforcement official with knowledge of the situation. The timing of the attempt was unclear, though the official added that there was no indication that the effort had succeeded. Vice President Kamala Harris’s team, which carefully monitors cyberthreats, is not aware of any breach to its systems, according to a campaign official who spoke on the condition of anonymity to discuss security arrangements.
On Friday, Microsoft said a hacking group affiliated with Iran’s Islamic Revolutionary Guard Corps had infiltrated the account of a former top aide to an unnamed presidential campaign. Mr. Trump’s longtime adviser Roger J. Stone said Microsoft contacted him a few months ago, saying that his Hotmail email account had been compromised and that it believed the culprit to be Iran, he said in a phone interview on Monday evening.
A few weeks later, he got a call from the F.B.I. that his Gmail account had also been hacked — and the bureau believed that his account had been used by malign actors to successfully gain access to the internal communications of other people in Mr. Trump’s political operation, Mr. Stone added.
The F.B.I. has repeatedly warned about foreign countries meddling in the upcoming election, including using artificial intelligence to spread misinformation. It has singled out Iran, China and Russia in particular. Russia has a long history of trying to sow chaos in American elections, targeting the Democratic National Committee in 2016.
In a statement, Iran’s mission to the United Nations denied the accusations. “The Iranian government neither possesses nor harbors any intent or motive to interfere in the United States presidential election,” it said.
The scope of the breach of the Trump campaign remains unclear, but investigators anticipate further attempts by the hackers to disseminate other materials, officials said. The material sent to news organizations like The New York Times included research and planning documents.
Phishing attacks, of the type used in the Trump breach, tend to be broad-based efforts using a large volume of emails containing malicious links. It takes only one or two of the recipients to click on a link to precipitate a major intrusion.
Microsoft said that the hacking group believed to be behind the breach, Mint Sandstorm, used a compromised account to send fake emails to worm into the campaign’s own accounts and databases in an effort to disrupt and delegitimize the democratic process.
On Saturday, Mr. Trump asserted that hackers had collected only publicly available information. “We were just informed by Microsoft Corporation that one of our many websites was hacked by the Iranian Government — Never a nice thing to do!” he wrote on his social media site.
His disclosure came after news outlets, including Politico, reported receiving a trove of internal campaign documents from an anonymous AOL account whose only identity was the name Robert. Among the records was a lengthy dossier assessing the candidacy of Mr. Trump’s running mate, Senator JD Vance of Ohio.
The New York Times also received what appears to be a similar, if not the same, set of information.
Iran’s effort to infiltrate Mr. Trump’s campaign comes after warnings that the country was plotting to kill the former president. In 2020, Mr. Trump authorized a drone strike in Iraq that killed Maj. Gen. Qassim Suleimani, the commander of the Quds Force, a secretive wing of the Revolutionary Guards that is responsible for external operations.
Last week, the Justice Department charged a Pakistani man with ties to Iran with trying to hire someone to kill political figures in the United States, including potential targets such as Mr. Trump.
That Mr. Stone, a fiery provocateur who came of age in the rough-and-tumble Nixon era of Republican politics, seems to have been the inadvertent conduit for a serious breach of Mr. Trump’s cybersecurity is noteworthy.
In 2016, Mr. Stone was among a group of senior Trump advisers who sought to maximize on social media the damage inflicted on Hillary Clinton’s presidential campaign by the WikiLeaks hack of Democratic National Committee officials and others on the Clinton team.
Mr. Stone was later convicted of lying to Congress in connection with the investigation into Russian efforts to undermine Mrs. Clinton and the role they said he played as an intermediary between the campaign and WikiLeaks. Mr. Stone maintained his innocence and denied involvement. Mr. Trump pardoned him shortly before leaving office.
“I’m cooperating in every way,” Mr. Stone said on Monday about his current interactions with federal investigators.
