Former President Donald Trump’s presidential campaign announced on Saturday that it has been hacked and suggested that Iranian actors may have been involved in the theft and distribution of sensitive internal documents.
While the campaign did not provide specific evidence linking Iran to the hack, the claim comes a day after Microsoft released a report detailing attempts by foreign agents to interfere in the 2024 U.S. presidential campaign. The report cited an incident in June where an Iranian military intelligence unit allegedly sent a spear-phishing email to a high-ranking official of a presidential campaign using a compromised email account of a former senior advisor.
Trump campaign spokesperson Steven Cheung attributed the hack to “foreign sources hostile to the United States.” A National Security Council spokesperson stated that any report of foreign interference is taken “extremely seriously” and condemned any government or entity attempting to undermine confidence in U.S. democratic institutions. The spokesperson deferred the matter to the Justice Department.
In response, Iran’s mission to the United Nations denied involvement, stating, “We do not accord any credence to such reports. The Iranian government neither possesses nor harbors any intent or motive to interfere in the United States presidential election.”
However, Iran has long been suspected of conducting hacking campaigns targeting its adversaries both in the Middle East and globally. Tehran has also repeatedly threatened retaliation against Trump for the 2020 drone strike that killed Revolutionary Guard Gen. Qassem Soleimani.
This past week, the U.S. Justice Department unsealed criminal charges against a Pakistani national with ties to Iran, who allegedly plotted assassination attempts against U.S. political figures, including Trump. The court documents noted Iran’s desire to avenge Soleimani’s killing and conduct operations against perceived enemies of the regime.
The hacking incident was first reported by Politico, which noted that it began receiving emails on July 22 from an anonymous AOL account identified only as “Robert.” The source shared what appeared to be a research dossier compiled by the Trump campaign on the Republican vice-presidential nominee, Ohio Sen. JD Vance, dated February 23—nearly five months before Trump selected Vance as his running mate.
“These documents were obtained illegally and are intended to interfere with the 2024 election and sow chaos throughout our democratic process,” Cheung stated. He referenced Microsoft’s report, which concluded that Iranian hackers had breached the account of a “high-ranking official” on a U.S. presidential campaign in June 2024, around the time Trump was selecting his vice-presidential nominee.
Cheung warned that “any media or news outlet reprinting documents or internal communications is doing the bidding of America’s enemies and playing into their hands.”
When asked about the campaign’s interactions with Microsoft on the matter, Cheung did not respond immediately. Microsoft declined to comment further beyond its blog post and report released on Friday.
In that report, Microsoft noted that foreign interference in the 2024 U.S. election has been gradually increasing, with initial activity by Russian actors, followed by more recent activity from Iranian sources. The analysis emphasized that Iranian cyber-enabled influence operations have been a consistent element in the last three U.S. election cycles, typically surfacing later in the election season and focusing more on cyberattacks aimed at election conduct rather than swaying voter opinions.
The report detailed that in June 2024, an Iranian military intelligence unit known as Mint Sandstorm sent a phishing email to an American presidential campaign via the compromised account of a former advisor. The email contained a fake forward with a hyperlink directing traffic through a domain controlled by the attackers before redirecting to the listed domain.
Vice President Kamala Harris’ campaign did not immediately respond to requests for comment regarding the reported hacking or the Democratic nominee’s cybersecurity protocols.
Source: AP
