Microsoft said in a blog post Friday that hackers linked to the Iranian government made more than 2,700 attempts to access email addresses belonging to a 2020 U.S. presidential candidate, government officials, journalists and prominent Iranians living abroad.
The hackers, identified in the post as "Phosphorus" targeted the presidential candidate's email account as well as 240 others during a 30-day period between August and September this year. According to the tech giant, "the Microsoft Threat Intelligence Center (MSTIC) observed Phosphorus making more than 2,700 attempts to identify consumer email accounts belonging to specific Microsoft customers and then attack 241 of those accounts. The targeted accounts are associated with a U.S. presidential campaign, current and former U.S. government officials, journalists covering global politics and prominent Iranians living outside Iran."
Citing two officials with knowledge of the matter, the New York Times reported the email address belonging to the presidential candidate hackers attempted to gain access was President Donald Trump's.
Microsoft says four of the 241 accounts were compromised as a result of the hackers' efforts, but none of those were associated with the U.S. presidential campaign or any current or former U.S. government officials. The customers whose emails compromised in the attack have been notified by Microsoft and the company is working with them to secure their accounts.
The hackers used information gathered online after researching their targets using that to game password reset or account recovery features. In one example, the hackers would try to first gain access to a secondary email account linked to the Microsoft account they were targeting, and then use that to gain access by using verification sent to the secondary accounts. Other attempts involved using the target's phone numbers in authenticating password resets.
"While the attacks we’re disclosing today were not technically sophisticated, they attempted to use a significant amount of personal information both to identify the accounts belonging to their intended targets and in a few cases to attempt attacks," Microsoft wrote.
The company says the effort by hackers were reflective that the group was "highly motivated" and willing to "invest significant time and resources" to take over their target's email accounts.
Hackers all over the world, including Russia and North Korea have been targeting organizations and others who are working closely with presidential candidates, security researchers and intelligence officials.
Photo: Getty Images