The cybercriminal group, presumably with the Iranian government standing behind them, tried to interfere in the election campaign of US President Donald Trump. Iranian hackers are going to attack the President’s campaign.
Microsoft experts reported about malicious actions. Sources familiar with the situation said that the operation against attackers was unsuccessful.
According to Microsoft, on Friday experts recorded increased cyber activity of the aforementioned group. Earlier, these government hackers had already attacked former and current US officials, covering the politics of journalists, as well as prominent Iranians living outside the country.
“Today we’re sharing that we’ve recently seen significant cyber activity by a threat group we call Phosphorus, which we believe originates from Iran and is linked to the Iranian government. It is important that we all – governments and private sector – are increasingly transparent about nation-state attacks and efforts to disrupt democratic processes”, — say in Microsoft.
The group got the name “Phosphorous”, its members in the 30-day period more than 2700 times tried to calculate email accounts belonging to specific people. As a result, attackers attacked 241 accounts.
The group was able to compromise four e-mail accounts, but Microsoft assured that these accounts were not connected with US officials.
“Microsoft notified all affected users, and also took measures to protect hacked accounts”, – writes the tech giant.
The blog of the American corporation does not specify the specific government campaign that the Phosphorous hackers tried to attack.
Experts also noted that the attacks of Iranian cybercriminals were not particularly sophisticated.
Hackers simply used the extracted personal information. Phosphorus is also known as APT 35, Charming Kitten and Ajax Security Team. Iranian authorities have not yet commented on the statement by Microsoft.
There are also a range of steps customers can take to help secure their consumer accounts. We strongly encourage all customers to enable two-step verification on their accounts which can be done in Account Security settings.
People can also periodically check their login history, and we recommend this for journalists, political campaigns staff, and others interested in assuring account security. These logs are made available through the Account Security Sign-In Activity tab.