Skip to main content

Iranian hacker group focuses on US election websites, media, ahead of vote, Microsoft says

1 min

An Iranian hacking group is actively scouting U.S. election-related websites and American media outlets as election day nears, according to a new Microsoft blog published on Wednesday. Researchers say the activity suggests "preparations for more direct influence operations."

Iran's mission to the United Nations did not immediately respond to a request for comment © Mena Today 

An Iranian hacking group is actively scouting U.S. election-related websites and American media outlets as election day nears, according to a new Microsoft blog published on Wednesday. Researchers say the activity suggests "preparations for more direct influence operations."

The hackers – dubbed Cotton Sandstorm by Microsoft and linked to Iran's Islamic Revolutionary Guard Corps – performed reconnaissance and limited probing of multiple "election-related websites" in several unnamed swing states, the report notes. In May, they also scanned an unidentified U.S. news outlet to understand its vulnerabilities.

"Cotton Sandstorm will increase its activity as the election nears given the group's operational tempo and history of election interference," researchers wrote. The development is particularly concerning because of the group's past efforts.

Iran's mission to the United Nations did not immediately respond to a request for comment. In recent past comments, they denied any involvement in 2024 election-related hacking activity.

In 2020, Cotton Sandstorm launched a different cyber-enabled influence operation shortly before the last presidential election. Posing as the right-wing "Proud Boys," the hackers sent thousands of emails to Florida residents, threatening them to "vote for Trump or else!".

The group also released a video on social media, purporting to come from hacktivists, where they showed them probing an election system. While that operation never affected individual voting systems, the goal was to cause chaos, confusion and doubt, senior U.S. officials said at the time.

Following the 2020 election, Cotton Sandstorm also ran a separate operation that encouraged violence against U.S. election officials who had denied claims of widespread voter fraud, Microsoft said.

The Office of the Director of National Intelligence, which is coordinating the federal effort to defend the election from foreign influence, did not immediately respond to a request for comment.

By Christopher Bing and A.J. Vicens

Related

Syria

Foreign armies in Syria and how they came to be there

The resurgence of fighting in Syria has brought into focus the role of foreign powers in the country. Turkey, Iran, Russia and the United States have all deployed troops in Syria since 2011, while Israel mounts frequent airstrikes in Syrian territory.

Subscribe to our newsletter

Mena banner 4

To make this website run properly and to improve your experience, we use cookies. For more detailed information, please check our Cookie Policy.

  • Necessary cookies enable core functionality. The website cannot function properly without these cookies, and can only be disabled by changing your browser preferences.