The U.S. filed criminal charges against a trio of operatives tied to Iran’s Islamic Revolutionary Guard Corps, alleging they carried out hacking activities aimed at disrupting the upcoming U.S. presidential election.
The allegations, unsealed Friday, say Masoud Jalili, Seyyed Ali Aghamiri and Yasar Balaghi carried out a yearslong hacking effort and were involved in a hack and leak operation against former president Donald Trump’s campaign this summer.
The Treasury Department on Friday also levied sanctions on several IRGC members, including Jalili.
The recent hacking activity, which first surfaced in early August, was initially attributed to Tehran, after the campaign flagged a Microsoft report released on Aug. 8 that found, in part, that hackers “sent a spear-phishing email to a high-ranking official of a presidential campaign from a compromised email account of a former senior advisor.”
The disclosures came after an individual reached out to at least three major news outlets offering to provide reporters with obtained internal campaign documents, including a vetting dossier on Trump running mate JD Vance, a Republican senator for Ohio.
The activity first began in May this year, the U.S. alleges. The indictment also references a recently-disclosed attempt by Iran to transmit non-public materials from the Trump campaign to people associated with President Joe Biden’s campaign during his now-ended run for reelection.
The Tehran-backed hackers are said to have used various tools and techniques to gain unauthorized access to protected U.S. computers, including static IP addresses from Iranian companies, VPNs to hide their location and spoofed login pages. They used social engineering, malware and cloud services to compromise accounts, and in some cases, maintained long-term access to these accounts, the charges say.
Iran’s foreign ministry did not immediately return a request for comment.
“You and your hackers can’t hide behind your keyboards. If you try to meddle in our elections, we’re going to hold you accountable,” FBI Director Chris Wray said in a video announcing the charges. “If you try to attack our infrastructure or commit violence against our citizens, we’re going to disrupt you. And as long as you keep attempting to flout the rule of law, you’re going to keep running into the FBI.”
News outlets have largely chosen not to publish the leaked Trump campaign dossier, citing a lack of news and the desire to not repeat patterns exhibited by the media industry when Russian operatives hacked and leaked documents from Hillary Clinton’s 2016 presidential campaign. Independent journalist Ken Klippenstein published the 271-page document this week on the Subtack platform. His account on X (formerly Twitter) was suspended after promoting links to the document.
Intelligence agencies say Iran, Russia and China are the three leading countries involved in U.S. election meddling this year. Russia has been tabbed by US authorities as the leading player in these efforts, which have involved state-run media accounts and disinformation operations.
Earlier this month, the U.S. accused Russia of running a multi-pronged campaign that targeted U.S. voters ahead of November’s presidential election, unveiling a slew of criminal charges, sanctions and the seizure of several internet domains to push back against the efforts.
The Trump presidency in 2017 became the center of controversy when the Justice Department launched an investigation into whether Russia interfered in the 2016 presidential election. Special Counsel Robert Mueller later determined Trump and his allies had encouraged the hack but that there was insufficient evidence to bring criminal charges against the former president.