Government officials in the U.S. are sounding the alarm over new reports of election meddling by Iran.
A joint report from the Cybersecurity and Infrastructure Security Agency, the FBI and Office of the Director of National Intelligence claims that hackers aligned with the Iranian regime have already sought to infiltrate the campaigns of both major presidential candidates.
“Iran seeks to stoke discord and undermine confidence in our democratic institutions,” the warning reads.
“Iran has furthermore demonstrated a longstanding interest in exploiting societal tensions through various means, including through the use of cyber operations to attempt to gain access to sensitive information related to U.S. elections.”
According to the trio of agencies, the Iranian activity has gone beyond simply trying to spam social media with disinformation or spread misleading emails. Rather, they said sophisticated hacking teams have sought to plant malware and steal credentials of accounts and systems that would provide them with internal access to both candidates inner networks.
“In addition to these sustained efforts to complicate the ability of any U.S. administration to pursue a foreign policy at odds with Iran’s interests, the IC has previously reported that Iran perceives this year’s elections to be particularly consequential in terms of the impact they could have on its national security interests, increasing Tehran’s inclination to try to shape the outcome,” the notice read.
“We have observed increasingly aggressive Iranian activity during this election cycle, specifically involving influence operations targeting the American public and cyber operations targeting presidential campaigns.”
The U.S. government is not the only party to notice an infiltration from Iranian threat actors. A report from Recorded Future and Insikt Group identified the offending group as "GreenCharlie," an advanced persistent threat (APT) operation that is said to be linked to the intelligence operation of the Islamic Revolutionary Guard Corps.
Foreign meddling in U.S. elections is nothing new. Dating back to the contentious 2016 election, it was known that foreign intelligence agencies and their hacking group affiliates were seeking to directly infiltrate the campaigns of prominent politicians and agencies in an effort to tip the scales on various closely fought elections through disinformation campaigns and more direct forms of espionage, including data theft.
In this case, the researchers believed that the GreenCharlie group has been active since at least 2024, both setting up the backbone for the hacking campaign and spreading spear phishing emails.
“Iranian IP addresses were identified communicating with GreenCharlie infrastructure, which is likely part of the operation’s spearphishing component,” the report reads.
“GreenCharlie’s victimology includes research and policy analysts, government officials, diplomats, and high-value strategic targets. While Insikt Group has not identified direct evidence of the targeting of US government and political campaign officials, open-source reporting has enabled us to establish a credible link.”
