The U.S. Justice Department has unsealed charges against three Iranian nationals accused of orchestrating a sophisticated cyberattack targeting former President Donald Trump's 2020 campaign. The indictment, revealed on Friday, charges the trio, identified as members of Iran's Revolutionary Guard Corps, with hacking into Trump's campaign and stealing sensitive emails and documents, which they later tried to share with media outlets and Trump's political rivals, including Joe Biden's campaign.
The three individuals, Masoud Jalili, Seyyed Ali Aghamiri, and Yasar Balaghi, face multiple charges, including wire fraud, identity theft, and computer fraud. Their cyber operation, which took place between 2020 and 2022, represents a broader Iranian attempt to influence the U.S. presidential election. Attorney General Merrick Garland highlighted the seriousness of the situation during a news conference, saying, "We are seeing increasingly aggressive Iranian cyber activity during this election cycle." He emphasized that the United States would not tolerate foreign interference in its democratic processes.
The hackers allegedly used spear-phishing techniques to deceive Trump campaign officials into clicking on malicious links, enabling them to steal emails, debate preparation material, and other internal documents. According to the indictment, they then offered this information to media outlets and Biden's campaign, though there is no indication that these parties acted on the stolen data. Biden's team declined to engage with the material, underscoring the contrast to the 2016 election, during which hacked emails from the Clinton campaign were widely reported.
In addition to the criminal charges, the U.S. Treasury Department has imposed sanctions on the three Iranian nationals and other Revolutionary Guard Corps members. These actions are part of the Biden administration's broader effort to combat foreign interference in U.S. elections, a persistent concern since 2016. While the hackers currently reside in Iran and remain beyond the immediate reach of U.S. law enforcement, Garland warned, "We will follow these people for the rest of their lives."
The Justice Department's charges come amidst other allegations of Iranian interference and intimidation tactics on American soil. In recent weeks, a Pakistani man with ties to Iran pleaded not guilty to charges stemming from a plot to assassinate a U.S. politician in retaliation for the 2020 killing of Qassem Soleimani, Iran's top military commander.
This cyberattack is just one element of a broader pattern of foreign meddling in the 2024 election. U.S. officials have pointed to Russian and Chinese efforts to influence the election, each with its own strategic interests. While Russia is reportedly working to aid Trump's campaign, Iran appears to be focused on undermining him. Meanwhile, China is believed to be influencing local elections in ways that benefit Beijing's interests.
Matthew Olsen, head of the Justice Department's National Security Division, recently warned of an "unprecedented" level of foreign interference in the upcoming election. Olsen emphasized the shared goals of these foreign powers, which include sowing discord among Americans and eroding trust in the democratic process. "Foreign governments are seeking to undermine our democracy," Olsen said. "They're promoting their own authoritarian goals by exacerbating divisions within our country."
The indictment also underscores the use of sophisticated cyber tactics by Iran. A hacking group known as APT42, or "Charming Kitten," was identified as the cyber team behind the attack. According to cybersecurity experts, this group is known for using surveillance software to spy on individuals, recording calls, and gaining access to text messages. Their broader activities include targeting dissidents and defectors on U.S. soil, as well as threatening prominent American politicians.
