Google has revealed that Iranian-backed hackers are targeting the election campaigns of Democratic presidential candidate Kamala Harris and her Republican opponent Donald Trump. A report from Google regarding cyber threats indicated that a hacking group known as APT42, linked to the Iranian Revolutionary Guard, has attempted to breach high-profile individuals and organizations in both Israel and the U.S., including government officials and election campaigns.
Harris's campaign announced on Tuesday that it had been targeted by foreign hackers, just days after Trump's campaign claimed it had been hacked by Iran. A Harris campaign official stated, "In July, our legal and security teams informed the FBI that we were a target of foreign influence operations."
The report mentioned that Google's threat analysis division is still monitoring failed attempts by APT42 to hack the personal accounts of individuals linked to President Joe Biden and Vice President Harris, in addition to Trump. The hacking group operates by gathering information on targets and devising phishing schemes to deceive victims into revealing their account passwords, such as for Gmail accounts.
The report provided examples of this, including hackers posing as research organizations or trustworthy contacts to lure victims into fake video meetings, where a password is required to log in to participate. While the hackers employ various intrusion techniques, some choose "social engineering" methods that prompt victims to click on a malicious link or log into a replica of a legitimate webpage.
Google noted that it thwarted APT42's attempts to hack the Biden and Trump campaigns in 2020. According to the report, the list of targets for the Iranian hacking group in May and June of this year included attempts to breach the personal email accounts of around ten individuals close to Biden or Trump, but those were blocked by Google. The company also stated that the group hacked a personal Gmail account of a prominent political advisor.
It affirmed, "APT42 is an advanced and persistent threat that shows no signs of stopping its attempts to target users and is deploying new tactics." It added, "In the spring and summer, they demonstrated the capability to conduct multiple phishing campaigns simultaneously, with a particular focus on Israel and the United States."
Google urged at-risk individuals connected to the upcoming elections to remain vigilant and take advantage of the intensive defenses provided by the company. On Monday, the U.S. State Department warned Iran about the consequences of any interference in the elections after Trump's campaign announced it had been hacked. Trump's campaign accused Iran on Saturday of being behind the hacking and distribution of documents related to J.D. Vance, the Republican vice presidential candidate. The campaign warned the media against using these documents, stating that such actions serve "America's enemies."