U.S. prosecutors have charged three Iranians for allegedly being behind the hack of a presidential campaign.
The trio worked with the Islamic Revolutionary Guard Corps, which is part of the Iranian Armed Forces, according to U.S. officials.
The scheme started around January 2020 and initially targeted both former and current U.S. officials before turning to a presidential campaign in or around May 2024, prosecutors say.
The hackers used sophisticated techniques in their operation, including fake email accounts that impersonated well-known people and groups, according to charging documents. They used the accounts to send emails to people and would gain access to the people’s computers if they opened the messages. The technique is known as phishing or spear phishing.
“Upon a successful compromise, the conspirators often used their resulting unauthorized access to such victim computers and accounts to send new spear phishing emails to additional victims, leveraging those additional victims’ misplaced trust in the compromised sending email accounts,” an indictment reads. “After obtaining unauthorized access to victim computers and accounts, the conspirators would also steal data from those accounts.”
Jalili, Aghamiri, and Balaghi have been charged with conspiracy to obtain information from a protected computer, wire fraud, and other counts.
They do not have a lawyer listed on the court docket.
All three of the men live in Iran and it’s not clear whether they'll ever be brought to the United States to face charges, although the Department of Justice will pursue them “endlessly,” Attorney General Merrick Garland told a briefing on Friday.
Indictments against foreign actors have several purposes, he said.
“One, and maybe the most significant, is alerting the American people to these kinds of false personas, these kinds of hacking information, these kinds of production of propaganda so the American people can see what’s out there on the Internet and can evaluate it appropriately knowing that it’s a foreign malign influence,” he said.
The scheme was expanded in June to an operation seeking to distribute the stolen campaign material by leaking it to reporters and another presidential campaign, prosecutors say.
Garland said the currently available evidence does not indicate that any people associated with a campaign replied to the hackers.
News outlets have reported receiving some of the material but only described and did not publish it, except for one independent reporter, who posted one of the documents on his website on Thursday.
