On Saturday, former President Donald Trump’s presidential campaign said its website had been hacked and insinuated that Iranian actors were involved in the theft and distribution of sensitive internal documents.
The campaign did not provide specific evidence of Iranian involvement, but the claim comes a day after Microsoft released a report detailing attempts by foreign actors to interfere in the U.S. campaign in 2024.
He cited an instance in which an Iranian military intelligence unit in June sent “a spear-phishing email to a high-ranking presidential campaign official from a compromised email account of a former senior adviser.”
Trump campaign spokesman Steven Cheung attributed the attack to “foreign sources hostile to the United States.” A spokesperson for the National Security Council said in a statement that it takes “extremely seriously” any reports of improper foreign interference and condemns any government or entity that attempts to undermine confidence in U.S. democratic institutions, but said it had referred the matter to the Justice Department.
Iran’s mission to the United Nations, when asked about the Trump campaign’s claims, denied involvement. “We do not give any credence to these reports,” the mission told The Associated Press. “The Iranian government does not have or harbor any intent or motive to interfere in the United States presidential election.”
However, Iran has long been suspected of conducting hacking campaigns targeting its enemies in the Middle East and beyond. Tehran has also long threatened to retaliate against Trump for the 2020 drone strike he ordered that killed prominent Revolutionary Guard general Qassem Soleimani.
Last week, the U.S. Department of Justice unsealed criminal charges against a Pakistani national with ties to Iran, who is accused of plotting assassination attempts against political figures in the United States, potentially including Trump, and seeking to hire would-be hitmen who were actually undercover law enforcement officers. Court documents in that case pointedly underscored Iran’s desire to conduct operations against perceived enemies of the regime and avenge Soleimani’s killing.
Politico first reported the hack Saturday. The outlet said it began receiving emails on July 22 from an anonymous account. The source, an AOL email account identified only as “Robert,” forwarded what appeared to be a research dossier the campaign had apparently done on Republican vice presidential nominee Sen. J.D. Vance of Ohio. The document was dated Feb. 23, nearly five months before Trump picked Vance as his running mate.
“These documents were obtained illegally” and “were intended to interfere with the 2024 elections and sow chaos in our democratic process,” Cheung said.
He pointed to a Microsoft report released Friday and its findings that “Iranian hackers broke into the account of a ‘high-ranking official’ of the U.S. presidential campaign in June 2024, which coincides with the close timing of President Trump’s selection of a vice presidential candidate.”
“The Iranians know that President Trump will end their reign of terror, just as he did in his first four years in the White House,” Cheung said, adding a warning: “Any media outlet or news organization that republishes internal documents or communications is doing the bidding of America’s enemies and doing exactly what they want.”
Cheung did not immediately respond to questions about the campaign’s interactions with Microsoft on the matter. Microsoft said Saturday it had no comment beyond its blog post and Friday’s report.
In that report, Microsoft said that “foreign malign influence surrounding the 2024 U.S. election started slowly but has steadily accelerated over the past six months driven initially by Russian operations, but more recently by Iranian activity.”
The analysis continues: “Iranian cyber-enabled influence operations have been a consistent feature of at least the last three U.S. election cycles. Iran’s operations have been notable and distinguishable from Russian campaigns by appearing later in the election season and by employing cyberattacks geared more toward election conduct than voter influence.”
“Recent activity suggests that the Iranian regime, along with the Kremlin, may be equally engaged in the 2024 elections,” Microsoft concluded.
Specifically, the report detailed that in June 2024, an Iranian military intelligence unit, Mint Sandstorm, sent a phishing email to a U.S. presidential campaign via a compromised account of a former adviser.
“The phishing email contained a fake forward with a hyperlink that routes traffic through a domain controlled by the actor before redirecting it to the listed domain,” the report states.
Vice President Kamala Harris’s campaign did not immediately respond to a request for comment on the alleged hack or the Democratic nominee’s cybersecurity protocols.