US media reported in the runup to the US midterm elections that an Iranian hacker group was posing a threat. According to the report, the group operates from the Iranian cybersecurity firm Emennet Pasargad on behalf of the Iranian government:
Oct 28, 2022 With the 2022 midterms now just days away, there are concerns that foreign actors could be working to undermine the U. S. elections process. This month, the FBI warned that an Iranian government-tied hacker group that previously tried to interfere in the 2020 election is currently active, and could pose a serious threat. The group is believed to operate from the Iranian cybersecurity firm Emennet Pasargad, and the group works at the behest of Tehran. The group has conducted a number of hack-and-leak cyber operations against Israeli interests, but also hacks organizations and leaks potentially sensitive material online using made-up “hacktivist” personas via social media. It also used many of those same techniques to target U. S. entities during the 2020 Presidential election. The group is believed to be behind a campaign that was meant to intimidate and influence American voters, and otherwise undermine voter confidence and sow discord. Though Tehran denied involvement in the campaign to influence the outcome of the 2020 election, the U. S. Department of Justice (DOJ) subsequently charged two Iranian nationals for their efforts to compromise voter registration in 11 states. In 2021, the Department of the Treasury also sanctioned the Iranian firm, along with six Iranians affiliated with it. According to the DOJ, the two individuals, Seyyed Mohammad Hosein Musa Kazemi and Sajjad Kashian, obtained confidential U. S. voter information from at least one state election website; sent threatening email messages to intimidate and interfere with voters; created and disseminated a video containing disinformation about purported election infrastructure vulnerabilities; attempted to access, without authorization, several states’ voting-related websites; and successfully gained unauthorized access to a U. S. media company’s computer network. The pair is believed to have carried out their efforts between August and November 2020.
Read the rest here.
In February, the Global Influence Operations Report (GIOR) reported that the State Department was offering was $10 million reward for information on two hackers who allegedly participated in an Iranian state-sponsored cyber operation targeting the 2020 US presidential election.