Russian, Chinese and Iranian Hackers Target Trump and Biden Campaign Associates
Hackers from China and Iran are targeting people working on the 2020 election campaigns of both President Donald Trump and Joe Biden, while the same Russian military hackers who interfered with the 2016 Democratic campaign are also involved.
"(It is) clear that foreign activity groups have stepped up their efforts targeting the 2020 election as had been anticipated, and is consistent with what the US government and others have reported," warned Microsoft in a blog.
The Iranian hacker group, known as Phosphorus, attacked the email accounts of some of those associated with Trump's campaign, while the group from China, Zirconium, attacked the Biden campaign via the personal email accounts of people working with the campaign.
"(Zirconium) has also targeted at least one prominent individual formerly associated with the Trump Administration," said Microsoft.
The attacks on both campaigns were unsuccessful.
The Russian group, Strontium, has attacked more than 200 election-related organizations in the US and Europe, including consultants serving the Republicans and Democrats, the German Marshall Fund of the United States, the European People's Party, and political parties in the UK.
With Strontium's history going back to the 2016 election, Microsoft has been watching them closely.
"Similar to what we observed in 2016," said Microsoft, "Strontium is launching campaigns to harvest people’s log-in credentials or compromise their accounts, presumably to aid in intelligence gathering or disruption operations."
The Chinese hackers have also attacked non-campaign 'targets', including those in the international affairs community and academics in international affairs from more than 15 universities.
+ + +
Thanks for visiting SecAlerts and reading this story. We offer a free weekly CVE alert service, or an hourly service from $US20/mth, both of which include software updates and news relating to your software stack. Join more than 1,300 other users and sign up.
. . .
If you want to stay notified of vulnerabilities that affect you, register for a weekly security report customised to your stack.