• Vulnerable U
  • Posts
  • U.S. Indicts Three Iranians for Alleged Hack-and-Leak Operations

U.S. Indicts Three Iranians for Alleged Hack-and-Leak Operations

The Department of Justice has indicted three Iranian nationals for allegedly operating a long-running hacking campaign that has targeted government officials, media members, and others for several years, and recently evolved into a hack-and-leak scheme designed to undermine public confidence in the upcoming presidential election. 

What Happened: The indictment alleges that Masoud Jalili, Seyyed Ali Aghamiri, and Yaser Balaghi, all members of the Islamic Revolutionary Guard Corps, used spear phishing and social engineering techniques to gain access to the accounts of campaign officials, steal private information, and then distribute that information to media and officials from the rival presidential campaign. 

Why It Matters: The U.S. government has focused its efforts on identifying and disrupting the offensive hacking operations of Iranian state-backed actors for many years, and this indictment puts further pressure on those actors and demonstrates that the FBI and other agencies know who those actors are and are tracking their activities. Although the three men are unlikely to ever appear in a U.S. court, the indictment also makes the public aware of the ongoing activities by foreign actors working to influence U.S. sentiment and elections through hacking and other means. 

The Details: The indictment alleges that the three IRGC members:

  • Gained access to the personal accounts of officials associated with Donald Trump’s campaign through spear phishing and credential harvesting and then used that access to steal sensitive information

  • The actors then sent some of that information to people associated with President Biden’s campaign in June and July 2024

  • Maintained access to the email accounts of some former government officials to obtain sensitive information

The Department of State also issued a $10 million reward for information on Jalili, Aghamiri, and Balaghi, and the Office of Foreign Asset Control designated Jalili.

What the Government Said:  “These hack-and-leak efforts by Iran are a direct assault on the integrity of our democratic processes,” said Assistant Attorney General Matthew G. Olsen of the Justice Department’s National Security Division. “Iranian government actors have long sought to use cyber-enabled means to harm U.S. interests. 

Further Reading: