Feds charge 3 Iranians with 'hack-and-leak' of Trump 2024 campaign

The US Department of Justice has charged three Iranians for their involvement in a "wide-ranging hacking campaign" during which they allegedly stole massive amounts of materials from Donald Trump's 2024 presidential campaign and then leaked the information to media organizations.

The 18-count indictment [PDF], unsealed on Friday, accuses Masoud Jalili, Seyyed Ali Aghamiri, and Yasar Balaghi with multiple crimes, including wire fraud, identity theft, conspiracy to provide material support to a terrorist organization, and conspiracy to compromise computer systems.

All three are allegedly members of Iran's Islamic Revolutionary Guard Corps (IRGC), and have been accused of using "spear phishing and social engineering techniques to target and compromise the accounts of current and former US government officials, members of the media, non-governmental organizations, and individuals associated with US political campaigns," according to the court documents.

In May, after "several years" of compromising US government officials' email accounts, the Tehran-backed trio gained access to the personal inboxes of people working for a "US presidential campaign," the indictment alleges.

They then used this unauthorized access to steal "non-public campaign documents and emails," and by June began leaking these purloined papers to members of the media and the Biden campaign, it is claimed. Politico, The New York Times, and The Washington Post were offered pilfered documents to publish, and declined to do so.

While the court documents don't name any of the campaign-related victims of this alleged "hack-and-leak operation," it's clear from earlier reporting and the FBI's previous advisory that "US Presidential Campaign 1" is Team Trump. The campaign-related victims whose personal email accounts were compromised, according to the indictment, are:

• A former informal political consultant to Trump. This likely refers to Roger Stone, who previously said his personal email accounts had been broken into.
• Two current Trump campaign officials.
• An attorney representing Trump.
• A former US Department of State official and Trump advisor.

As recently as this month, the Iranians seemingly still had a presence in these compromised inboxes, according to the court documents. There is also separate evidence that intruders were still within the Trump campaign's email accounts this month.

According to the Feds, the stolen campaign documents included "debate preparation materials, materials regarding US Presidential Campaign 1's potential vice-presidential candidates, and email communications with US Victim 14," which is the former State Department official. This also seems to indicate the recently leaked JD Vance dossier was included in the stolen goods offered to various journos.

That dossier is a 271-page opposition research file on Vance, which was published by an independent journalist on his website after obtaining the document.

Incidentally, Elon Musk's X (formerly Twitter) has blocked links to that leak and suspended the account of the journo. We note that after social networks halted the spread of the New York Post's story in 2020 about the contents of Hunter Biden's laptop, Musk in 2022 tweeted: "Suspending the Twitter account of a major news organization for publishing a truthful story was obviously incredibly inappropriate."

• Iran's cyber-goons emailed stolen Trump info to Team Biden – which ignored them
• Iran named as source of Trump campaign phish, leaks
• Trump campaign cites Iran election phish claim as evidence leaked docs were stolen
• Iran's Pioneer Kitten hits US networks via buggy Check Point, Palo Alto gear

Back on track, in a call with reporters today, the FBI declined to comment when your vulture asked agents to confirm that the JD Vance papers were among those stolen and leaked by the Iranians.

And when asked how sure the US government is that the Iranians are off the networks and out of email inboxes of US political candidates, a senior FBI official told us: "You can never be fully confident that you have eradicated them from an environment, and so we remain fully engaged with the victims in this case, which include presidential campaigns as well as individuals associated with those campaigns."

'Brazen behavior'

"Today's charges," FBI Director Christopher Wray said separately in a video statement, "represent the culmination of a thorough and long-running FBI investigation that has resulted in the indictment of three Iranian nationals for their roles in a wide-ranging hacking campaign sponsored by the government of Iran.

"The conduct laid out in the indictment is just the latest example of Iran's brazen behavior. So today the FBI would like to send a message to the government of Iran – you and your hackers can't hide behind your keyboards."

In addition to the criminal charges, the State Department has offered a $10 million reward for information about the three Iranian men, and the Treasury Department released new sanctions targeting seven individuals linked to the hacking effort. ®