Recent claims by former president Donald Trump that he was hacked by Iran are true, according to a confirmation from Google. The mega-company, which provides email, cloud storage, and what seems like a zillion other services, said both Trump’s campaign and the campaign of Vice President Kamala Harris were digitally broken into by Iranian operatives.
On August 13, Harris’ campaign said that “foreign hackers” had targeted her campaign’s stored information, just a few days after the Trump camp said the same. Major media including Politico and the New York Times received private documents from the Trump campaign by an anonymous individual calling himself only “Robert.” Surprisingly, the outlets did not share the contents of these sensitive materials, but reported on the hacking and only described them in general terms.
It is not clear whether media organizations received comparable insider documents from the Harris campaign; the Harris camp said they’re not aware of the thieves actually getting their hands on any information despite the fact that they did digitally intrude.
Google released a “threat report” on August 13 confirming that a group allied with the Islamic Revolutionary Guard Corps in Iran was behind the break-ins. The group is known as APT42, and has been targeting highly placed officials in both Israel and the U.S. In addition, Google says APT42 is continually trying to break into personal online accounts of people with a relationship to President Joe Biden, Kamala Harris, and Donald Trump.
How do they go about it? Google says APT42 uses commonly known tactics including “phishing.” That’s the practice of posing as someone or some organization known to the target. Hackers do this in order to dupe victims into giving out information that will allow the thieves digital access to the target’s private files. They try to get things like usernames and passwords that will open up a target’s Gmail or Google Drive accounts, for example.
A popular way to do this is for thieves to set up fake websites that look just like the sites for a bank or legitimate organization. The unsuspecting victim then “logs in” after getting an email “from the organization.” And then boom, the hackers have their usernames and passwords.
This is not the first time Google has come up against APT42. The information giant said it foiled several attempted break-ins by the group into the 2020 presidential campaigns of Joe Biden and Donald Trump.