FBI probing alleged Iran hack attempts targeting Trump, Biden camps

The FBI is investigating suspected hacking attempts by Iran targeting both a Trump associate and advisers to the Biden-Harris campaign, according to people familiar with the matter, as the agency formally acknowledged Monday it has opened a high-stakes national security investigation months before Election Day.

Three staffers on the Biden-Harris campaign received spear phishing emails that were designed to appear legitimate but could give an intruder access to the recipients’ communications, according to people familiar with the matter who spoke on the condition of anonymity to describe a sensitive investigation. So far, investigators have not found evidence that those hacking attempts were successful, these people said.

The FBI began the investigation in June, suspecting Iran was behind the attempts to steal data from two U.S. presidential campaigns. Agents contacted Google, among other companies, to discuss what appeared to be a phishing effort targeting people associated with the Biden campaign, these people said.

The new details show the investigation is broader and involves more potential victims than previously known. It also underscores the degree to which hacking by foreign nations targeting U.S. political candidates may simply be a recurring feature of politics in the digital age. U.S. officials concluded that Russia interfered in the 2016 presidential election to help Donald Trump, including by hacking and releasing internal emails and documents from Democrats.

“We can confirm the FBI is investigating this matter,” the agency said in a brief statement. On Saturday, the FBI said only that it was aware of media reports of an alleged hack. The Trump campaign said it had been hacked after reporters received copies of an internal campaign vetting document on Sen. JD Vance (R-Ohio), Donald Trump’s running mate.

An official with the Harris campaign said it “vigilantly monitors and protects against cyberthreats, and we are not aware of any security breaches of our systems.” The attempted intrusion took place before President Joe Biden announced that he would not stand for reelection and endorsed Vice President Kamala Harris, now the Democratic nominee.

While the FBI suspects Iran is behind the phishing attempts that were tracked in June, it is less clear to investigators whether the nation is also responsible for the sending of internal campaign data to reporters, according to people familiar with the matter. The Washington Post and Politico have both reported they were contacted by a person claiming to have access to internal Trump campaign documents who used an AOL account and the name “Robert.” The Trump campaign has blamed Iran for those leaks.

The FBI investigation raises the stakes for both the presidential contest, already rife with accusations of dirty tricks and election interference, and the government’s credibility in assuring a fair election.

When the Trump campaign initially concluded it had been hacked, it did not alert the FBI, according to campaign advisers. The decision not to alert the FBI was made partially because of the campaign’s distrust of the agency, the people said.

Trump, who blamed Democrats for poor information security when they were hacked in 2016, has expressed frustration over the hack, these people said.

People familiar with the matter said the phishing attempt appears to have succeeded in compromising the communications of at least one person not formally connected to either campaign: Roger Stone, a longtime friend and adviser to Trump.

“I was informed by the authorities that a couple of my personal email accounts have been compromised,” Stone said in a brief interview. “I really don’t know more about it. And I’m cooperating. It’s all very strange.”

Stone’s account was used to send emails to the Trump campaign containing a link that, if clicked, could have allowed Iran to intercept the target’s other emails, the people familiar with the matter said.

That Stone was an apparent victim in the effort is remarkable given his long, tangled history with hacked emails. Stone was convicted of seven felonies, including lying about his attempts during the 2016 presidential campaign to get details of Hillary Clinton’s private emails from the anti-secrecy group WikiLeaks. Trump pardoned him in 2020 a month before he left office.

The Trump campaign did not respond to questions about the FBI’s investigation, but on Saturday spokesman Steven Cheung said the documents received by reporters “were obtained illegally from foreign sources hostile to the United States, intended to interfere with the 2024 election and sow chaos throughout our Democratic process.”

A Trump adviser said additional measures, designed by outside consultants, were now being taken to secure emails. Staff members have also been instructed not to put any sensitive documents or information in emails, given that the campaign believes multiple foreign countries are trying to hack them, this person said.

Last week, Microsoft issued a public report warning that Iranian hackers had tried to break into the email account of a “high-ranking official” on a U.S. presidential campaign in June. The company did not publicly identify the campaign or confirm whether it believed the hack had been successful, but a person familiar with Microsoft’s work confirmed that the report’s reference was to the Trump campaign.

While that evidence is part of what is being investigated by the FBI, it’s now clear that agents are pursuing a larger set of alleged hacking attempts than what the Microsoft report describes.

Over the weekend, a spokesman for Iran’s permanent mission to the United Nations issued a statement dismissing the allegations of such hacking, saying: “We do not accord any credence to such reports. The Iranian Government neither possesses nor harbors any intent or motive to interfere in the United States presidential election.”

U.S. intelligence officials said in July that Iran is working to stoke societal discord in the United States and undermine Trump’s bid to regain the White House, a repeat of Iranian efforts in 2020.

Prosecutors in New York last month also charged a Pakistani man with ties to Iran in a murder-for-hire plot to assassinate a politician or U.S. government official on American soil. The alleged Iranian-backed plot, however, had raised concerns about Trump’s safety in the weeks before the apparently unrelated attempt on his life at a July rally, according to U.S. officials familiar with the investigation who spoke on the condition of anonymity to describe internal discussions.