Tipsheet

Here's Who the Trump Team Is Blaming for Hacking Their Campaign

The Trump campaign had internal communications leaked on Saturday. A dossier on JD Vance was some of the files that were seized by whoever broke into the campaign’s servers. These files were sent to Politico starting on July 22 from someone named “Robert.” Court and legal documents were also taken by this individual, along with “internal campaign discussions.” The Trump camp has alleged that Iran is behind this operation (via Politico):

Former President Donald Trump’s campaign said Saturday that some of its internal communications had been hacked. 

The acknowledgment came after POLITICO began receiving emails from an anonymous account with documents from inside Trump’s operation. 

[…] 

On July 22, POLITICO began receiving emails from an anonymous account. Over the course of the past few weeks, the person — who used an AOL email account and identified themselves only as “Robert” — relayed what appeared to be internal communications from a senior Trump campaign official. A research dossier the campaign had apparently done on Trump’s running mate, Ohio Sen. JD Vance, which was dated Feb. 23, was included in the documents. The documents are authentic, according to two people familiar with them and granted anonymity to describe internal communications. One of the people described the dossier as a preliminary version of Vance’s vetting file. 

The research dossier was a 271-page document based on publicly available information about Vance’s past record and statements, with some — such as his past criticisms of Trump — identified in the document as “POTENTIAL VULNERABILITIES.” The person also sent part of a research document about Florida Sen. Marco Rubio, who was also a finalist for the vice presidential nomination. 

The person said they had a “variety of documents from [Trump’s] legal and court documents to internal campaign discussions.” 

Asked how they obtained the documents, the person responded: “I suggest you don’t be curious about where I got them from. Any answer to this question, will compromise me and also legally restricts you from publishing them.” 

The scope of the information obtained by the hacker is unclear. But it represents a major security breach for Trump’s campaign. 

These breaches come as Microsoft reported that Iran-backed hackers had targeted a presidential candidate in June. The company did stop short in saying these operations are motivated by the 2024 election: 

Iran-backed hackers targeted a high-ranking official at an unidentified U.S. presidential campaign in a June spear-phishing attack, Microsoft said in a new report released Friday. 

Why it matters: Several Iranian groups have started to launch aggressive disinformation and hacking campaigns to influence the outcome of the 2024 U.S. presidential elections, Microsoft said. 

Iran has been following in the footsteps of Russia — which is notorious for its 2016 hacks of major U.S. political parties and successful disinformation operations. 

Zoom in: Mint Sandstorm, a group run by the Islamic Revolutionary Guard Corps' intelligence unit, sent a spear-phishing email in June to a high-ranking official of a presidential campaign. 

The hackers used the compromised email account belonging to a former senior campaign adviser, and the email included a link that would first redirect to an "actor-controlled domain before redirecting to the listed domain," per the report.

The same group also attempted to log into an account belonging to a former presidential candidate on June 13, just days before the phishing attack against an active presidential campaign.

 Other security firms also refer to Mint Sandstorm as Charming Kitten or APT35.

 Yes, but: Microsoft noted it does not yet have enough evidence to fully determine if the activity is motivated by the 2024 elections since this group routinely targets senior political officials. 

The problem is the media likely won’t care. If it’s not Russian, or there’s not enough manufactured nonsense to make it seem like the Russians, they won’t report on it.