Federal prosecutors indicted three Iranian hackers on Friday for targeting former President Donald Trump’s campaign and attempting to impersonate Ginni Thomas, a conservative activist and wife of Supreme Court Justice Clarence Thomas. Masoud Jalili, 36, Seyyed Ali Aghamiri, 34, and Yaser Balaghi, 37, employees of Iran’s Islamic Revolutionary Guard Corps (IRGC), are accused of aggravated identity theft and wire fraud. The indictment reveals a multi-year hacking effort aimed at current and former US officials and journalists.
Between June and August, the hackers accessed a Trump campaign official’s personal email account, stealing “debate preparation” material and information on potential vice-presidential candidates. They leaked some of this information to US media outlets to stoke discord during the election. Attorney General Merrick Garland stated, “The defendants’ own words make clear that they were attempting to undermine former President Trump’s campaign in advance of the 2024 US presidential election.
These authoritarian regimes, which violate the human rights of their own citizens, do not get a say in our country’s democratic process.”
The hackers set up a fake email account in Ginni Thomas’ name in April 2020 but did not use it until four years later.
Iranian hackers’ multi-year email attacks
Between April and May 2024, they used this persona to send spear-phishing emails to a former homeland security adviser and other targets.
The US Treasury Department imposed sanctions on seven individuals, including Jalili, as part of a sweeping response to Iranian efforts to influence or interfere in the 2020 and 2024 US presidential elections. None of the alleged hackers have been arrested, but the indictment features photos of an office building in Tehran affiliated with at least one of them, along with an image of Balaghi smiling with computers behind him. US officials concluded that individuals affiliated with the IRGC were behind the hack and stole internal Trump campaign documents to sow discord around the presidential election.
This particular IRGC hacking group targeted the email accounts of senior officials from the Trump and Biden administrations for espionage and surveillance purposes. The indictment is part of several US government efforts to blunt the impact of Iranian and Russian influence operations on the November presidential election by publicly exposing such activities. US intelligence officials have warned that foreign operatives will likely ramp up efforts to undermine confidence in the voting process in the final weeks before the presidential election.
