Microsoft detects fake news sites linked to Iran aimed at meddling in U.S. election
Groups connected to the Iranian government are using a spectrum of online tactics to interfere with the U.S. presidential election, according to a new Microsoft report published Friday.
Researchers at Microsoft's Threat Analysis Center found Iranian operatives have been laying the groundwork to incite chaos and sow division among American voters ahead of Election Day. Some of their strategies include setting up fake news sites and targeting government employees and officials.
Iran's attempts to meddle in U.S. politics come on top of efforts by groups linked to Russia. But the two countries have notably different approaches, according to Clint Watts, the Center's general manager.
"Russia is very different. They're very focused on shaping the outcome of the election. Iran is focused as much on just breaking the ability of an election to occur," he said.
Microsoft’s Threat Analysis Center tracks influence operations from foreign operatives, mainly from Russia, Iran and China, and their attempts to interfere with elections and political discourse.
According to the Center, Iran has tried to sway American voters in at least the past three election cycles.
In 2021, the Justice Department charged two suspected Iranian hackers for allegedly sending threatening emails and spreading false information to voters ahead of the 2020 presidential race.
Iranian operatives are behind fake news sites using A.I.
Microsoft researchers found that an Iranian group, Storm-2035, was behind four websites pretending to be American news outlets. The fake sites cater to both liberal and conservative audiences and amplify polarizing messaging on hot-button issues related to LGBTQ rights and the Israel-Hamas conflict.
One fake site, Nio Thinker, was created last year and has been pushing out "sarcastic, long-winded articles insulting Trump," according to the report. Another faux news outlet, called Savannah Time, claimed to be a "trusted source for conservative news in the vibrant city of Savannah."
"The reason they set those up is because if they do a hacking operation later, they want to have usually — we believe — places to drop out the hacked materials and narratives they want to advance," Watts said.
Researchers also found evidence indicating that some of these fake sites used AI to rephrase or plagiarize content from actual news outlets.
Iranian hackers target email accounts of campaign advisers and a government employee in a swing state
This past June, Iranian hackers connected to the Islamic Revolutionary Guard Corps (IRGC), compromised the email account of a former adviser to a U.S. presidential campaign in an attempt to contact a current senior official in that campaign, according to the Microsoft report. That email included a link that would have compromised other accounts.
"Within days of this activity, the same group unsuccessfully attempted to log into an account belonging to a former presidential candidate," the report said.
Earlier in May, another group with links to the IRGC, breached the account of a county-level government employee in a swing state. That compromise was part of "broader password spray operation" and the report said it's unclear the motives were election-related.
Microsoft is a financial supporter of NPR.