Mistakes made by Iranian hackers tied them to threatening emails targeting US voters: report

Iranian hackers made mistakes that tied them to the emails threatening U.S. voters to vote for President Trump, Reuters reported Thursday. 

Four people familiar with the matter told Reuters that government analysts and private investigators were quickly able to connect the thousands of emails to Iranian hackers because of mistakes in the video included in the email.

“Either they made a dumb mistake or wanted to get caught,” a senior U.S. government official told Reuters. “We are not concerned about this activity being some kind of false flag due to other supporting evidence. This was Iran.”

The errors enabled U.S. officials to link the emails to Iran in days instead of the usual months of investigation needed. 

The connection to Iranian hackers does not automatically mean that they are working on behalf of the Iranian government, Reuters noted, adding that Iranian officials have denied being a part of the effort.

“These accusations are nothing more than another scenario to undermine voter confidence in the security of the U.S. election, and are absurd,” said Alireza Miryousefi, a spokesperson for Iran’s mission to the United Nations in New York, according to Reuters. 

Voters in Florida and Alaska received threatening emails from domains associated with the far-right group the Proud Boys, requesting they vote for Trump or “we will come after you.” The Proud Boys denied sending the emails. 

Officials and email platform providers such as Google and Microsoft looked into the code of the hackers’ video, and sources said the video showed parts of computer code, including file paths, file names and an internet protocol (IP) address. 

Analysts determined the IP address traced back to previous Iranian hacking activity, the sources told Reuters. A government official said analysts cross-referenced the video information with data from other intelligence. 

A Google spokesperson told The Hill that it and “others have seen evidence” that the emails are “linked to Iran.” The company referred the issue to the FBI.

The hackers also tried to share links to the video over accounts on Facebook and Twitter. 

A Twitter spokesperson told The Hill, “We acted quickly to proactively and permanently suspend a small number of accounts and limit the sharing of media specific to this coordinated campaign.”

Facebook told the news outlet that it “disrupted an attempt by a single fake account to seed information related to what appears to be an influence operation primarily focused on spreading false claims via email.”

Director of National Intelligence John Ratcliffe said Wednesday that both Russia and Iran have attempted to interfere with the 2020 election. Three sources told Reuters that U.S. intelligence is still determining who in Iran led the effort and the reason behind it.