Four informed sources said that US government analysts and others in the private sector succeeded quickly in exposing the responsibility of Iranian hackers for a wave of thousands of e-mails involving threats to American voters, thanks to the detection of errors in a video recording attached to some of the messages.
These failures gave the US government a rare opportunity to monitor a malicious hacking process, and reveal the identity of the one responsible within only days, which usually takes months of technical analysis and intelligence support.
“Either they made a naive mistake, or they wanted to be caught,” said a senior US government official, who requested anonymity.
Within hours of circulating the video this week, which was claimed to have been sent by a far-right American group called the Proud Boys, intelligence officials and major e-mail service sites such as Google and Microsoft began analyzing computer code. Featured in the hacker video.
These e-mails demand that voters change their party affiliation with the Republican Party and vote for President Donald Trump. Otherwise, “we will follow you.” Although it appears as if it was sent from the email address of the “Broad Boys” group, the address was fake, security analysts said, and the group denied responsibility for these messages.
A statement issued by Google, Wednesday evening, said that this activity is “linked to Iran,” and a company spokesman said, on Thursday, that it is in contact with the Federal Bureau of Investigation.
The sources said that despite attempts to obscure elements in the video recording to conceal their identity, the hackers failed to conceal all information that incriminates them.
The video clip shows the hackers’ computer screen while they are writing orders and pretending to infiltrate the voter registration system. Investigators have noticed sneaky screenshots revealing the computer code, including file paths, file names, and the device’s IP address.
In addition to sending thousands of e-mails to voters in states including Florida, the hackers also tried to spread links to the filmed registrations via fake Facebook and Twitter accounts.
Attribution of responsibility to Iranian infiltrators does not necessarily mean that the official is a group working for the government there. On the other hand, Iranian officials denied the US allegations.
“These accusations are no more than another scenario to undermine voters’ confidence in the security of the US elections, and they are ridiculous,” said Alireza Mir Yousfi, a spokesman for the Iranian diplomatic mission at the United Nations in New York.
John Ratcliffe, the director of US National Intelligence, previously said that Russia and Iran tried to interfere in the presidential election campaign, and three sources said that the intelligence services are still analyzing information to find out who is responsible for the operation in Iran and its objectives.