As recently found out by Microsoft, an Iran-based threat group — Phosphorus — tried to hack the 2020 US Presidential Campaign. The discovery was made by the Microsoft Threat Intelligence Centre (MTIC).
New Security Threat
As per the official blog, Phosphorus hacking group made around 2,700 attempts to pick out email accounts that were associated with some specific Microsoft customers. Following this, the group tried hacking 241 of the identified accounts.
The accounts belonged to a U.S. presidential campaign, current and former U.S. government officials, and journalists covering global politics and prominent Iranians living outside Iran.
As a result, four accounts were compromised by hackers. Luckily, the four accounts weren’t associated with the US Presidential Election Campaign.
How Phosphorus Attacked The Accounts
The blog post further mentions that the threat group first researched the targeted users and used the information regarding the targets to fool around with the password recovery/reset features.
For example, the group tried to access a user’s secondary account and get into the user’s Microsoft account via the verification process.
This process provided the hackers with the targets’ personal information for attacking them.
While the Phosphorus attack is not “highly sophisticated”, Microsoft calls them “highly motivated and willing” to make such moves.
With the blog post, Microsoft tries to make people around the world aware of security threats and bring about ways to control them.
Microsoft asks users to enable two-factor authentication, which can be done in the account’s security settings. Furthermore, the company advises users to keep track of their account’s login activities. In case, a user finds anything suspicious, they should notify Microsoft and ultimately change the account password.