Pair were affiliated with group that tried to secure a win for Donald Trump


Two Iranian nationals have been charged in connection with a disinformation campaign intended to threaten the integrity of the 2020 US Presidential election.

A statement released by the US Department of Justice (DoJ) yesterday (November 18) stated that the men were charged for their involvement in “a cyber-enabled campaign to intimidate and influence American voters, and otherwise undermine voter confidence and sow discord”.

Seyyed Mohammad Hosein Musa Kazemi (سید محمد حسین موسی کاظمی), also known as Mohammad Hosein Musa Kazem and Hosein Zamani, 24, and Sajjad Kashian (سجاد کاشیان), also known as Kiarash Nabavi, 27, are described as computer hackers who worked as contractors for an Iran-based company formerly known as Eeleyanet Gostar, and now known as Emennet Pasargad.

Eeleyanet Gostar purported to provide cybersecurity services within Iran with customers including the Iranian government, the statement alleges.

Accusations

The defendants are accused of obtaining confidential US voter information from at least one state election website; sending threatening email messages to intimidate and interfere with voters; and creating and disseminating a video containing disinformation about purported election infrastructure vulnerabilities.

The pair are also accused of attempting to access several US states’ voting-related websites, and successfully gaining unauthorized access to a US media company’s computer network that could have enabled them to disseminate false claims after the election.

US attorney Damian Williams for the Southern District of New Yorks commented: “Working with others, Kazemi and Kashian accessed voter information from at least one state’s voter database, threatened US voters via email, and even disseminated a fictitious video that purported to depict actors fabricating overseas ballots.”


BACKGROUND Spoiling the ballot: Cyber issues cast cloud over US presidential election


The accused are alleged to have been part of a group that led the disinformation campaign between August and November 2020.

Members of the group reportedly attempted to compromise approximately 11 state voter websites, including state voter registration websites and state voter information websites.

Those efforts resulted in the successful exploitation of a misconfigured computer system of an unnamed US state and the resulting unauthorized downloading of information concerning more than 100,000 of this state’s voters.


Read more of the latest cybercrime and security news from the US


The group also posed as far-right group ‘Proud Boys’ on Facebook and sent messages to officials associated with Donald Trump’s campaign and the media, claiming that the Democratic Party was planning to exploit “serious security vulnerabilities” in state voter registration websites to “edit mail-in ballots or even register non-existent voters”, the release reads.

These messages were accompanied by a video carrying the Proud Boys logo, which purported to depict an individual hacking into state voter websites and using stolen voter information to create fraudulent absentee ballots through the Federal Voting Assistance Program (FVAP) for military and overseas voters.

In October 2020, they posed as the Proud Boys to send threatening emails to tens of thousands of Democrat voters and threatened the recipients with physical injury if they did not change their party affiliation and vote for Trump.

Finally on November 4, 2020, the day after President Joe Biden won the election, the conspirators sought to leverage details taken in earlier September and October 2020 intrusions into an unnamed US media company’s computer networks.

However, because of an earlier FBI victim notification, the company mitigated the unauthorized access and these log-in attempts failed.

Charges

Kazemi and Kashian are both charged with one count of conspiracy to commit computer fraud and abuse, intimidate voters, and transmit interstate threats, which carries a maximum sentence of five years in prison; one count of voter intimidation, which carries a maximum sentence of one year in prison; and one count of transmission of interstate threats, which carries a maximum sentence of five years in prison.

Kazemi is additionally charged with one count of unauthorized computer intrusion, which carries a maximum sentence of five years in prison; and one count of computer fraud, namely, knowingly damaging a protected computer, which carries a maximum sentence of 10 years in prison.

The Department of State’s Rewards for Justice Program is offering a reward of up to $10 million for information on or about the Kazemi and Kashian’s activities.


RECOMMENDED ‘Compromised credentials’ most likely vector in Trump re-election site defacement