Less than two weeks before the 2020 US presidential election, tens of thousands of emails purportedly from the far-right group Proud Boys threatened to “come after” Democrats if they didn’t vote for Trump. As officials warned at the time, the messages were part of a broader Iranian disinformation and influence campaign meant to sow division in the US and undermine confidence in the electoral process. Now, the US Department of Justice has unsealed an indictment that charges two Iranian nationals with carrying out those email blasts and more, providing new details on an audacious election interference scheme.
Seyyed Mohammad Hosein Musa Kazemi, 24, and Sajjad Kashian, 27, face charges of conspiracy, transmission of interstate threats, computer fraud, and voter intimidation. The two allegedly worked for the Iranian cybersecurity company Emennet Pasargad, which Justice Department officials say has contracted with the Iranian government. In addition to the indictment, the Treasury Department’s Office of Foreign Assets Control announced sanctions on Thursday against the company, four members of its leadership, and the two defendants.
“As alleged, Kazemi and Kashian were part of a coordinated conspiracy in which Iranian hackers sought to undermine faith and confidence in the US presidential elections,” Damian Williams, US attorney for the Southern District of New York, said in a statement on Thursday. “As a result of the charges unsealed today, and the concurrent efforts of our US government partners, Kazemi and Kashian will forever look over their shoulders as we strive to bring them to justice.”
Officials said that they believe the defendants are currently in Iran. The State Department announced a reward of up to $10 million for information about Kazemi and Kashian.
Court documents say that, in addition to the threatening email campaign, the two men also attempted to compromise voter registration databases in 11 states and succeeded in one, where they were able to grab more than 100,000 voters’ private data because of a misconfiguration. Officials declined to identify the state, but The Wall Street Journal reported in October 2020 that it was Alaska.
The defendants are also accused of hacking an unnamed media company that offers content management services to a number of newspapers and other publications around the US. After detecting the activity, the FBI warned the company, which took action to block the unauthorized access. Officials say that the attackers attempted to connect to the media company’s network the day after the election but found themselves shut out. Iranian hackers are known for crafting and distributing legitimate-looking fake news articles or even seemingly hacking real news sites to post manufactured content.
The indictment also accuses the defendants of carrying out other types of influence operations. Again masquerading as the Proud Boys, they allegedly sent Facebook messages and emails to Republican members of Congress, Trump campaign staffers, and journalists, claiming that the Democratic party planned to exploit security vulnerabilities in state voter registration sites, edit mail ballots, and register fake voters. They also allegedly created and distributed a fake hacking demonstration video on Twitter, YouTube, and Facebook that appeared to show attackers exploiting election infrastructure vulnerabilities to compromise state voter websites and other platforms and generate fraudulent absentee ballots.
Just as Russian disinformation campaigns worked to stoke racial tension and other existing societal division in 2016, Iran’s influence operations in 2020 seemed focused around fueling narratives from the US far right and President Trump himself about supposed vote tampering and electoral distrust. In many ways, the Iranian activity seems to take up the mantle of the election meddling formula Russia has developed around the world.
“Our intelligence officials have continually warned that other countries would seek to follow Russia’s 2016 playbook,” senator Mark Warner (D-Virginia), chair of the Senate Select Committee on Intelligence, said in a statement on Thursday. “Today’s charges and sanctions … are further evidence that attempts to interfere in our elections will continue, and we must all be on guard against them.”
Officials from the Justice Department, FBI, and US Attorney’s Office emphasized that none of the activity impacted the vote count or outcomes in the 2020 election. And they noted that the indictment elaborates on activity described in the Office of the Director of National Intelligence’s foreign election interference assessment from March.
That report concluded that while there was no evidence of foreign actors conducting hacking operations against actual voting infrastructure, there were a startling number of countries—including Russia, Iran, Cuba, and Venezuela—running influence operations related to the election.
“This was the most aggressive attack on the 2020 election—it was as close as we got to the Russian operation in 2016,” says John Hultquist, vice president of intelligence analysis at the cybersecurity firm Mandiant, of the Iranian influence campaigns. He notes that though Iranian state-backed hackers are prolific, they don’t typically target elections.
Though the two defendants are out of US reach as long as they remain in Iran, Hultquist adds that the indictment and sanctions are still valuable. “We simply have to publicly call out attacks on our democracy,” he says. “These actors have benefited from our reluctance to discuss this activity publicly for too long.”
- 📩 The latest on tech, science, and more: Get our newsletters!
- Blood, lies, and a drug trials lab gone bad
- Age of Empires IV wants to teach you a lesson
- New sex toy standards let some sensitive details slide
- What the new MacBook Pro finally got right
- The mathematics of cancel culture
- 👁️ Explore AI like never before with our new database
- ✨ Optimize your home life with our Gear team’s best picks, from robot vacuums to affordable mattresses to smart speakers