Hackers with ties to China and Iran have targeted with spear phishing attacks the campaign staffs working on the U.S. presidential campaigns of Democrat Joe Biden and Republican President Donald Trump, according to a researcher with Google’s Threat Analysis Group.
“Recently TAG saw China APT group targeting Biden campaign staff & Iran APT targeting Trump campaign staff with phishing,” said Shane Huntley, head of Google TAG.
Huntley said that there is no sign the attacks were successful and that targeted users and law enforcement were notified about phishing attempts.
Biden’s staffers were targeted by APT31, whereas APT35 was behind the attacks aimed at Trump’s campaign.
APT31 (aka Zirconium) is a hacking group believed to be operating from China that has been active since at least 2016. The group’s target list includes foreign companies and diplomatic entities.
APT35 (aka Newscaster) is a cyber-espionage group backed by Iranian government. The group has been known to target the US and Middle Eastern militaries, diplomatic and government personnel, organizations in the media, energy and the engineering, business services, and telecommunications sectors.
“The Trump campaign has been briefed that foreign actors unsuccessfully attempted to breach the technology of our staff. We are vigilant about cybersecurity and do not discuss any of our precautions,” a Trump campaign representative said.
“We have known from the beginning of our campaign that we would be subject to such attacks and we are prepared for them,” the Biden campaign said in a statement regarding the cyber attacks.
