Iranian cyber group targets US swing states

Source: Microsoft
Source: Microsoft

A cyber group linked to the Islamic Revolutionary Guard Corps (IRGC) is actively attempting to influence the upcoming US presidential election by targeting hotly-contested states key to the outcome, researchers told Iran International.

The findings by cybersecurity researcher Nariman Gharib and whistleblower group Lab Dookhtegan show the IRGC’s cyber unit Emennet Pasargad is carrying out a campaign to “disrupt and incite tension in the elections, particularly in swing states,” according to their joint report.

Since 2024, the group - also known as "Shahid Shoushtari" - has been actively gathering intelligence on swing states. It has reportedly sent direct messages to US Senate candidates in one of these pivotal states with the intent of disrupting the electoral process.

“This is not the first time this particular Iranian cyber group is targeting a US Presidential Election,” Gharib told Iran International on Friday.

The United States previously sanctioned Emennet Pasargad which prohibits US entities from conducting business with the group, accusing it of disinformation spread online, including interference in the 2020 presidential election

The State Department's Rewards for Justice program also offers up to $10 million for information on its activities.

Last month, the US Treasury sanctioned seven agents working for the Islamic Republic, for efforts to influence the US presidential elections in 2020 and 2024.

An IRGC member named Masoud Jalili along with six members belonging to the Emennet Pasargad cyber group -Ali Mahdavian, Fatemeh Sadeghi, Elaheh Yazdi, Seyyed Mehdi Rahimi Haji Abadi, Rahmatollah Askarizadeh, and Mohammad Hossein Abdolrahimi - were included on Washington's sanctions list.

According to Gharib, Emennet Pasargad’s new campaign focuses on "disrupting the voter registration process, contaminating voting systems, spreading rumors, creating chaos, and ultimately damaging the infrastructure of US elections."

The latest Microsoft Threat Analysis Center (MTAC) research related to the US elections released in October said Iran is gearing up for additional influence operations.

“Iranian groups tasked with targeting the US elections may make an effort—as they have in the past—to run influence operations both shortly before and soon after the election by leveraging cyber intrusions from weeks to months prior,” the report said.