US blames Iran for spoofed Proud Boys emails threatening Democrat voters
In a short press conference held today by the US Department of Justice, high-ranking officials with the US government claimed that Iran was behind a wave of emails sent to US voters earlier this week.
Spoofing the identity of violent extremist group Proud Boys, the emails threatened registered Democrat voters with repercussions if they didn’t vote for Donald Trump in the upcoming US Presidential Election.
The senders claimed to have “gained access into the entire [US] voting infrastructure,” but appeared to use public voter registration databases to target Democrat voters in Alaska, Arizona, and Florida.
Two waves of emails were sent this week, the first on Tuesday (October 20), and the second on Wednesday (October 21), according to a report from email security firm Proofpoint, which has been tracking the spam campaigns.
The second wave of emails, besides the original message threatening Democrat voters, also included a link to a video claiming to show an individual print out a voting ballot with another person’s information (a copy of the video is embedded in the Proofpoint report). The video was debunked by several US news media publications.
Responding to intense media coverage surrounding the emails, in a short press conference earlier today, FBI Director Christopher Wray and Director of National Intelligence John Ratcliffe attributed the spam campaigns to Iran.
Addressing the video shared in the emails, Ratcliffe added that “the information in the video is not true.”
Ratcliffe also added that besides Iran, Russia has also also “taken specific actions to influence public opinion relating to our election.”
“Although we have not seen the same actions from Russia, we are aware that they have obtained some voter registration information,” Ratcliffe added.
The two officials urged the US public to remain calm and not spread any similar messages they receive in the future.
Neither of the two officials presented any evidence during the press conference but only made short statements.
Spokespersons for several cyber-security firms could not confirm the Iranian attribution, when inquired by ZDNet today. However, they didn’t dismiss it either.
“Iranian information operations date back at least eight years and they have grown beyond fake news sites and social network activity to elaborate tactics, such as impersonating journalists to solicit video interviews and placing op-eds. They have even impersonated American politicians,” John Hultquist, Senior Director of Analysis, Mandiant Threat Intelligence, told ZDNet.
“The information operations we have seen from Iran to date have been about amplifying pro-Iranian messages and pushing a desired narrative out into the world that’s anti-Saudi or ant-Israeli or pro-JCPOA,” he added.
“This is different. This is deliberate interference in our democracy and it crosses a major red line. I think the Intel community scored a win here against Iran today,” Hultquist said.