Key Points
- Iranian-linked Mint Sandstorm, or APT42, allegedly accessed Trump campaign emails, later leaking materials publicly.
- Three Iranian hackers were indicted for election interference, with ongoing efforts monitored by U.S. security agencies.
- U.S. officials attribute Iran’s actions to revenge for the 2020 Soleimani assassination, aiming to weaken Trump’s image.
- The FBI cautioned journalists engaging with the leaked material about the foreign influence nature of the content.
A hacking group allegedly linked to the Iranian government has leaked sensitive emails from U.S. Republican presidential candidate Donald Trump’s campaign. Mint Sandstorm, or APT42, began publishing the intercepted material after failing to attract mainstream media attention. The hacked emails reveal campaign communications with advisers discussing 2024 election strategies and were released through David Wheeler’s political action committee, American Muckrakers, and independent journalists.
The U.S. Department of Justice indicted three Iranian hackers in September, accusing them of using a fake persona, “Robert,” to mask their identity and connections with Iran’s Basij paramilitary force. Between May and June, the group allegedly obtained passwords of Trump campaign staff, using this access to target internal communications. If convicted, the hackers could face imprisonment and financial penalties. Despite the indictment, the group continues its efforts, with the Department of Homeland Security recently issuing warnings about the ongoing targeting of campaign staff.
Characterized by attempts to discredit Trump, Iranian interference in the 2024 election is seen by U.S. intelligence as retaliation for Trump’s 2020 order to assassinate Iranian General Qassem Soleimani. So far, leaked content includes Trump’s campaign assessments of potential vice-presidential candidates, such as JD Vance and Marco Rubio. Although major media outlets like the Washington Post and the New York Times declined to publish the material, citing ethical concerns and lack of newsworthiness, independent journalists and American Muckrakers have shared select information.
American Muckrakers, which has previously released controversial content about high-profile Republicans, began posting Trump campaign documents on its website in late September. The organization’s founder, Wheeler, affirmed the documents’ authenticity but withheld details about their origins. Wheeler intended to share further content if it met authenticity and public interest standards.
Among the leaked documents were exchanges concerning North Carolina gubernatorial candidate Mark Robinson and Florida representative Anna Paulina Luna, both endorsed by Trump. Discussions allegedly covered Robinson’s response to past controversies and Luna’s matters.
One of the few journalists to publish the leaked material, Ken Klippenstein, shared vice-presidential research documents on Substack. Klippenstein subsequently reported that the FBI had warned him about the hackers’ motives for foreign influence. Although the Trump campaign condemned the leaks as an attempt to undermine the 2024 election, U.S. officials continue to monitor Iranian cyber activities as Election Day approaches.