Iranian hacking group Phosphorous has attacked accounts related to the U.S. presidential campaign. Microsoft blog post informed that the targets were the former and current U.S. officials, journalists and prominent Iranians living outside the Islamic Republic.
During the 30 days, from August to September, the group made more than 2,700 attempts to identify consumer email accounts belonging to specific customers, and then attacked 241 of those accounts. However, the efforts were unsuccessful.
Even though the break-in technique was not elaborate, the attackers were aimed to get as many personal data as possible. Microsoft admitted that Phosphorous is highly motivated, ready to invest plenty of resources to exploit and continue accumulating information.
Currently, the Microsoft Threat Intelligence Center (MSTIC) takes all the legal and technical steps to trace and preclude the potential menace. Microsoft recommends customers to use two-step verification and Microsoft Authenticator to avoid easy-to-hack passwords.