Confirmation from the Trump 2024 election campaign regarding the theft of internal communications, including a dirty laundry dossier about JD Vance ahead of the vice-presidential pick, only emerged during the afternoon of Saturday, August 10. Lots of questions regarding the hacking incident remain unanswered at this early stage of investigations, but enough information has been released to analyze the who, what, how and why of the Trump 2024 presidential campaign hack.
Trump 2024 Campaign Hack—What Has Happened?
Reporters at Politico said that they had started receiving emails on July 22 from an anonymous AOL email account, signed by someone only calling themselves Robert, which contained “what appeared to be internal communications from a senior Trump campaign official.”
The person sending the emails went on to state that they possessed a variety of different documents pertaining to internal campaign discussions including Trump’s legal and court documents. The full details of what is available to the emailer have yet to be confirmed, although a research file dated February 23 and apparently comprising a dirty laundry dossier compiled about JD Vance ahead of the vice-presidential pick is known to be among them. Politico has said that two people familiar with the dossier, granted anonymity by the publication, have confirmed it as being authentic.
On being asked how the documents had come into their possession, the person told Politico that it shouldn’t be curious about that as answering the question “will compromise me and also legally restricts you from publishing them.”
How Did A Hacker Infiltrate The Trump 2024 Campaign?
Robert’s responses to Politico’s questioning regarding the source of the provided documents suggest that they were obtained illegally. This was quickly confirmed after Politico reporters contacted the Trump 2024 campaign about the leaked information. Trump’s campaign communications director, Steven Cheung, said that the documents had been obtained illegally. Although it is very early days of the investigation into a security issue such as this, there are already quite compelling clues emerging as to the how of the hacking incident.
The clue that is sitting front and center currently comes from a Microsoft threat intelligence report dated August 9. Cheung himself references this in his response to Politico, saying that it refers to hackers breaking into “the account of a ‘high ranking official’ on the U.S. presidential campaign in June 2024, which coincides with the close timing of President Trump’s selection of a vice presidential nominee.”
The Microsoft threat intelligence report provides the best indicator of the “how” of this hacking incident, stating that a threat actor “sent a spear-phishing email to a high-ranking official of a presidential campaign from a compromised email account of a former senior advisor. The phishing email contained a fake forward with a hyperlink that directs traffic through an actor-controlled domain before redirecting to the listed domain.” What Microsoft has not done is confirm if the attack described in the report was directed at the Trump 2024 campaign or not. However, the timing fits nicely with the timeline of the hacking incident as far as we know it.
Who Is Behind The Trump 2024 Campaign Hack?
It must be stated here and now that accurate attribution of this hacking incident can only ever be a “best guess” speculation based on what is known at this point in time. Politico has a Trump 2024 campaign source saying that “foreign sources hostile to the United States” are responsible, but Cheung declined to tell the publication if there was any information to substantiate suggestions that the attacker was sponsored by the Iranian state. What Cheung did say, however, was that the previously mentioned Microsoft report referred to Iranian hackers being behind that June 2024 phishing attempt which “coincides with the close timing of President Trump’s selection of a vice presidential nominee.” Indeed, the report in question attributes that attack to a group called Mint Sandstorm, which operates under the direction of Iran’s Islamic Revolutionary Guard Corps intelligence unit.
Why Was The Trump 2024 Campaign Hacked?
The why is likely the easiest thing to determine. The Microsoft threat intelligence report already mentioned points to the same Mint Sandstorm group as being behind campaigns targeted at presidential campaigns some five or six months ahead of the 2020 presidential elections. Cheung has stated that Trump’s 2024 campaign hacking was executed with the intention to “interfere with the 2024 election and sow chaos throughout our Democratic process,” a conclusion that is hard to argue with.