Google has confirmed that hackers backed by Iran are targeting the campaigns of US presidential rivals Kamala Harris and Donald Trump.

The hacker group, known as "APT42" and linked to Iran's Islamic Revolutionary Guard Corps (IRGC), has been employing 'phishing' tactics to trick targets into revealing passwords to accounts they want to loot.

According to Google's Threat Analysis Group, APT42 has aggressively sought to compromise both Democratic and Republican campaigns for president, as well as Israeli military, government, and diplomatic organizations.

In May and June of this year, the group targeted about a dozen people associated with both Trump and Joe Biden, including current and former government officials and individuals affiliated with the two political campaigns.

A Harris campaign official revealed that in July, the FBI notified their legal and security teams about being targeted by a foreign actor influence operation.

Despite these attempts, the campaign maintains robust cybersecurity measures and is not aware of any security breaches resulting from these efforts.

Similarly, the Trump campaign suggested that Iran was behind a breach that resulted in private documents being sent to reporters, including research used to vet running mate J.D. Vance.

Google's report highlighted that APT42 uses social engineering tactics, such as posing as credible contacts to lure victims to fake video meeting landing pages where log-in credentials are required. The group has shown the ability to run numerous simultaneous phishing campaigns, particularly focused on Israel and the United States.

Google disrupted APT42's attempts to hack the campaigns of Biden and Trump in 2020 and continues to see unsuccessful attempts to compromise personal accounts of individuals affiliated with President Joe Biden, Vice President Harris, and Trump.

The US State Department warned Iran of consequences over election interference following the Trump campaign's announcement of being hacked. This incident echoes the 2016 election when US intelligence concluded that Russia intervened to support Trump, who has rejected those findings.

John Hultquist, who leads threat intelligence at Google-owned cybersecurity firm Mandiant, noted that APT42's targeting does not necessarily indicate a preference for a single candidate but rather reflects the importance of both candidates in shaping American policy in the Middle East.

He emphasized that hacking for political influence in US elections has expanded beyond Russia, with multiple teams now in play.