Less than two weeks before the 2020 US presidential election, tens of thousands of emails purportedly from the far-right group Proud Boys threatened to “come after” Democrats if they didn’t vote for Trump. As officials warned at the time, the messages were part of a broader Iranian disinformation and influence campaign meant to sow division in the US and undermine confidence in the electoral process. Now, the US Department of Justice has unsealed an indictment that charges two Iranian nationals with carrying out those email blasts and more, providing new details on an audacious election interference scheme.
Seyyed Mohammad Hosein Musa Kazemi, 24, and Sajjad Kashian, 27, face charges of conspiracy, transmission of interstate threats, computer fraud, and voter intimidation. The two allegedly worked for the Iranian cybersecurity company Emennet Pasargad, which Justice Department officials say has contracted with the Iranian government. In addition to the indictment, the Treasury Department’s Office of Foreign Assets Control announced sanctions on Thursday against the company, four members of its leadership, and the two defendants.
“As alleged, Kazemi and Kashian were part of a coordinated conspiracy in which Iranian hackers sought to undermine faith and confidence in the US presidential elections,” Damian Williams, US attorney for the Southern District of New York, said in a statement on Thursday. “As a result of the charges unsealed today, and the concurrent efforts of our US government partners, Kazemi and Kashian will forever look over their shoulders as we strive to bring them to justice.”
Officials said that they believe the defendants are currently in Iran. The State Department announced a reward of up to $10 million for information about Kazemi and Kashian.
Court documents say that, in addition to the threatening email campaign, the two men also attempted to compromise voter registration databases in 11 states and succeeded in one, where they were able to grab more than 100,000 voters’ private data because of a misconfiguration. Officials declined to identify the state, but The Wall Street Journal reported in October 2020 that it was Alaska.
The defendants are also accused of hacking an unnamed media company that offers content management services to a number of newspapers and other publications around the US. After detecting the activity, the FBI warned the company, which took action to block the unauthorized access. Officials say that the attackers attempted to connect to the media company’s network the day after the election but found themselves shut out. Iranian hackers are known for crafting and distributing legitimate-looking fake news articles or even seemingly hacking real news sites to post manufactured content.
The indictment also accuses the defendants of carrying out other types of influence operations. Again masquerading as the Proud Boys, they allegedly sent Facebook messages and emails to Republican members of Congress, Trump campaign staffers, and journalists, claiming that the Democratic party planned to exploit security vulnerabilities in state voter registration sites, edit mail ballots, and register fake voters. They also allegedly created and distributed a fake hacking demonstration video on Twitter, YouTube, and Facebook that appeared to show attackers exploiting election infrastructure vulnerabilities to compromise state voter websites and other platforms and generate fraudulent absentee ballots.