This group has a history of similar activities, having targeted US elections in 2020 through operations designed to intimidate voters and create chaos around election results. In 2020, Cotton Sandstorm posed as a member of the right-wing group “Proud Boys,” sending threatening emails to Florida voters in an effort to manipulate the vote.
“Historically, Cotton Sandstorm has targeted elections in a similar fashion through hacking operations aimed at media entities and state election-related websites ahead of the last US presidential election.”
This spring, Cotton Sandstorm extended its operations to media outlets, performing reconnaissance of major US news sites in what could be preparation for additional influence campaigns. The group’s use of hacking to obtain sensitive information and its ability to strategically leak it to the public has made it a potent tool in Iran’s arsenal for election interference.