The indictment, filed in federal court in Manhattan and unsealed Thursday, accuses Iranian nationals Seyyed Mohammad Hosein Musa Kazemi and Sajjad Kashian of helping carry out the scheme. The Treasury Department also announced sanctions against the men, some of their colleagues and the company they worked for.
The defendants, described in the indictment as experienced hackers who worked as contractors for a cybersecurity firm, are not in custody and are believed to be in Iran still. But officials hope at minimum that the indictment and accompanying sanctions will restrict their ability to travel. Each faces a broad array of charges, including voter intimidation, transmission of interstate threats and computer crimes.
Asked Thursday whether the defendants' activities were endorsed by the Iranian government, a Justice Department official who briefed reporters on a conference call noted that the indictment alleges that the company the men worked for — formerly known as Eeleyanet Gostar — provided services to the government. But the indictment does not directly implicate the government because the Justice Department can rely only on unclassified, admissible evidence that it can bring to court, the official said.
Court documents allege vast efforts to spread disinformation about the presidential contest and to intimidate and pressure voters. Some of the activities persisted even after the election.
As part of the cyber campaign, officials say, the hackers attempted in the weeks before the election to compromise voter websites in 11 states, and successfully downloaded voter information related to more than 100,000 people in one state.
While the defendants did not use that information to attempt to change vote totals, officials say, they created the appearance that the election results could not be trusted by leaving the false impression that it was possible to submit fraudulent ballots.
They also sent Americans what officials describe as carefully curated messages, specifically tailored to appeal to — and divide — members of both major political parties.
That included messages that purported to be from a far-right group, the Proud Boys, that threatened Democratic voters with physical harm if they didn't change their party affiliation and vote for Trump.
“You will vote for Trump on Election Day or we will come after you,” the email said, according to prosecutors.
Though the messages pressured voters to support Trump, they may have been designed to actually harm his campaign by aligning him in the minds of voters with the Proud Boys after he was criticized for failing to unequivocally denounce the group during the first presidential debate.
To Republican officials and people associated with the Trump campaign, meanwhile, the hackers crafted Facebook messages that falsely claimed that Democrats were planning to exploit security vulnerabilities in state voter registration websites and commit voter fraud, the indictment says.
Another tool was a fake video spread through social media platforms that purported to show an individual hacking into state voting websites and creating fraudulent absentee ballots, according to the indictment.
In September and October 2020, prosecutors say, the hackers gained unauthorized access to the computer network of an American media company — prosecutors would not say which one — that provided a content management system for dozens of publications. They tested the capability to modify and create content on the system, which the indictment says “would have provided them another vehicle for further disseminating false claims concerning the election.”
On Nov. 4, 2020, the day after the election, hackers attempted to access the system through stolen credentials, but by that point, the company had fixed the issue and the hackers' log-in attempt failed, the indictment says.
Follow Eric Tucker on Twitter at http://www.twitter.com/etuckerAP