Iranian hackers harvested voter info from U.S. state websites, including election sites. The data was later used to send fake Proud Boys voter intimidation emails to Democratic voters. The attacks were an attempt to influence and interfere with the 2020 presidential election, DHS CISA and the FBI say. Many of the IP addresses used by the Iranian hackers are from the NordVPN service, the FBI says. The FBI also found evidence indicating that the APT actor researched the following info during their efforts to scan for and exploit state election sites: The FBI and CISA also provide the following mitigation measures to block future attacks.
Source: https://www.bleepingcomputer.com/news/security/fbi-how-iranian-hackers-stole-voter-info-from-state-election-sites/