Iranian hackers are back in the cyber war, threatening to dump more than 100 gigabytes of proprietary information allegedly pilfered from former President Donald Trump's campaign.
The group, known as "Robert" and also referred to as APT42 or "CharmingKitten" by cybersecurity companies, has boasted of the hack and has already contacted top media outlets and political strategists.
Second Wave of Political Cyber Espionage
It is the second time that the group has attacked Trump's inner circle. According to Gizmodo, the 2024 summer saw the same hackers breach campaign servers and dump documents to both President Biden's staff and top U.S. media outlets such as The New York Times and Politico.
Experts at the time believed that the attack was meant to disrupt the 2024 U.S. presidential election by destabilizing the Trump campaign.
Now, as geopolitical tensions between Iran and the U.S. escalate, most recently following the U.S.-led airstrikes in the region, the re-emergence of this group indicates a strategic effort to strike back in the cyber domain.
High-Profile Targets and Possible Leaks
In a report to Reuters, the hackers asserted that they have access to internal emails of some of Trump's closest associates, such as Chief of Staff Susie Wiles, lawyer Lindsey Halligan, political friend Roger Stone, and even messages related to adult film actress Stormy Daniels.
Although it is not known what's inside these emails, the group hinted at selling the information to third parties.
The inclusion of Stormy Daniels in the leak brings a sensational twist, particularly with her current legal disputes with Trump. Cybersecurity experts have cautioned, though, that without confirmation, any assertion by the hackers must be handled with skepticism.
U.S. Government Says It's Only a Digital Propaganda
Trump's team and the United States Cybersecurity and Infrastructure Security Agency (CISA) have minimized the threat. CISA public affairs director Marci McCarthy referred to the cyberattack as "digital propaganda" and a "calculated smear campaign." She noted that federal agencies are actively pursuing tracing and prosecuting the culprits.
The Biden administration has remained relatively quiet on the matter, though sources suggest that federal investigators continue to be involved in tracking the incident.
How Iran's Cyber Play Has Changed
Although Iran is not typically considered a world cyber superpower, its hackers are more advanced. APT42 uses malware that captures calls and tracks cell activity, and the group has already hacked into emails of senior U.S. officials, such as a former CIA deputy director and ambassador to Israel.
In 2024, the Department of Justice indicted three Iranian nationals who were accused of working on behalf of Iran's Revolutionary Guard. The charges directly implicated them in previous campaign hacks, claiming their conduct intended to "erode confidence in the U.S. electoral process" and steal sensitive information.
A Warning Shot?
This latest threat's timing is suspect. Experts believe that if the hackers do indeed have explosive information, their bargaining power would have been greater before recent U.S. attacks.
That they chose to act now could mean desperation or the next phase of psychological warfare aimed at keeping political opponents on their toes.
Originally published on Tech Times
