Latest news with #Iran-linked
USA Today
10 hours ago
- Politics
- USA Today
Iran enacts law suspending cooperation with UN nuclear watchdog
July 2 (Reuters) - Iranian President Masoud Pezeshkian put into effect on Wednesday a law passed by parliament last week to suspend cooperation with the U.N. nuclear watchdog, the IAEA, Iranian state media reported. The law stipulates that any future inspection of Iran's nuclear sites by the International Atomic Energy Agency needs approval by Tehran's Supreme National Security Council. "We are aware of these reports. The IAEA is awaiting further official information from Iran," the IAEA said in a statement. More: Iran-linked hackers threaten to release Trump aides' emails Iran has threatened to halt cooperation with the IAEA, accusing it of siding with Western countries and providing a justification for Israel's air strikes, which began a day after the IAEA board voted to declare Iran in violation of obligations under the Nuclear Non-Proliferation Treaty. Separately, Iranian Foreign Minister Abbas Araqchi said in an interview with CBS News that the U.S. bombing of Iran's key Fordow nuclear site has "seriously and heavily damaged" the facility. (Reporting by Dubai newsroom, additional reporting by Francois Murphy in Vienna; Editing by Andrew Heavens, Alex Richardson and Ros Russell)
New York Post
a day ago
- Politics
- New York Post
Iran-linked hackers threaten to release roughly 100 gigabytes worth of emails stolen from Trump's inner circle
An Iran-linked cyber group is threatening to release a trove of emails it claims to have stolen from top Trump officials and allies. The hackers previously released a batch of stolen emails to the media during the 2024 campaign. Advertisement Under the pseudonym Robert, the hackers first told Reuters they had roughly 100 gigabytes of emails from White House chief of staff Susie Wiles, President Donald Trump confidante Roger Stone, Trump lawyer Lindsey Halligan and Stormy Daniels, the porn star who claims to have had an affair with Trump. Attorney General Pam Bondi called the hack an 'unconscionable cyberattack' and said government agencies would work to 'protect the officials targeted by this rogue group.' FBI Director Kash Patel added in a statement, 'Safeguarding our administration officials' ability to securely communicate to accomplish the president's mission is a top priority.' 'Anyone associated with any kind of breach of national security will be fully investigated and prosecuted to the fullest extent of the law.' Advertisement 3 Iran-linked hackers, going under the pseudonyms Robert, plan to release a long list of emails claiming to have stolen information from Trump's inner circle. REUTERS Marci McCarthy, spokesperson for the Cyber and Infrastructure Security Agency, called Iran's threat 'an effort to distract, discredit and divide.' 'These criminals will be brought to justice,' she said in a statement. 'Let this be a warning to others there will be no refuge, tolerance or leniency for these actions.' Advertisement 3 The hackers told Reuters they have approximately 100 gigabytes of emails from White House chief of staff Susie Wiles, Roger Stone, Trump lawyer Lindsey Halligan, and Stormy Daniels. via Getty Images 'A hostile foreign adversary is threatening to illegally exploit purportedly stolen and unverified material in an effort to distract, discredit and divide. This so-called 'cyber attack' is nothing more than digital propaganda, and the targets are no coincidence. This is a calculated smear campaign meant to damage President Trump and discredit honorable public servants.' Last summer, at the height of the 2024 election, Iranian-linked hackers sent material stolen from the Trump campaign to individuals associated with the Biden campaign and to U.S. media organizations. In an indictment in September, the Biden Justice Department accused three members of Iran's Revolutionary Guard Corps of being behind the leak. In May, the hackers behind 'Robert' signaled to Reuters they would not be leaking any more documents. Advertisement 3 Attorney General Pam Bondi and FBI Director Kash Patel both released statements that the federal government will prosecute the individuals behind the 'unconscionable cyberattack.' 'I am retired, man.' However, the group reached back out after Israel and the U.S. attacked Iran's nuclear sites. They said they were organizing a sale of the stolen communications and asked Reuters to publicize it. U.S. cyber officials warned on Monday that U.S. companies and critical infrastructure operators may still be in Iran's crosshairs. Experts have suggested Iran may be looking for non-military ways to punish the U.S. for its strikes. 'Despite a declared ceasefire and ongoing negotiations towards a permanent solution, Iranian-affiliated cyber actors and hacktivist groups may still conduct malicious cyber activity,' U.S. agencies said in an advisory. The new threat comes as Trump insists he is not speaking to Iran and has offered them nothing for nuclear negotiations. He has said Iran's facilities were 'totally obliterated.'
Axios
a day ago
- Politics
- Axios
Iran leans on hacktivist proxies in wake of Israeli, U.S. strikes
Iranian state-backed hackers are borrowing from the Russian cyber playbook and sharing tools with ideologically aligned hacktivist groups in the wake of a series of military strikes, experts tell Axios. Why it matters: Leaning on these hackers allows Iran to amplify its reach while maintaining plausible deniability and staying below the threshold of what's considered war. Driving the news: Iran-linked hackers threatened last night to publish emails purportedly stolen from Trump allies, including White House chief of staff Susie Wiles, lawyer Lindsey Halligan and adviser Roger Stone. CISA and the FBI released an advisory yesterday warning U.S. critical infrastructure, and particularly defense contractors, are at increased risk for potential Iran-linked cyberattacks. The intrigue: Experts at cybersecurity firm Armis say they've observed Iranian nation-state actors providing tools and resources to pro-Iran hacktivist groups since Israel launched military strikes on June 13. Michael Freeman, head of threat intelligence at Armis, told Axios that pro-Iran hacktivists have received "a lot of help," including access to nondescript cyber weapons and hacking techniques that could help them target Western organizations. "Those [weapons and techniques] were being used to target more critical infrastructures within nation-states," Freeman told Axios. These attackers appear focused on strategic cyber campaigns, including ransomware, linked to the broader regional conflict. "They're definitely using these tools, gaining more access, being more careful — without getting caught," Freeman added. The big picture: Iran increasingly mirrors Russia's model of relying on cyber proxies and psychological operations to project power. "This is very Russian in nature," Alexander Leslie, a threat intelligence analyst at Recorded Future, told Axios. "Using proxies for plausible deniability is essentially the essence of how they can scale these operations and remain resilient to any kind of disruption." Leslie added that Iran frequently leans on "pseudo-hacktivist groups" to stay just below the threshold of conventional cyber warfare. Zoom in: A hacker tied to a well-known Russian nation-state hacking team has been sharing tools and advice in a pro-Iran hacktivist group, Freeman said. Between the lines: Some of the most serious attacks have likely been stopped before they became public, thanks to early detection and Five Eyes intelligence-sharing, Nadir Izrael, chief technology officer at Armis, told Axios. "The silence isn't an indication of nothing happening," Izrael said. "It's an indication of defenses holding — and a lot of people doing a lot of work to make that happen." State of play: Activity from pro-Iran hacktivist groups has dipped since a ceasefire was announced last week, but many of the most opportunistic actors had already pivoted to targeting last week's NATO summit. More than 100 hacktivists groups, 90 of which are linked to pro-Iranian positions, have been targeting organizations in Israel and throughout the Middle East, North Africa, Western Europe and North America since Israel's strikes last month, Leslie said. Many of those groups resurfaced during this conflict after a long hiatus, Leslie added. Despite broad claims of successful attacks, most of the groups' reported DDoS campaigns are unverified. "The point is to overwhelm and shape perception," Leslie said. Threat level: Freeman warned U.S. critical infrastructure operators to take inventory of their systems and patch overlooked vulnerabilities — especially in "systems that operate systems." "The companies who've had to deal with the Iranian groups, that really had a good understanding of their environment, were able to detect them quickly, within a few hours," he said. What to watch: Law enforcement and private sector partners are actively working to identify and harden vulnerable industrial systems that Iranian threat actors may be targeting.
USA Today
a day ago
- Politics
- USA Today
Iran-linked hackers threaten to release Trump aides' emails
WASHINGTON, June 30 (Reuters) - Iran-linked hackers have threatened to disclose more emails stolen from U.S. President Donald Trump's circle, after distributing a prior batch to the media ahead of the 2024 U.S. election. In online chats with Reuters on Sunday and Monday, the hackers, who go by the pseudonym Robert, said they had roughly 100 gigabytes of emails from the accounts of White House Chief of Staff Susie Wiles, Trump lawyer Lindsey Halligan, Trump adviser Roger Stone and porn star-turned-Trump antagonist Stormy Daniels. Robert raised the possibility of selling the material but otherwise did not provide details of their plans. The hackers did not describe the content of the emails. U.S. Attorney General Pam Bondi described the intrusion as "an unconscionable cyber-attack." The White House and the FBI responded with a statement from FBI Director Kash Patel, who said: "Anyone associated with any kind of breach of national security will be fully investigated and prosecuted to the fullest extent of the law." "This so-called cyber 'attack' is nothing more than digital propaganda, and the targets are no coincidence. This is a calculated smear campaign meant to damage President Trump and discredit honorable public servants who serve our country with distinction," cyberdefense agency CISA said in a post on X. Halligan, Stone and a representative for Daniels did not respond to requests for comment. Iran's mission to the United Nations did not return a message seeking comment. Tehran has in the past denied committing cyberespionage. Robert materialized in the final months of the 2024 presidential campaign, when they claimed to have breached the email accounts of several Trump allies, including Wiles. The hackers then distributed emails to journalists. Reuters previously authenticated some of the leaked material, including an email that appeared to document a financial arrangement between Trump and lawyers representing former presidential candidate Robert F. Kennedy Jr. - now Trump's health secretary. Other material included Trump campaign communication about Republican office-seekers and discussion of settlement negotiations with Daniels. Although the leaked documents did garner some coverage last year, they did not fundamentally alter the presidential race, which Trump won. The U.S. Justice Department in a September 2024 indictment alleged that Iran's Revolutionary Guards ran the Robert hacking operation. In conversations with Reuters, the hackers declined to address the allegation. After Trump's election, Robert told Reuters that no more leaks were planned. As recently as May, the hackers told Reuters, "I am retired, man." But the group resumed communication after this month's 12-day air war between Israel and Iran, which was capped by U.S. bombing of Iran's nuclear sites. In messages this week, Robert said they were organizing a sale of stolen emails and wanted Reuters to "broadcast this matter." American Enterprise Institute scholar Frederick Kagan, who has written about Iranian cyberespionage, said Tehran suffered serious damage in the conflict and its spies were likely trying to retaliate in ways that did not draw more U.S. or Israeli action. "A default explanation is that everyone's been ordered to use all the asymmetric stuff that they can that's not likely to trigger a resumption of major Israeli/U.S. military activity," he said. "Leaking a bunch more emails is not likely to do that." Despite worries that Tehran could unleash digital havoc, Iran's hackers took a low profile during the conflict. U.S. cyber officials warned on Monday that American companies and critical infrastructure operators might still be in Tehran's crosshairs. (Reporting by Raphael Satter; Additional reporting by Gram Slattery and Kanjyik Ghosh; Editing by Cynthia Osterman and Michael Perry)
Fox News
a day ago
- Politics
- Fox News
Iran-linked hackers threaten to release new trove of emails stolen from Trump's inner circle after strikes
An Iran-linked cyber group is threatening to release a trove of emails it claims to have stolen from top Trump officials and allies. The hackers previously released a batch of stolen emails to the media during the 2024 campaign. Under the pseudonym Robert, the hackers first told Reuters they had roughly 100 gigabytes of emails from White House chief of staff Susie Wiles, President Donald Trump confidante Roger Stone, Trump lawyer Lindsey Halligan and Stormy Daniels, the porn star who claims to have had an affair with Trump. Attorney General Pam Bondi called the hack an "unconscionable cyberattack" and said government agencies would work to "protect the officials targeted by this rogue group." FBI Director Kash Patel added in a statement, "Safeguarding our administration officials' ability to securely communicate to accomplish the president's mission is a top priority." "Anyone associated with any kind of breach of national security will be fully investigated and prosecuted to the fullest extent of the law." Marci McCarthy, spokesperson for the Cyber and Infrastructure Security Agency, called Iran's threat "an effort to distract, discredit and divide." "These criminals will be brought to justice," she said in a statement. Last summer, at the height of the 2024 election, Iranian-linked hackers sent material stolen from the Trump campaign to individuals associated with the Biden campaign and to U.S. media organizations. In an indictment in September, the Biden Justice Department accused three members of Iran's Revolutionary Guard Corps of being behind the leak. In May, the hackers behind "Robert" signaled to Reuters they would not be leaking any more documents. "I am retired, man." However, the group reached back out after Israel and the U.S. attacked Iran's nuclear sites. They said they were organizing a sale of the stolen communications and asked Reuters to publicize it. U.S. cyber officials warned on Monday that U.S. companies and critical infrastructure operators may still be in Iran's crosshairs. Experts have suggested Iran may be looking for non-military ways to punish the U.S. for its strikes. "Despite a declared ceasefire and ongoing negotiations towards a permanent solution, Iranian-affiliated cyber actors and hacktivist groups may still conduct malicious cyber activity," U.S. agencies said in an advisory. The new threat comes as Trump insists he is not speaking to Iran and has offered them nothing for nuclear negotiations. He has said Iran's facilities were "totally obliterated."
