As President Trump re-imposed harsh economic sanctions on Iran last month, hackers scrambled to break into personal emails of US officials tasked with enforcing them, the AP has found. It drew on data from cybersecurity group Certfa to track how a hacking group nicknamed Charming Kitten spent the past month trying to break into the private emails of at least 13 US Treasury officials, high-profile defenders, detractors and enforcers of the nuclear deal struck between Washington and Tehran, as well as Arab atomic scientists, Iranian civil society figures, and DC think tank employees. "Presumably, some of this is about figuring out what is going on with sanctions," said Frederick Kagan, an American Enterprise Institute scholar who's written about Iranian cyberespionage and was among those targeted.
"This is a little more worrisome than I would have expected," he added, referencing the targeting of nuclear experts in Pakistan, Jordan, and Syria. Others on the hit list—such as Guy Roberts, the US Assistant Secretary of Defense for Nuclear, Chemical, and Biological Defense Programs—pointed to an eagerness to keep track of officials charged with overseeing America's nuclear arsenal. The list surfaced after Charming Kitten mistakenly left one of its servers open to the internet last month. Researchers at Certfa found the server and extracted a list of 77 Gmail and Yahoo addresses targeted by the hackers that they handed to the AP for further analysis. It's not clear how many of the accounts were successfully compromised. (Iran had called the new sanctions a "war situation.")