The FBI has accessed several “overseas” encrypted email accounts belonging to the man who attempted to assassinate former President Donald Trump, but investigators still haven’t determined the gunman’s motive. “We understand these accounts were encrypted. However, the level of encryption was no more sophisticated than any standard widely used internet-based email service,” Kevin Rojek, the FBI special agent in charge of the bureau’s Pittsburgh field office, said during a Wednesday call with reporters.The agency didn’t name the email providers used by the gunman, Thomas Matthew Crooks. But Rojek made the comment after a Republican lawmaker told the press last week that Crooks used encrypted messaging platforms based in Belgium, New Zealand, and Germany. “We successfully accessed the information from these accounts and appropriately analyzed their content,” Rojek said on Wednesday. “However, we continue to identify and exploit the subject’s accounts.”That suggests the FBI is still trying to track down all of Crooks’ online activity. A month ago, FBI Director Christopher Wray noted that Crooks had used encrypted messaging apps, creating another hurdle for investigators.The FBI also unlocked the shooter’s Samsung phone and has been poring over his online searches and social media posts. The analysis has given federal investigators “valuable insight” into Crooks’ mindset in the lead-up to the assassination attempt, but “not a definitive motive,” Rojek said. “At this time, the FBI has not identified a motive, nor any co-conspirators or associates of Crooks with advance knowledge of the attack,” said FBI Assistant Director of the Counterterrorism Division Robert Wells. “And I want to be clear: We have not seen any indication to suggest that Crooks was directed by a foreign entity to conduct the attack.”
(Credit: FBI)
So far, the FBI’s investigation shows the gunman began conducting online searches in late September 2023 to find out Trump’s campaign schedule in Pennsylvania, where Crooks lived. “Next from April 2024 to July 12, the subject searched campaign events for both former President Trump and President Biden, including events scheduled to take place in western Pennsylvania,” Rojek said.
Recommended by Our Editors
This included 60 searches for both presidential figures. “Of particular note, our investigation identified specific searches on July 5 to include ‘when is the DNC convention’ and “when is the RNC convention in 2024,’” Rojek said. Rojek added that Crooks conducted a “sustained, detailed effort to plan an attack on some event,” before becoming “hyper-focused” on Trump’s July 13 rally in Butler, Pennsylvania, where Crooks fired off shots that grazed Trump, killed a man in the stands, and injured two other rally attendees.“We continue to see through our analysis a mixture of ideologies. So I would say that we see no definitive ideology associated with our subject, either left-leaning or right-leaning,” Rojek said. “It’s really been a mixture and something that we’re still attempting to analyze and draw conclusions on.”
Like What You’re Reading?
Sign up for SecurityWatch newsletter for our top privacy and security stories delivered right to your inbox.
This newsletter may contain advertising, deals, or affiliate links. Subscribing to a newsletter indicates your consent to our Terms of Use and Privacy Policy. You may unsubscribe from the newsletters at any time.
About Michael Kan
Senior Reporter
I’ve been with PCMag since October 2017, covering a wide range of topics, including consumer electronics, cybersecurity, social media, networking, and gaming. Prior to working at PCMag, I was a foreign correspondent in Beijing for over five years, covering the tech scene in Asia.
Read Michael’s full bio
Read the latest from Michael Kan
