Iranian hackers threaten to publish emails from Trump’s aides

A group of hackers believed to be linked to Iran has threatened to release a significant volume of emails allegedly stolen from individuals within President Donald Trump's circle.

The hackers, operating under the pseudonym "Robert," claim to possess approximately 100 gigabytes of emails from accounts belonging to prominent figures such as White House Chief of Staff Susie Wiles, Trump lawyer Lindsey Halligan, Trump adviser Roger Stone, and even adult film actress Stormy Daniels.

In recent online communications, "Robert" indicated they are organizing a sale of the stolen material and expressed a desire for media outlets to "broadcast this matter." This latest threat follows a previous distribution of a smaller batch of emails to the media ahead of the 2024 US election. While those earlier leaks garnered some attention, they did not significantly impact the election's outcome.

US Attorney General Pam Bondi condemned the intrusion as "an unconscionable cyber-attack." The White House and the FBI issued a joint statement through FBI Director Kash Patel, who vowed that "Anyone associated with any kind of breach of national security will be fully investigated and prosecuted to the fullest extent of the law."

The cyber defense agency CISA, however, characterized the incident as "nothing more than digital propaganda, and the targets are no coincidence. This is a calculated smear campaign meant to damage President Trump and discredit honourable public servants who serve our country with distinction."

Tehran has historically denied committing cyber espionage.

The "Robert" hacking operation first emerged in the final months of the 2024 presidential campaign, claiming to have breached the email accounts of several Trump allies, including Ms. Wiles.

The US Justice Department, in a September 2024 indictment, alleged that Iran's Revolutionary Guards ran the "Robert" hacking operation. The hackers have declined to address these allegations in their communications.

Following President Trump's election victory, "Robert" had previously stated that no further leaks were planned, and as recently as May, told Reuters, "I am retired, man." However, the group resumed communication after a recent 12-day air conflict between “Israel” and Iran, which concluded with US bombing of Iranian nuclear sites.

Frederick Kagan, a scholar at the American Enterprise Institute who specializes in Iranian cyber espionage, suggested that Tehran's intelligence agencies are likely seeking to retaliate in ways that avoid further escalation with the US or “Israel”.

"Leaking a bunch more emails is not likely to do that," Kagan noted.

Despite concerns that Tehran could unleash more widespread digital disruption, Iranian hackers maintained a relatively low profile during the recent conflict. Nevertheless, US cyber officials on June 30 warned that American companies and critical infrastructure operators should remain vigilant, as they may still be in Tehran's crosshairs.