Hackers with ties to Iran have issued a warning about the potential release of additional emails obtained from associates of U.S. President Donald Trump. This follows their earlier distribution of a set of emails to the media in the lead-up to the 2024 U.S. election.
In discussions with Reuters over the weekend, the individuals operating under the alias Robert revealed that they possess approximately 100 gigabytes of emails linked to several high-profile figures, including White House Chief of Staff Susie Wiles, Trump attorney Lindsey Halligan, Trump adviser Roger Stone, and Stormy Daniels, the adult film star who has become a notable critic of the former president.
Robert suggested the option of selling the material, yet did not elaborate on their plans further. The hackers refrained from detailing the contents of the emails.
U.S. Attorney General Pam Bondi characterised the incident as “an unconscionable cyber-attack.”
In a recent statement, FBI Director Kash Patel emphasised the agency’s commitment to addressing breaches of national security. He declared, “Anyone associated with any kind of breach of national security will be fully investigated and prosecuted to the fullest extent of the law,” reflecting the seriousness with which the White House and the FBI approach such matters.
The recent incident labelled as a cyber ‘attack’ appears to be more of a strategic move in digital propaganda, with the choice of targets seemingly deliberate. CISA, the cyber defence agency, asserted in a post on X that this is a deliberate smear campaign aimed at undermining President Trump and tarnishing the reputations of honourable public servants dedicated to serving the nation with distinction.
Requests for comment from Halligan, Stone, and a representative for Daniels went unanswered. The Iranian mission to the United Nations has not responded to a request for comment. In previous statements, Tehran has refuted allegations of engaging in cyberespionage activities.
In the closing months of the 2024 presidential campaign, Robert emerged on the scene, asserting that they had successfully infiltrated the email accounts of multiple Trump associates, including Wiles.
Subsequently, the hackers disseminated emails to members of the press.
Reuters has confirmed the authenticity of certain leaked documents, including an email that seemingly outlines a financial agreement between Trump and the attorneys of former presidential candidate Robert F. Kennedy Jr., who currently serves as Trump’s health secretary.
Included in the material were communications from the Trump campaign regarding Republican candidates and conversations surrounding settlement negotiations with Daniels.
The leaked documents received some attention last year; however, they ultimately did not significantly impact the presidential race, which Trump won.
In a September 2024 indictment, the U.S. Justice Department accused Iran’s Revolutionary Guards of orchestrating the Robert hacking operation. During discussions with Reuters, the hackers chose not to respond to the accusation.
Following Trump’s election, Robert informed Reuters that there would be no further leaks anticipated. In a statement to Reuters as recently as May, the hackers remarked, “I am retired, man.” The group re-established communication following this month’s 12-day air conflict between Israel and Iran, which concluded with U.S. bombings targeting Iran’s nuclear facilities.
This week, Robert communicated that they were arranging a sale of stolen emails and expressed a desire for Reuters to “broadcast this matter.”
Frederick Kagan, a scholar at the American Enterprise Institute known for his analysis of Iranian cyberespionage, noted that Tehran experienced significant setbacks during the conflict. He suggested that Iranian operatives are likely seeking to respond without provoking further actions from the United States or Israel.
“According to him, the prevailing explanation is that there has been a directive for everyone to utilise all available asymmetric resources that are unlikely to provoke a return to significant military operations by Israel or the United States.” “The release of additional emails is unlikely to achieve that outcome.”
Amid concerns that Tehran might initiate a wave of cyber disruptions, Iranian hackers maintained a subdued presence throughout the conflict. On Monday, U.S. cyber officials issued a warning indicating that Tehran could still target American companies and operators of critical infrastructure.
