Pro-Iran hackers have recently threatened to release a large trove of emails allegedly stolen from individuals closely associated with former President Donald Trump. U.S. federal officials have characterized this as a “calculated smear campaign” and dismissed the threat as “digital propaganda” designed to undermine Trump and other government officials. However, previously leaked documents by the group were authenticated and included communications about campaign strategy and legal matters involving Stormy Daniels
Key details
The hackers, operating under the pseudonym “Robert,” claim to possess about 100 gigabytes of emails from Trump’s chief of staff Susie Wiles, adviser Roger Stone, Trump lawyer Lindsey Halligan, and adult film actress Stormy Daniels. The group previously leaked some material to journalists during the 2024 presidential campaign. Some of those documents were authenticated and included communications about campaign strategy and legal matters involving Stormy Daniels, but the leaks did not significantly impact the election outcome. The hackers have suggested they might sell the material but have not provided details about its contents or plans for release.
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) and the Department of Homeland Security have both emphasized that the campaign is intended to “distract, discredit, and divide” and that the material is “purportedly stolen and unverified”. The U.S. Justice Department has previously linked the “Robert” hacking operation to Iran’s Islamic Revolutionary Guard Corps, and three Iranians were indicted last year for hacking campaigns targeting Trump, Biden, and Harris campaign officials.
The threat emerged amid heightened tensions following U.S. and Israeli strikes on Iranian nuclear facilities and as diplomatic relations remain strained. U.S. officials, including the FBI and Attorney General, have condemned the breach as an “unconscionable cyberattack” and pledged to investigate and prosecute those responsible. Authorities have also warned that Iranian-linked cyber groups may continue targeting U.S. interests, including critical infrastructure and companies connected to Israel, but so far, no major disruptions have been reported.
