Iranian Hackers “Robert” Threaten New Leak of 100GB of Trump Aides’ Emails After Recent Airstrikes
Hackers affiliated with Iran have resurfaced once again—this time claiming to have accessed a trove of new emails belonging to former President Donald Trump and his inner circle. According to Reuters, the breach allegedly encompasses around 100 gigabytes of correspondence, including messages from senior advisor Susie Wiles, attorney Lindsey Halligan, advisor Roger Stone, and materials linked to actress Stormy Daniels, who has previously been involved in high-profile legal battles with Trump.
The group, which calls itself “Robert,” gained notoriety ahead of the 2024 election when it leaked an initial batch of emails to the press. That earlier disclosure included communications with attorneys for Robert F. Kennedy Jr., now the U.S. Secretary of Health, as well as discussions about potential payments to Stormy Daniels and internal strategy memos from Trump’s campaign. Some of those emails were later verified by journalists as authentic. Following the incident, the group claimed to have “retired,” but resurfaced in June of this year—just after Israel launched a major strike on Iranian nuclear facilities and the U.S. conducted airstrikes on three Iranian targets.
Now, members of the group have told Reuters that they intend to sell access to unreleased materials, though they have not disclosed to whom or when such a transaction might occur. FBI officials have stated that anyone involved in the leaks will be thoroughly investigated and held accountable under national security laws. Meanwhile, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued a formal warning to companies operating in defense and critical infrastructure sectors about heightened threats from Iranian cyber actors.
The agency’s bulletin emphasizes that amid the current geopolitical climate, such groups may resort to ransomware and other attack vectors, often working in tandem with operators who offer services through affiliate-based models. It specifically notes that Iranian hackers have previously compromised water supply systems and industrial facilities by exploiting vulnerabilities in Israeli-manufactured equipment—technology widely used across sectors from automotive to petrochemicals.
Analysts believe that, in light of recent attacks on Iran’s defense infrastructure, cyber units may be authorized to employ all available means of retaliation, while still attempting to avoid full-scale conflict escalation. The release of another cache of emails is seen as one such form of asymmetric pressure—designed to inflict political damage without overt military engagement.
Meanwhile, concerns in Washington are mounting over potential cyberattacks targeting healthcare systems, energy grids, and government institutions. Ariel Parnes, a former officer of Israel’s elite Unit 8200 cyber division, stated that Iran views cyber operations as a cost-effective and potent tool of influence. According to him, these are not random skirmishes, but calculated acts intended to destabilize and project strength.
While CISA has yet to comment on the renewed activity of the Robert group, the growing body of evidence suggests that the cyber conflict between Iran and the United States is escalating—and a fresh flare-up may be only a matter of time.