Iran-linked hackers threaten to leak damaging Trump emails from his 2024 campaign

Hackers believed to be aligned with Iran are threatening to release a cache of allegedly stolen emails from President Donald Trump’s 2024 campaign, in what US officials are calling a coordinated effort to damage his political standing. The warning, issued by the Cybersecurity and Infrastructure Security Agency (CISA) on June 30, labelled the threat a "calculated smear campaign" and linked it to Iran’s broader cyber strategy.

 

The hacking group, using the pseudonym 'Robert', claims to have obtained around 100 GB of email data involving senior Trump advisers, including White House chief of staff Susie Wiles, political operative Roger Stone, Trump lawyer Lindsey Halligan and adult film actor Stormy Daniels. The group said they were considering selling the material but did not reveal its contents.

 

The timing of the threat is significant. It comes just days after Trump cancelled a proposal to ease sanctions on Iran, following Iranian Supreme Leader Ayatollah Ali Khamenei’s dismissive remarks about recent US and Israeli airstrikes on Iran’s nuclear facilities. Khamenei claimed the strikes had caused little damage. Trump reacted angrily, stating on Truth Social that he had spared the Iranian leader from an "ugly and ignominious death". In response, senior Iranian clerics have issued calls for Trump’s death and the Iranian government has withdrawn from scheduled talks.

 

CISA spokesperson Marci McCarthy said the hack was a form of "digital propaganda" aimed at undermining Trump and discrediting officials in his administration. "This so-called cyber 'attack' is designed to distract, divide and damage. The targets are no coincidence," she said. "These criminals will be found and brought to justice."

 

The US Justice Department previously charged three Iranians in connection with the 2024 cyberattack on Trump’s campaign, alleging that Iran’s Islamic Revolutionary Guard Corps (IRGC) directed the operation. According to the September indictment, the "Robert" hacking campaign was one of several efforts overseen by the IRGC. Microsoft had also flagged multiple Iranian cyber groups during the 2024 election period, stating they engaged in disinformation and hacking designed to sway the vote.

 

FBI Director Kash Patel emphasised the seriousness of the threat in a statement, saying, "The FBI takes all threats against the president, his staff and US cybersecurity with the utmost seriousness. Anyone involved in compromising national security will be investigated and prosecuted to the fullest extent of the law."

 

The US agencies have also warned that Iranian-backed hackers may seek to disrupt critical infrastructure, including power grids, water systems, transportation networks and firms linked to defence or Israel.

 

In a related development, two pro-Palestinian hacker groups claimed responsibility for denial-of-service attacks on aviation companies, banks and oil firms following recent US airstrikes. One of the groups, Mysterious Team, announced on Telegram: "We increase attacks from today," and urged others to join the campaign. The SITE Intelligence Group, which monitors extremist activity online, confirmed the group’s claims.

 

The Department of Homeland Security issued a bulletin on June 29 warning of a rise in Iranian cyber threats. CISA has since advised critical infrastructure operators to remain vigilant and review their cyber defences amid heightened geopolitical tensions.

Middle East