In July, an Iranian-linked group reignited tensions with the US following hackers stealing data from President Trump’s allies, threatening to leak 100GB of emails in a cyberattack following conflict in the Middle East, according to Reuters.
Operating under the alias “Robert,” the group has resurfaced months after the 2024 election with fresh warnings that they intend to publish or sell the stolen data. The breached materials include some of President Trump’s top allies, including his Chief of Staff Susan Wiles, lawyer Lindsey Halligan, longtime advisor Roger Stone, and Stormy Daniels/
Reuters broke the story of the Iranian hackers stealing data, highlighting how the hackers had also published some of this information back in 2024.
Though the leaks sparked media interest particularly one document suggesting a financial arrangement between President Trump and now Health Secretary Robert F. Kennedy Jr., they ultimately did not alter the election’s outcome.
Acting on the fresh threat, FBI Director Kash Patel made an unmistakable threat, saying the US national security “will be fully investigated and prosecuted.”
Election Interference to Political Annoyance
What began as a series of suspicious hackers stealing data by email during the final phase of the 2024 campaign has now become a broader cyber campaign with global implications. US intelligence previously attributed the operation to Iran’s Islamic Revolutionary Guard Corps (IRGC), accusing Tehran of using the “Robert” group to sow discord and manipulate American political discourse.
But analysts say the latest developments in the hackers email data breach suggest a more aggressive turn.
What’s unfolding is no longer just about influencing US elections but deepening the psychological and political tensions between the US and Iran.
By targeting senior level targets surrounding President Trump and threatening to weaponize their private correspondence, Iran-aligned hackers are not merely trying to embarrass individuals but rather showing that Tehran can penetrate deep into the US political space, without ever firing a bullet or using modern warfare tech.
The cyber data theft itself shows how cyber war has come to be at the forefront of Iran’s asymmetric warfare, increasingly obfuscating the distinctions between espionage, propaganda, and political blackmail. In the wake of the recent 12-day war between Israel and Iran that ended with US bombing of Iranian nuclear sites, cyber-attack is now a part of Iran’s irregular strategy to counter American power.
The espionage against political personnel is resurfacing after months of silence, paired with their timing amid regional conflict, has raised red flags among cybersecurity experts.
New Tactic in US-Iran Rivalry
The operation of the “Robert” stolen communications data, after declaring itself “retired” in early 2025, is a shift in Iranian cyber operations from interference to strategic harassment.
Although CISA and officials will not comment, cybersecurity professionals are increasingly alarmed by the scope and complexity of Iran-related cyber operations.
Despite a lack of parity in conventional military capabilities with the US, Iran has had a tradition of relying on unorthodox methods from proxy militias to cyberwarfare. This latest move appears clearly within that theory, employing hackers stealing data as a way of disruption and influence.
As the talks between Washington and Tehran escalate the Iran cyber espionage, the battlefield may as easily be virtual as real.
Inside Telecom provides you with an extensive list of content covering all aspects of the tech industry. Keep an eye on our Cybersecurity sections to stay informed and up-to-date with our daily articles.