Suspected Iranian hackers infiltrated former national security adviser John Bolton’s email account and threatened to release sensitive materials, his indictment alleges.

The indictment on charges that Bolton mishandled classified information, released Thursday, comes after President Donald Trump’s unprecedented public call for the Justice Department to prosecute his enemies. Bolton served under Trump in his first term as national security adviser and since has become a critic.

The passage of the indictment related to the Iranian hackers seeks to demonstrate a representative of Bolton knew his personal emails included information they shouldn’t have.

In early July of 2021, according to the indictment, the Bolton representative contacted the FBI to alert the bureau about the apparent hack, and their suspicion that it was someone from Iran. The indictment states that it was “a cyber actor believed to be associated with the Islamic Republic of Iran.”

The Justice Department had recently closed an investigation into whether Bolton illegally published classified information in a memoir. Later that July, the apparent hackers threatened to release Bolton’s emails, drawing comparisons to the leak of 2016 Democratic presidential candidate Hillary Clinton’s emails.

“I do not think you would be interested in the FBI being aware of the leaked content of John’s email (some of which have been attached), especially after the recent acquittal,” the threatening note from on or about July 25 read, the indictment states. “This could be the biggest scandal since Hillary’s emails were leaked, but this time on the GOP side! Contact me before it’s too late.”

Days later — on or about July 28, the indictment states — Bolton’s representative also told the FBI that they were “[j]ust sending you the text (not the documents [the hacker] attached since there might be sensitive information in them.)”

According to the indictment, “A day later, on or about July 29, 2021, Bolton’s representative told the FBI that Bolton would be deleting the contents of his personal email account that had been hacked.”

Bolton got one more message from the apparent hackers in August. “OK John … As you want (apparently), we’ll disseminate the expurgated sections of your book by reference to your leaked email…” It’s not clear if the hackers followed through on the threat, or what they demanded of Bolton not to release the sections.

Bolton didn’t disclose to the FBI that he had used a hacked email account to share classified information with two unnamed relatives, “nor did he tell the FBI that the hackers now held this information,” the indictment reads.

A search warrant affidavit released last month contains a passage headed “Hack of Bolton AOL Account by Foreign Entity,” but the passage itself is redacted.

Bolton surrendered to authorities on Friday. The law firm of the lawyer defending did not immediately respond to an email about the indictment passages related to the alleged hack, but his attorney, Abbe Lowell, has denied Bolton committed any crimes.

“These charges stem from portions of Ambassador Bolton’s personal diaries over his 45-year career — records that are unclassified, shared only with his immediate family, and known to the FBI as far back as 2021,” Lowell said in a statement. “Like many public officials throughout history, Ambassador Bolton kept diaries — that is not a crime.”

The post John Bolton indictment says suspected Iranian hackers accessed his emails, issued threats appeared first on CyberScoop.

PUBLIC DEFENDER By Brian Livingston We all think we can tell malicious “phishing” messages from the real thing. But studies show that even receiving formal anti-phishing training doesn’t prevent people from clicking on links or opening attachments that let hackers infect their devices, steal their credit-card numbers, or worse. Like a tsunami, electronic communications flood […]

COMMENTARY By Peter Deegan Do you know enough about email to communicate securely, efficiently, and with your messages easily read by all? Like most things in the tech world, important — or at least useful — features are available that many people don’t know about or think aren’t worth the bother. Read the full story […]

ISSUE 22.37 • 2025-09-15 FREEWARE SPOTLIGHT By Deanna McElveen Sometimes we get a little help from one of our daughters when she’s not too busy. We like to set up a temporary email account for her on our server and an email client to handle only those emails. It just makes things easier for us, […]

Kent Ickler // TL;DR: This post describes the process of building an active system to automatically recon SPF violations. Disclaimer: There are parts of this build that might not be legal […]

The post Offensive SPF: How to Automate Anti-Phishing Reconnaissance Using Sender Policy Framework appeared first on Black Hills Information Security, Inc..

Kent Ickler and Derrick Rauch* // Sun Protection Factor Err… wait a second. Sender Policy Framework Ladies and Gentlemen of the class of 1997, Wear Sunscreen…I will dispense my advice, […]

The post How to Configure SPFv1: Explained for the Masses appeared first on Black Hills Information Security, Inc..

Here’s our webcast with Beau Bullock, Brian Fehrman & Carrie Roberts from Tuesday, November 29.

The post WEBCAST: Exchange and OWA attacks – Step by Step appeared first on Black Hills Information Security, Inc..

Beau Bullock // Full Disclosure: Black Hills Information Security believes in responsible disclosure of vulnerabilities. This vulnerability was reported to Microsoft on September 28th, 2016. As of the publication date of […]

The post Bypassing Two-Factor Authentication on OWA & Office365 Portals appeared first on Black Hills Information Security, Inc..

Gail Menius // My husband set me up with GPG and Thunderbird and it was too hard. Ethan said it was cool. Lots of people gave it good reviews. It’s […]

The post 5 Reasons for Mailvelope & Easy Instructions appeared first on Black Hills Information Security, Inc..