• Menu
  • Skip to main content
  • Skip to primary sidebar

The Cyber Security News

Latest Cyber Security News

Header Right

  • Latest News
  • Vulnerabilities
  • Cloud Services
Police Vouch For Hacker Who Guessed Trump’s Twitter Password

Police Vouch for Hacker Who Guessed Trump’s Twitter Password

You are here: Home / Latest Cyber Security Vulnerabilities / Police Vouch for Hacker Who Guessed Trump’s Twitter Password

No fees for Dutch moral hacker Victor Gevers who prosecutors say did truly accessibility Trump’s Twitter account by guessing his password, “MAGA2020!” very last Oct.

When Dutch moral hacker Victor Gevers tried to alert Top secret Support that he was equipped to guess the password to President Donald Trump’s Twitter deal with last October, there have been loads of skeptics, most notably at the White House. Now, Dutch prosecutors have determined Gevers did, in actuality, guess the password to the world’s most effective Twitter account, but stated that he will not be charged with a crime for the reason that he was performing honorably to track down vulnerabilities connected with superior-profile accounts.

Ethical Hacker Vindicated

“This is not just about my perform but all volunteers who search for vulnerabilities in the internet,” Gevers told the BBC. Gevers is a revered cyber-researcher who operates for the Dutch authorities by working day and in his spare time operates the moral hacking non-earnings GDI Foundation.

✔ Approved Seller by TheCyberSecurity.News From Our Partners
Avast Ultimate Suite 2021

Protect yourself against all threads using AVAST Ultimate Suite. AVAST Ultimate Suite protects your Windows, macOS and your Android via Avast Premium. In addition it comes with AVAST's well-known VPN service SecureLineVPN. Therefore, it will be a security and privacy in one package.

Get AVAST Ultimate Suite with 65% discount certified seller: SerialCart® (Limited Offer).

➤ Activate Your Coupon Code


Gevers explained very last fall he was doing a random look at of higher-profile Twitter accounts. It only took him five guesses to appear up with the suitable 1 for @realdonaldtrump, “MAGA2020!” He reported outside of the amazingly weak password, two-factor authentication (2FA) had not been enabled on the account.

2FA generates a exceptional code, despatched by email or text to a regarded system, which will have to be entered to log in. After Gevers reported the issue to Magic formula Company and a range of other agencies, which include to the White House immediately, he been given no response but noticed the account was secured with 2FA two times afterwards.

When logged in, Gevers was ready to obtain Trump’s personal messages, images, bookmarks and record of accounts he experienced blocked.

At the time, Gevers speculated Trump did not have essential protections in area simply because they’re a trouble, adding, “…elderly people today generally swap off two-phase verification simply because they locate it as well sophisticated.”

Dutch Prosecutors Protect Hack

Subsequent an investigation, Dutch authorities were being persuaded that Gevers was acting in fantastic religion to protect Trump’s security.

“The hacker produced the login himself,” Dutch law enforcement reported, in accordance to BBC. “He later stated to law enforcement that he had investigated the toughness of the password mainly because there have been big interests included if this Twitter account could be taken more than so soon ahead of the presidential election.”

The White House denied that the breach transpired, and when Gevers informed Twitter that he was able to guess Trump’s password and access the account, the business mentioned it was skeptical.

“We’ve observed no proof to corroborate this declare, which includes from the short article posted in the Netherlands right now,” a Twitter spokesperson reported in a statement responding to Threatpost’s inquiries.

Dutch law enforcement disagree.

This wasn’t the to start with time Trump’s Twitter was remaining susceptible. In 2016, Gevers was also ready to guess Trump’s password, “yourefired.”

“Leaving politics and individuality aspects apart, this is however the fantastic instance of senior management getting unsavvy about cybersecurity issues,” Dirk Schrader, world-wide vice president of New Net Technologies, explained to Threatpost. “Countless security experts have had this experience, that implementing stricter password rules in the security policy is accepted by management for the firm with an exception granted for administration by itself. The want to have senior management supporting security initiatives to grow to be cyber-resilient is significantly far too usually impeded by that lack of participation in the endeavours. If 2FA is witnessed as an obstacle, there is no ‘leading by good example’.”

Other than vindicating Gevers statements, this affirmation of an embarrassing lapse in security out of the White House looks much more ominous all through the identical week the U.S. govt is seeking to grapple with the whole extent of the Solar Winds breach.

In excess of the training course of his presidency, Trump has utilised his Twitter account to announce firings at the major stages of authorities, carry out delicate diplomatic negotiations with the likes of North Korean dictator Kim Jong-Un and established domestic policy. A breach could allow a malicious actor tank marketplaces, start wars and trigger chaos through the world.

U.S. Cybersecurity Crisis

The revelation that the Twitter compromise was genuine, despite the White House denial, hints at a troubling deficiency of worry and transparency about cybersecurity at the incredibly major of the federal government, researchers reported.

“This serves as vindication for the researcher however, it also presents a troubling watch of how security may perhaps have been taken care of by the administration,” Jack Mannino, CEO at nVisium told Threapost. “While you simply cannot bounce to conclusions about methods somewhere else, these types of incidents are commonly affiliated with teams who have a reasonably low amount of security maturity. This is undoubtedly not what you would anticipate or hope for from the White House, if it proved to be genuine.”

While the Trump administration grapples with an ongoing, unprecedented number of breaches equally large and modest devoid of senior staff members in area (CISA main Christopher Krebs was unceremoniously fired by Tweet by Trump very last month following defending the integrity of the presidential election), officers from preceding administrations say they see this as a minute of dire crisis for the state.

Previous White House Chief Data Officer Theresa Payton advised CNN that the point out of U.S. cybersecurity in the wake of the Solar Winds attack is maintaining her up at night time.

“I woke up in the middle of the evening final night time just unwell to my belly,” stated Theresa Payton, who served as White House CIO underneath President George W. Bush. “On a scale of a person to 10, I’m at a 9 — and it’s not mainly because of what I know it is mainly because of what we still really do not know.”

 


Some sections of this posting are sourced from:
threatpost.com

Previous Post: «Cyber Security News Healthcare.gov Data Thief Jailed
Next Post: It’s time to prepare for fully homomorphic encryption, says IBM It’s Time To Prepare For Fully Homomorphic Encryption, Says Ibm»

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Primary Sidebar

Recent Posts

  • Big Tech Bans Social Networking App
  • Lack of Funding Could Lead to “Lost Generation” of Cyber-Startups
  • Unveiled: SUNSPOT Malware Was Used to Inject SolarWinds Backdoor
  • ‘I’ll Teams you’: Employees assume security of links, file sharing via Microsoft comms platform
  • DarkSide decryptor unlocks systems without ransom payment – for now
  • Researchers see links between SolarWinds Sunburst malware and Russian Turla APT group
  • Millions of Social Profiles Leaked by Chinese Data-Scrapers
  • Feds will weigh whether cyber best practices were followed when assessing HIPAA fines
  • SolarWinds Hack Potentially Linked to Turla APT
  • 10 quick tips to identifying phishing emails

Copyright © TheCyberSecurity.News, All Rights Reserved.