I have no idea how the election will go, and I don’t want to comment on politics here, but I’ve just read a very interesting article about the Trump campaign site being hacked.
The hackers claimed to have compromising information, and posted two options to vote on whether to release it by sending money to one of two cryptocurrency wallets:
The article is by Wordfence, a WordPress security plugin company, and it’s an outsider analysis of the hack, the most likely causes, and other ways the Trump campaign’s website security may or may not have been breached.
Without being able to log in, they believe the most likely cause would have been a password security breach – which seems even more likely given the following precedents:
“A Dutch Researcher recently claimed to have accessed Trump’s Twitter account using the password “maga2020!”.
Trump’s Twitter account was also hacked in 2016 when a data breach revealed that he was using the password “yourefired”.”
However, they don’t only discuss the most likely causes. It’s a very interesting review of website security, at a non-expert level, that covers Cloudflare, Expression Engine, PGP keys, cryptocurrencies, social engineering, and application vulnerabilities.
Above all, 2-factor authentication is recommended.
Read more here:
(Screenshot of the hacked Trump campaign site, via Wordfence)
Leave a Reply