- Joined
- May 15, 2016
- Messages
- 14,569
- Likes
- 2,645
- Points
- 1,730
The account was hacked using a password leaked in 2012.
Three hackers from the Netherlands hacked into the account of US President Donald Trump using a leaked password, Vrij Nederland reported.
Information security experts, who in the article appear only as Edwin, Matijs and Viktor, are members of the Guild of the Grumpy Old Hackers (GGOH) organization. According to them, they took the credentials from the LinkedIn service database leaked in 2012. Browsing the database, they found an entry associated with Donald Trump that included a password hash (07b8938319c267dcdb501665220204bbde87bf1d). Using John the Ripper's tool to crack various kinds of hashes, the trio managed to get the password.
With their credentials, they tried to log into Trump's account (@realdonaldtrump). To their surprise, the system verified the password as valid, but the email address in the leak did not match. After some time, the experts managed to find the correct email address (twitter @ donaldjtrump [.] Com) and log into the account.
As evidence, the experts provided the publication with a screenshot demonstrating account authorization. The "crackers" tried to contact the American authorities regarding the lack of security of Trump's account (lack of multifactor authentication and the use of a leaked password), but to no avail. They ended up submitting a report to the Netherlands National Cyber Security Center.
__________________
Three hackers from the Netherlands hacked into the account of US President Donald Trump using a leaked password, Vrij Nederland reported.
Information security experts, who in the article appear only as Edwin, Matijs and Viktor, are members of the Guild of the Grumpy Old Hackers (GGOH) organization. According to them, they took the credentials from the LinkedIn service database leaked in 2012. Browsing the database, they found an entry associated with Donald Trump that included a password hash (07b8938319c267dcdb501665220204bbde87bf1d). Using John the Ripper's tool to crack various kinds of hashes, the trio managed to get the password.
With their credentials, they tried to log into Trump's account (@realdonaldtrump). To their surprise, the system verified the password as valid, but the email address in the leak did not match. After some time, the experts managed to find the correct email address (twitter @ donaldjtrump [.] Com) and log into the account.
As evidence, the experts provided the publication with a screenshot demonstrating account authorization. The "crackers" tried to contact the American authorities regarding the lack of security of Trump's account (lack of multifactor authentication and the use of a leaked password), but to no avail. They ended up submitting a report to the Netherlands National Cyber Security Center.
__________________