fbpx
Frame-14

Privacy Ninja

        • DATA PROTECTION

        • CYBERSECURITY

        • Penetration Testing

          Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$4,000. With Price Beat Guarantee!

        • API Penetration Testing
        • Enhance your digital security posture with our approach that identifies and addresses vulnerabilities within your API framework, ensuring robust protection against cyber threats targeting your digital interfaces.

        • On-Prem & Cloud Network Penetration Testing
        • Boost your network’s resilience with our assessment that uncovers security gaps, so you can strengthen your defences against sophisticated cyber threats targeting your network

        • Web Penetration Testing
        • Fortify your web presence with our specialised web app penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats

        • Mobile Penetration Testing
        • Strengthen your mobile ecosystem’s resilience with our in-depth penetration testing service. From applications to underlying systems, we meticulously probe for vulnerabilities

        • Cyber Hygiene Training
        • Empower your team with essential cybersecurity knowledge, covering the latest vulnerabilities, best practices, and proactive defence strategies

        • Thick Client Penetration Testing
        • Elevate your application’s security with our thorough thick client penetration testing service. From standalone desktop applications to complex client-server systems, we meticulously probe for vulnerabilities to fortify your software against potential cyber threats.

        • Source Code Review
        • Ensure the integrity and security of your codebase with our comprehensive service, meticulously analysing code quality, identifying vulnerabilities, and optimising performance for various types of applications, scripts, plugins, and more

        • Email Spoofing Prevention
        • Check if your organisation’s email is vulnerable to hackers and put a stop to it. Receive your free test today!

        • Email Phishing Excercise
        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • Cyber Essentials Bundle
        • Equip your organisation with essential cyber protection through our packages, featuring quarterly breached accounts monitoring, email phishing campaigns, cyber hygiene training, and more. LAUNCHING SOON.

Trump’s Campaign Website Hacked By Cryptocurrency Scammers

Trump’s Campaign Website Hacked By Cryptocurrency Scammers

President Trump’s campaign website was briefly and partially hacked Tuesday afternoon as unknown adversaries took over parts of the page, replacing them with what appeared to be a scam to collect cryptocurrency. There is no indication, despite the hackers’ claims, that “full access to trump and relatives” was achieved or “most internal and secret conversations strictly classified information” were exposed.

The hack, first noted by Gabriel Lorenzo Greschler on Twitter, seemingly took place shortly before 4 PM Pacific time. The culprits likely gained access to the donaldjtrump.com web server backend and inserted a long stretch of obfuscated JavaScript producing a parody of the FBI “this site has been seized” message, which appeared over the normal content.

“the world has had enough of the fake-news spreaded daily by president donald j trump,” the new site read. “it is time to allow the world to know truth.”

Claiming to have inside information on the “origin of the corona virus” and other information discrediting Trump, the hackers provided two Monero addresses. Monero is a cryptocurrency that’s easy to send but quite difficult to track. For this reason it has become associated with unsavory operations such as this hack.

Also Read: Letter of Consent MOM: Getting the Details Right

One address was for people who wanted the “strictly classified information” released, the other for those who would prefer to keep it secret. After an unspecified deadline the totals of cryptocurrency would be compared and the higher total would determine what was done with the data.

The page was signed with a PGP public key corresponding to an email address at a non-existent domain (planet.gov).

The website was reverted to its original content within a few minutes of the hack taking place. There is no evidence to suggest that anything other than the one page was accessed, such as donor data; campaign communications director Tim Murtaugh confirmed the hack shortly afterwards, saying there was no exposure of sensitive data and that they are working with law enforcement.

Getting people to irreversibly send cryptocurrency to a mysterious address is a common form of scam online, usually relying on brief appearances on high visibility platforms like celebrity Twitter accounts and the like. This one is no different, and was taken down within minutes.

There is no indication that this attack was in any way state-sponsored, and while it strikes a partisan tone, one can hardly say that this is a very coherent attack against the Trump platform. Campaign and other elections-related websites are high-value targets for hackers because they are associated with entities like Trump but are not as secure as official sites like whitehouse.gov. Though the diction seems not to be that of a native English speaker, there is no other positive evidence that the hack is of foreign origin.

Also Read: A Look at the Risk Assessment Form Singapore Government Requires

This is not the first time Trump has been hacked recently. His Twitter account was briefly taken over by someone who guessed his password (“maga2020!”) but was, luckily for the president, not of a mind to collect DMs or otherwise rock the boat. And of course, Trump’s hotels were hacked before as well.

Trump recently stated, mistakenly it seems, that “Nobody gets hacked. To get hacked you need somebody with 197 IQ and he needs about 15% of your password.”

0 Comments

KEEP IN TOUCH

Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection

REPORTING DATA BREACH TO PDPC?

We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.
×

Hello!

Click one of our contacts below to chat on WhatsApp

× Chat with us