HomeLatest ThreadsGreatest ThreadsForums & GroupsMy SubscriptionsMy Posts
DU Home » Latest Threads » Forums & Groups » Main » Latest Breaking News (Forum) » "Secure" Trump ...

Sun Feb 19, 2017, 11:01 PM

"Secure" Trump website defaced by hacker claiming to be from Iraq

Source: Ars Technica

Someone calling themselves "Pro_Mast3r" managed to deface a server associated with President Donald Trump's presidential campaign fundraising on Sunday, The server, secure2.donaldjtrump.com, is behind Cloudflare's content management and security platform, and does not appear to be directly linked from the Trump Pence campaign's home page. But it does appear to be an actual Trump campaign serverits certificate is legitimate, but a reference to an image on another site is insecure, prompting a warning on Chrome and Firefox that the connection is not secure.

The page, now displaying an image of a man in a fedora, displays the following text:

Hacked By Pro_Mast3r
Attacker Gov
Nothing Is Impossible
Peace From Iraq

The source code contains a link to javascript on a now-nonexistent Google Code account, masterendi, previously associated with the hacking of at least three other websites. As Italian IT journalist Paolo Attivissimo pointed out, an archive of the script shows it to be a snow animation script, not malware.

Read more: https://arstechnica.com/security/2017/02/secure-trump-website-defaced-by-hacker-claiming-to-be-from-iraq/



Image of the hack:



The server - http://secure2.donaldjtrump.com/ -was still offline at time of posting. Trump's other servers are still operational.

Which all goes to prove that bragging about your yuuuge abilities to counter hackers is just waving a red rag at a bull.


http://www.politico.com/tipsheets/morning-cybersecurity/2017/02/trump-claims-credit-for-rnc-computer-security-218809

Meanwhile, Trump is still using his old, unsecured phone for some communications, possibly the one he was using when his Twitter account was hacked in 2013, his "cyber tsar" Giuliani was one of 14 Trump staffers who had their passwords leaked during 2012-2016, and Giuliani's own commercial website is rumored to be far from secure ...

15 replies, 4530 views

Reply to this thread

Back to top Alert abuse

Always highlight: 10 newest replies | Replies posted after I mark a forum
Replies to this discussion thread
Arrow 15 replies Author Time Post
Reply "Secure" Trump website defaced by hacker claiming to be from Iraq (Original post)
Denzil_DC Feb 2017 OP
George II Feb 2017 #1
ProudLib72 Feb 2017 #2
turbinetree Feb 2017 #3
Denzil_DC Feb 2017 #4
BumRushDaShow Feb 2017 #13
zentrum Feb 2017 #5
Honeycombe8 Feb 2017 #6
Denzil_DC Feb 2017 #14
Honeycombe8 Feb 2017 #15
LenaBaby61 Feb 2017 #8
zentrum Feb 2017 #10
Chicago1980 Feb 2017 #7
BumRushDaShow Feb 2017 #12
Eugene Feb 2017 #9
Achilleaze Feb 2017 #11

Response to Denzil_DC (Original post)

Sun Feb 19, 2017, 11:16 PM

1. Crooked donald - LOCK HIM UP!!!!!!!

Reply to this post

Back to top Alert abuse Link here Permalink


Response to Denzil_DC (Original post)

Sun Feb 19, 2017, 11:20 PM

2. Yes!

LOCK HIM UP! tRUMP FOR PRISON 2017!

Reply to this post

Back to top Alert abuse Link here Permalink


Response to Denzil_DC (Original post)

Sun Feb 19, 2017, 11:30 PM

3. Where is Jason Chaffetz, and Trey Gordy

were are these two ass***es-----------------


We did not forget ass****s, no we have not

Reply to this post

Back to top Alert abuse Link here Permalink


Response to Denzil_DC (Original post)

Sun Feb 19, 2017, 11:51 PM

4. A bit more about Giuliani's own site's insecurities:

Last edited Mon Feb 20, 2017, 09:25 AM - Edit history (1)

Trump's cyber-guru Giuliani runs ancient 'easily hackable website'



...

Giulianisecurity.com, the website for the ex-mayor's eponymous infosec consultancy firm, is powered by a roughly five-year-old build of Joomla! that is packed with vulnerabilities. Some of those bugs can be potentially exploited by miscreants using basic SQL injection techniques to compromise the server.

This seemingly insecure system also has a surprising number of network ports open from MySQL and anonymous LDAP to a very out-of-date OpenSSH 4.7 that was released in 2007. It also runs a rather old version of FreeBSD.

Security gurus are right now tearing strips off Trump's cyber-wizard pick. Top hacker Dan Tentler was first to point out the severely out-of-date Joomla! install.

"It speaks volumes," Tentler told The Register, referring to Giuliani's computer security credentials, or lack of, and fitness for the top post. "Seventy-year-old luddite autocrats who often brag about not using technology are somehow put in charge of technology: it's like setting our country on fire and giving every extranational hacker a roman candle or, rather, not setting on fire, but dousing in gasoline."

http://www.theregister.co.uk/2017/01/13/giuliani_joomla_outdated_site/

Reply to this post

Back to top Alert abuse Link here Permalink


Response to Denzil_DC (Reply #4)

Mon Feb 20, 2017, 06:55 AM

13. THIS

I noticed that Ghouliani suddenly disappeared and went silent.

Reply to this post

Back to top Alert abuse Link here Permalink


Response to Denzil_DC (Original post)

Mon Feb 20, 2017, 12:44 AM

5. Announcing it's

...from Iraq (i.e. "terrorists" so called) helps the Rump agenda of demonizing Islam, more than it helps us unmask him as incompetent.

This hack plays into his "be-very-afraid-the-Muslims-coming!" rhetoric.

Couldn't they just hack him and not tie it to a banned Muslim country?



Reply to this post

Back to top Alert abuse Link here Permalink


Response to zentrum (Reply #5)

Mon Feb 20, 2017, 12:58 AM

6. Of course, it might really be from someone in Iraq.

Doesn't have to be a Muslim or anyone meaning real harm. The hacker didn't do anything other than temporarily hack the site.

Or it could be from someone in Kansas. Can't tell.

Pretty sure it's not from Russia.

Reply to this post

Back to top Alert abuse Link here Permalink


Response to Honeycombe8 (Reply #6)

Mon Feb 20, 2017, 09:14 AM

14. According to The Jester (usually reliable), the hacker's identity's known.

I haven't posted it here, because the hacker deleted the Tweet in which he earlier claimed responsibility for it, so I see no reason to compound his foolishness (plus it might fall foul of DU's TOS).

He's not a big player, and yes, this isn't a major hack, just a temporary defacement, but it does show the dangers of hubris, especially where cybersecurity's concerned - a hacker just has to get lucky once, those running the sites have to remain lucky all the time. Future hacks could be a lot more serious

Reply to this post

Back to top Alert abuse Link here Permalink


Response to Denzil_DC (Reply #14)

Mon Feb 20, 2017, 01:12 PM

15. I see. Thanks. nt

Reply to this post

Back to top Alert abuse Link here Permalink


Response to zentrum (Reply #5)

Mon Feb 20, 2017, 01:06 AM

8. This hack plays into his "be-very-afraid-the-Muslims-coming!" rhetoric.

That's exactly what I was thinking.

That nazi bannon would think nothing about telling that ignorant ass clown tRumputin to start a war "somewhere," or tell him to really ratchet up his anti-Muslim rhetoric over something like this

Reply to this post

Back to top Alert abuse Link here Permalink


Response to LenaBaby61 (Reply #8)

Mon Feb 20, 2017, 02:25 AM

10. Bannon is salivating

...for war. He's more insane than Orange because he's fine with being maniacal.

Reply to this post

Back to top Alert abuse Link here Permalink


Response to Denzil_DC (Original post)

Mon Feb 20, 2017, 01:04 AM

7. But he knows all about 'the cyber'.

Reply to this post

Back to top Alert abuse Link here Permalink


Response to Chicago1980 (Reply #7)

Mon Feb 20, 2017, 06:54 AM

12. That "cyber" was supposed to be thanks to Ghouliani's "Cyber Security" company!

Reply to this post

Back to top Alert abuse Link here Permalink


Response to Denzil_DC (Original post)

Mon Feb 20, 2017, 01:23 AM

9. Thank you for pointing out Trump's cyber security boast.

Now he'll deny saying that.

Reply to this post

Back to top Alert abuse Link here Permalink


Response to Denzil_DC (Original post)

Mon Feb 20, 2017, 05:48 AM

11. Another lie from the republican Draft-Dodger-in-Chief blown to smithereens

Republicans and their Tax-&-Draft-Dodging Genital Grabber should stop lying to honest American citizens. Now.

Reply to this post

Back to top Alert abuse Link here Permalink

Reply to this thread