Posts: 6,765 +61
TL;DR: A Dutch security researcher says that he accessed Donald Trump's Twitter account last week by guessing his password—"maga2020!" The White House has denied the claim, while Twitter says it has "no evidence" of a hack taking place.
Dutch newspaper de Volkskrant reports that the researcher, Victor Gevers, claims to have guessed Trump's password on the fifth attempt. This allowed him access to the president's direct messages, to post under his name, and make profile changes. Gevers said he was disappointed to find the account was not secured using two-factor authentication.
"I expected to be blocked after four failed attempts. Or at least would be asked to provide additional information," he told the publication.
Some of the passwords Gevers tried included "MakeAmericaGreatAgain" and "Maga2020" before attempting "maga2020!"
On the day the dutchman says the hijack took place, Trump's account tweeted an article from satirical news site Babylon Bee titled, "Twitter Shuts Down Entire Network To Slow Spread Of Negative Biden News." Dutch magazine Vrij Nederland, which also published a screenshot that Gevers says he took while accessing the account, suggests the tweet may have been sent by the researcher.
"I am not saying I did it. But what if I was the one to post the tweet? Then Trump will need to either admit to never having read the Babylon Bee article and posting this bullshit tweet, OR he will need to acknowledge that someone else posted the tweet."
Gevers says that he tried to alert Trump's campaign team and family, US agencies, and Twitter about the lack of security around the president's account but got no response. A day later, two-step verification was enabled on Trump's Twitter. Two days after that, the Secret Service reportedly got in touch to thank Gevers for highlighting the security issue.
Twitter, however, has denied any hack took place. "We've seen no evidence to corroborate this claim, including from the article published in the Netherlands today. We proactively implemented account security measures for a designated group of high-profile, election-related Twitter accounts in the United States, including federal branches of government," said a company spokesperson.
The White House also denies Gevers' story. "This is absolutely not true but we don't comment on security procedures around the President's social media accounts," White House Deputy Press Secretary Judd Deere told Forbes.
Gevers says this is the second time in four years he's accessed Trump's Twitter. In 2016, working with two other researchers, he broke into the account by obtaining his password—"yourefired"—from the 2012 LinkedIn hack.
Back in July, the Twitter accounts of Barack Obama, Apple, Joe Biden, and more were hijacked for a crypto scam.