Hacker Implores Tweeter In Chief Trump To Secure His Vulnerable Twitter Account
President Donald Trump turned in his much-used Android phone for something more secure (likely a modified Blackberry or iPhone handset), but in case it has not been made clear to this point, he has no intention of giving up Twitter. Trump is the first United States president to tap into social media to the extent that he does. Doing so may have helped him win the election, though some feel it also presents a security threat. One hacker in particular has a message for Trump, and that is to lock down his Twitter account with tighter security.
The hacker goes by the moniker WauchulaGhost and claims he infiltrated 500 ISIS accounts on Twitter. After doing some poking around, WauchulaGhost determined that Trump, Vice President Mike Pence, and First Lady Melania Trump have all left themselves more vulnerable to being hacked on Twitter because of some basic security settings that are not enabled on their respective accounts.
Change your emails & Fix Settings. @FLOTUS
— WauchulaGhost (@WauchulaGhost) January 24, 2017
trumpmelania2017@gmail.com@PressSec
PressSec2017@gmail.com@DanScavino
dscavino@donaldtrump.com pic.twitter.com/YLD4edBoOn
Wauchula points out that it is rather easy for a hacker to figure out the email addresses of each presidential account by initiating a simple password reset. Doing so provides the hacker with a partial email, from which it isn't all that difficult to figure out the rest.
"Once the email is exposed there is a chance it can be compromised. That's the issue," Wauchula says.
All a hacker has to do is request a password reset with a user's Twitter handle to get a partial glimpse of the email associated with that account. Whether or not that is a big deal is debatable, though it can be avoided by enabling an optional security setting that requires providing personal information (such as a phone number) in order to request a password reset.
Wauchula says he has been very good at guessing emails of intended targets. Once he has that information, infiltrating the Twitter account is a matter of cracking the person's email, which there are a number of ways to do, phishing scams being the most popular.
As for Trump, Twitter doesn't comment on individual accounts but interestingly says that the White House Communications Agency manages security protocols and has in place added security that goes beyond two-factor identification.
"Once the email is exposed there is a chance it can be compromised. That's the issue," Wauchula says.
All a hacker has to do is request a password reset with a user's Twitter handle to get a partial glimpse of the email associated with that account. Whether or not that is a big deal is debatable, though it can be avoided by enabling an optional security setting that requires providing personal information (such as a phone number) in order to request a password reset.
Wauchula says he has been very good at guessing emails of intended targets. Once he has that information, infiltrating the Twitter account is a matter of cracking the person's email, which there are a number of ways to do, phishing scams being the most popular.
As for Trump, Twitter doesn't comment on individual accounts but interestingly says that the White House Communications Agency manages security protocols and has in place added security that goes beyond two-factor identification.
