There’s an extraordinary story in the security world today.
In fact, it’s so extraordinary that I’m also inclined to believe that it cannot possibly be true. But then, this is 2020… and I’m losing all sense of reality, so maybe it is true.
According to Dutch magazine Vrij Nederland (VN), in 2016 three ethical hackers known only as Edwin, Mattijs and Victor, scoured through the password database that had leaked out of LinkedIn a few years before.
In it, they found a hashed password that appeared to belong to one [email protected]. And having managed to extract the password from the hash, they attempted to see if it would unlock the then US Presidential candidate’s Twitter account.
Here’s what happened according to Vrij Nederland, courtesy of Google Translate:
With the program John the Ripper – a tool that hackers use to crack hashes – Mattijs retrieved the password in less than a second: yourefired
Before anyone could say anything, Edwin was tapping.The password was accepted, as an extra verification step an e-mail address had to be entered.But that address was wrong.
Edwin nearly fell off his chair. This meant that Trump had not changed his password after the 2013 ‘hack’.
When the three men entered the correct email address for the account ([email protected]) they were – fortunately – blocked from accessing the account. But only because Twitter noticed they were trying to log in from Europe, and Trump himself had lost logged in from New York.
Sign up to our newsletterSecurity news, advice, and tips.
Support the originator by clicking the read the rest link below.
