InfoSecBulletin Cybersecurity for mankind
Donald Trump Jr.’s account on X (formerly known as Twitter) was hacked after it started sharing strange and erratic posts, according to a spokesperson for former President Donald Trump.
WhatsApp banned on all US House of Representatives devices
Kaspersky found “SparkKitty” Malware on Google Play, Apple App Store
OWASP AI Testing Guide Launched to Uncover Vulns in AI Systems
Axentec Launches Bangladesh’s First Locally Hosted Tier-4 Cloud Platform
Hackers Bypass Gmail MFA With App-Specific Password Reuse
Russia detects first SuperCard malware attacks via NFC
Income Property Investments exposes 170,000+ Individuals record
ALERT (CVE: 2023-28771)
Zyxel Firewalls Under Attack via CVE-2023-28771 by 244 IPs
CISA Flags Active Exploits in Apple iOS and TP-Link Routers
10K Records Allegedly from Mac Cloud Provider’s Customers Leaked Online
Andrew Surabian posted on X stating that Don’s account had been hacked. He further clarified that the recent post asserting the death of the former president was clearly fabricated and lacked any truth.
Not only did the compromised account spread false information about the passing of the elder Trump, but it also falsely stated that Trump Jr. would be running for president. Within minutes, the post had been reshared more than 1,000 times on X and viewed hundreds of thousands of times.
There was another threat made towards North Korea on a post. There was also a pinned post on the account’s profile that insulted President Joe Biden using a racist term.
Donald Trump himself took to Twitter to refute the false tweets, asserting that he was very much alive.
The incident raises new questions about the role of X in protecting user accounts, especially those of important political figures, as the platform gets ready for the 2024 elections.
X announced in August that it is significantly expanding its safety and election teams. This decision follows a series of mass layoffs last year, which resulted in over 80% reduction in the company’s overall workforce, as revealed by its owner, Elon Musk.
It’s unclear if the compromise allowed unauthorized access to Trump Jr.’s private messages or if he had two-factor authentication on his account.
The Federal Trade Commission is investigating whether X has properly protected user privacy. They are also looking into whether X violated its 2011 commitments to secure the platform. Following a whistleblower disclosure by Peiter “Mudge” Zatko, the former security chief of the company, an investigation was initiated. The disclosure, which was first reported by CNN and The Washington Post last year, brought attention to numerous security vulnerabilities that had been overlooked and left unattended.
Source:
CNBC. CNN. Euronews
