Cryptocurrency scam said Trump involved in creating COVID and rigging election.
JON BRODKIN - 10/28/2020
Enlarge / President Trump's campaign website during its brief defacement.
President Trump's website last night was briefly defaced by hackers who pitched a cryptocurrency scam and claimed that Trump has "criminal involvement" with election manipulation and that his administration was involved in creating the coronavirus.
Donaldjtrump.com is back to normal now, seeking donations and urging Trump supporters to register to vote. The defacement reportedly lasted less than 30 minutes on Tuesday evening. Trump-campaign spokesperson Tim Murtaugh issued a statement saying the campaign is "working with law enforcement authorities to investigate the source of the attack. There was no exposure to sensitive data because none of it is actually stored on the site. The website has been restored."
The website during its defacement had Department of Justice and FBI logos above a typo-filled message that said:
this site was seized
The world has had enough of the fake-news spreaded daily by president donald j trump
it is time to allow the world to know truth.
multiple devices were compromised that gave full access to trump and relatives. most internal and secret conversations strictly classified information is exposed proving that the trump-gov is involved in the origin of the corona virus.
we have evidence that completely discredits mr trump as a president. proving his criminal involvement and cooperation with foreign actors manipulating the 2020 elections. the us citizens have no choice
Cryptocurrency scam
The message then asked people to vote, in a sense, by giving money in the form of monero, a cryptocurrency billed as a more private alternative to Bitcoin with "transactions [that] are confidential and untraceable." The Trump-website defacement said people can vote "yes, share the data" by giving to one monero address or "no, do not share the data" by giving to another.
"Today is the day—the whole world can decide if they want to know that truth or not. After the deadline we will compare the funds and execute the will of the world," the message said.
Journalist Gabriel Lorenzo Greschler captured screenshots and video of the website while it was defaced and shared them on Twitter:
"Though the defacement appeared to be part of a common cryptocurrency scam to get people to irreversibly donate money online, the incident took on added urgency one week before the election," The New York Times wrote. "Cybersecurity experts said that the incident could have been caused by tricking a website administrator into turning over their credentials, in what is known as a phishing attack, or by redirecting the campaign website to the hacker's own server. Intelligence agencies have been closely monitoring hacking groups, including teams backed by Iran and Russia, that have tried to break into election-related systems and have been involved in influence operations in recent weeks."
The message then asked people to vote, in a sense, by giving money in the form of monero, a cryptocurrency billed as a more private alternative to Bitcoin with "transactions [that] are confidential and untraceable." The Trump-website defacement said people can vote "yes, share the data" by giving to one monero address or "no, do not share the data" by giving to another.
"Today is the day—the whole world can decide if they want to know that truth or not. After the deadline we will compare the funds and execute the will of the world," the message said.
Journalist Gabriel Lorenzo Greschler captured screenshots and video of the website while it was defaced and shared them on Twitter:
"Though the defacement appeared to be part of a common cryptocurrency scam to get people to irreversibly donate money online, the incident took on added urgency one week before the election," The New York Times wrote. "Cybersecurity experts said that the incident could have been caused by tricking a website administrator into turning over their credentials, in what is known as a phishing attack, or by redirecting the campaign website to the hacker's own server. Intelligence agencies have been closely monitoring hacking groups, including teams backed by Iran and Russia, that have tried to break into election-related systems and have been involved in influence operations in recent weeks."
JON BRODKINJon is Ars Technica's senior IT reporter, covering the FCC and broadband, telecommunications, wireless technology, and more.