Did a Security Researcher Really Access Trump’s Twitter Account? | by PCMag | PC Magazine | Oct, 2020
Dutch ethical hacker Victor Gevers claims to have gained access to Trump’s Twitter account after successfully guessing the password. Twitter says it has no evidence the account break-in actually occurred, though.
By Michael Kan
The security around President Trump’s Twitter account is grabbing headlines after a Dutch ethical hacker claims to have successfully broken in by using the password “maga2020!”
But both Twitter and the White House are casting doubt on the story, making it unclear if Trump’s account was truly secured with only a weak password.
The alleged break-in was done by Victor Gevers, a security researcher who’s uncovered vulnerabilities and unsecured databases before. He told Dutch newspaper De Volkskrant that he logged into the president’s account last Friday in order to test whether it was secure. And according to him, it wasn’t.
On his fifth attempt, he managed to break in by trying the combination “maga2020!” a reference to the “Make America Great Again” slogan Trump has been using on the campaign trail.
“I expected to be blocked after four failed attempts. Or at least would be asked to provide additional information,” Gevers told the publication. But he encountered no two-factor authentication in place or any other safeguards to check his identity.
Twitter is dismissing the report. “We’ve seen no evidence to corroborate this claim, including from the article published in the Netherlands today,” a company spokesperson said.
Indeed, Twitter should have logs capable of showing which devices and IP addresses have been connecting to the president’s account. However, the company’s statement indicates no suspicious activity was uncovered.
Twitter added: “We proactively implemented account security measures for a designated group of high-profile, election-related Twitter accounts in the United States, including federal branches of government.”
A White House spokesperson also told The Independent that Gever’s accusations about the hijacking are “absolutely not true.”
Gevers claims to have taken screenshots of the account access, though. One screenshot was shared with TechCrunch; it shows Gevers with the apparent capability to edit…