A security researcher and so-called ethical hacker in the Netherlands claimed that he hacked the Twitter account of President Donald Trump by guessing his password, according to a report from Dutch magazine Vrij Nederland. The hacker, Victor Gevers, who founded the internet security advocacy group GDI.Foundation, said he was checking on the security of Trump’s account – something he does almost nightly to persons he believes may be an target in need of online protection – and claims he was able to access the president’s account, guessing the password on his sixth attempt. The White House has denied that Gevers was ever in control of Trump’s account, while Twitter said it has seen “no evidence” to corroborate the claim.
According to Gevers, on Friday Oct. 16, after running a check on several accounts belonging to Hunter Biden, he decided to check the president’s safety status, but “much to his surprise” he purportedly found the two-factor authentication security feature disabled. According to this account, he then attempted a series of passwords: !IWillAmericaGreatAgain!, MakeAmericaGreatAgain, MakeAmericaGreatAgain!, Maga2020, Maga2020!. After all five passwords were rejected, Gevers said he tried “maga2020!,” and a second later he claimed he was in control of the account belonging to the most powerful man in the world.
At the moment, there is no substantive evidence confirming the veracity of Gevers’ claims, though he supposedly took screenshots.
"The researcher, Victor Gevers, had access to Trump’s personal messages, could post tweets in his name and change his profile. Gevers took screenshots when he had access to Trump’s account… Dutch security experts find Gevers’ claim credible." https://t.co/jl10soChhX
— Justin Hendrix (@justinhendrix) October 22, 2020
Though not explicitly admitting to any specific action, Gevers suggested that he, not the president, was responsible for Trump’s account posting a tweet that appeared to take a satirical Babylon Bee news article seriously.
Twitter Shuts Down Entire Network To Slow Spread Of Negative Biden News https://t.co/JPmjOrKPcr via @TheBabylonBee Wow, this has never been done in history. This includes his really bad interview last night. Why is Twitter doing this. Bringing more attention to Sleepy Joe & Big T
— Donald J. Trump (@realDonaldTrump) October 16, 2020
“I am not saying I did it. But what if I was the one to post the tweet? Then Trump will need to either admit to never having read the Babylon Bee article and posting this bullshit tweet, OR he will need to acknowledge that someone else posted the tweet,” Gevers told Vrij Nederland.
The Dutch hacker also told the magazine that his actions were only in pursuit of spreading awareness about online safety.
“All I care about is more awareness of the fact that Two-Factor-Authentication should be mandatory for everyone,” he said. “Passwords are the Achilles heel of the internet. This needs to be resolved – fast – because even the President of the United States of America is no longer safe.”
The White House categorically denied on Tuesday that there was any truth to Gevers’ story, however.
“This is absolutely not true,” said White House Deputy Press Secretary Judd Deere, “but we don’t comment on security procedures around the President’s social media accounts.”
White House Deputy Press Secretary Judd Deere denies this happened: "This is absolutely not true but we don’t comment on security procedures around the President’s social media accounts." cc @0xDUDE https://t.co/xz0ov4jSjY
— Matt Shuham (@mattshuham) October 22, 2020
Additionally, a Twitter spokesperson told the Daily Beast there it had seen “no evidence to corroborate” Gevers’s claim.
“We’ve seen no evidence to corroborate this claim, including from the article published in the Netherlands today,” the social media platform said in a statement. “We proactively implemented account security measures for a designated group of high-profile, election-related Twitter accounts in the United States, including federal branches of government.”
Twitter spox cont.: "We proactively implemented account security measures for a designated group of high-profile, election-related Twitter accounts in the United States, including federal branches of government." (2/2)
— Lachlan Markay (@lachlan) October 22, 2020
[image via Alex Wong/Getty Images]
Have a tip we should know? [email protected]