Hackers Take Advantage of Pro-Trump Social Media Site ‘Gettr’, Steal Info From 90K Users
Hackers have reportedly obtained the email addresses and information of at least 90,000 Gettr users, contributing to an increasingly rocky start for the new pro-Trump social media platform that has already been marred by other hacks, memes, and pornographic images.
According to Vice News’ Motherboard, a hacker on Tuesday posted a database to an online hacking forum claiming to have scraped the information from the accounts of every Gettr user. The data, which was seen by Motherboard, includes email addresses, usernames, statuses, and locations.
Motherboard verified Tuesday that at least one of the emails posted to the hacking forum was in fact registered to Gettr. Additionally, the outlet confirmed additional emails in the database by attempting to set up Gettr accounts with those emails, and each time, the site said the email address was already connected with a Gettr account. It is not clear if the database included information from every user on the site. The hacked database was first flagged by Alon Gal, the co-founder and chief technology officer of the cybersecurity firm Hudson Rock.
Threat actors were able to take advantage of bad API implemented on Trump’s recent social media platform, Gettr (@GettrOfficial). This allowed them to extract usernames, names, bios, bdays, but most importantly, the emails which were supposed to be private, of over 85,000 users,” Gal tweeted Tuesday, along with images of the hacked information.
Among the hacked accounts were those of former Secretary of State Mike Pompeo, former senior White House advisor Steve Bannon, congresswoman Marjorie Taylor-Greene and the pro-Trump media platform Newsmax.
The hacker, who altered each account to show the message, “@JubaBaghdad was here 🙂 ^^ free palestine ^^,” later told Business Insider that he targeted the site “just for fun” and that it was “easy” to hack. Hackers also jammed the site with pornographic images and GIFs after the platform posted its first welcome message. Users spammed that post and others with graphic videos, Sonic the Hedgehog memes, and images of Hillary Clinton‘s face photoshopped onto the body of a naked woman.
In response to the July 4 hack, Miller, the CEO of Gettr, said the issue was quickly addressed.
Threat actors were able to take advantage of bad API implemented on Trump’s recent social media platform, Gettr (@GettrOfficial).
This allowed them to extract usernames, names, bios, bdays, but most importantly, the emails which were supposed to be private, of over 85,000 users. pic.twitter.com/NsKyz9zHmQ
— Alon Gal (Under the Breach) (@UnderTheBreach) July 6, 2021
