Trump social media site brought down by Iran hackers
Trump social media site brought down by Iran hackers
- Hours after the US airstrike on Iranian territory, Iranian-backed hackers took down US President Donald Trump’s social media platform.
- Users were struggling to access Truth Social in the early morning following the alleged hack.
- As the US continues to insert itself into the ongoing Iran-Israel conflict, the US government believes more cyberattacks could happen.
You're viewing a single thread.
Unclear from the article but, while a bit pedantic, this sounds more like it was potentially a DDoS attack rather than a proper "hack".
In an age where "willfully giving out your account password" is called hacking, here I'd call it tomato or tomato.
Social Engineering is hacking cmv.
No, because I agree.
There's usually an element of that with cracking passwords. Even if you just try and pick a good wordlist for a target you're already engaging in a way. The more you know about them the shorter the wordlist. And if you spend enough time getting to know shit about them you can reduce the wordlist to one entry because they told you the password. In a way. It's not necessarily a completely different process is my point.
You can argue it's a classic ID-10T error in your workflow.
But nobody has discovered a security vulnerability within the system architecture. This is the system operating as designed, abet with the wrong person standing in front of the terminal.
That's called a PICNIC - Problem In Chair Not In Computer.
PEBKAC
That's cracking, not hacking. If you're going to be pedantic, be correct.
However you want to phrase it, they're very different problems with different solutions.
"Someone picked the lock on my door and got into my house" is meaningfully distinct from "Someone stole my keys".
It was hacking according to Kevin Mitnick (RIP) so, it's probably safe to say that your view doesn't need to be changed.
313 Team is an Arabic-interest hacker collective, aligned with Iran, Palestine and Iraq, they reportedly used a distributed denial of service (DDoS) attack against Truth Social.
The article seems pretty clear to me. Maybe it was updated?
In order to launch a meaningful DDoS there must be thousands of compromised machines to use. I would absolutely say compromising such a large amount of machines is hacking.
A lot of DDOS attacks nowadays are from a DDOS for hire service.
So there could be hacking done, or just a bitcoin transfer.
These DDOS for hire services make use of hacked machines as botnets to perform the DDOS attacks.
So while the people paying for the service didn't hack anything, the people performing the DDOS certainly did.
Or they just found a buffer overflow bug on their border router/firewall. I can't imagine Truth Social has a keen network engineering team keeping up to patching and vulnerabilities.
Doesn’t Truth Social run a super old custom modded version of Lemmy? That thing must have a ton of vulnerabilities.
It uses Mastodon (ActivityPub disabled), and Soapbox-FE.
It's absolutely hacking those computer, just not the site. I just don't want to get overly excited for something that doesn't have much meat to it.