Hackers hacked Trump's newly launched social media platform twice, exposing personal information of users

Jul 7, 2021 16:27 GMT  ·  By

Gettr, the new social media network was hacked not once, but twice. Apart from releasing customers' data online, hackers enjoyed themselves by flooding the platform with Sonic the Hedgehog-themed pornography and tampering with users' profiles, according to Threat Post

Gettr can be described as another Twitter alternative that focuses on posts regarding the current topics. The organization describes itself as "a non-bias social network for people all over the world."

When Gettr was first launched, cybersecurity professionals recognized that the APIs were poorly written and full of vulnerabilities. Ashkan Soltani, a security researcher, uncovered a flaw that allows a threat actor to launch a brute-force attack targeting the API by giving it a list of emails and receiving a response listing the ones muted or blacklisted.

One of the first blows against Trump's conservative-oriented network entailed the publishing of erotica featuring Sonic the Hedgehog over Independence Day weekend.  On top of that, hackers had a good time by spamming the platform's first post with fake graphic footage of Hillary Clinton's face superimposed onto a woman's naked body.

Hackers stole and exposed the personal information of around 90,000 users 

The next phase of the hack happened on the 4th of July, when numerous important users' profiles have been defaced. Alon Gal, a cybersecurity researcher at Hudson Rock, explained that the cybercriminals were able to exploit the insecure APIs implemented on Gettr.

A data set allegedly containing 90,000 users' status updates, location information, email addresses, usernames, and other data was released Tuesday as part of the hack's next step. According to Jason Miller, a senior adviser to Trump “The problem was detected and sealed in a matter of minutes, and all the intruder was able to accomplish was to change a few user names,”