Donald Trump looking into camera.

https://en.wikipedia.org/wiki/Donald_Trump#/media/File:Donald_Trump_official_portrait.jpg (Public Domain)

Here’s how a hacker was able to blow up Trump’s new free speech site

Truth Social was flooded with impersonation accounts despite not being officially launched.

 

Mikael Thalen

Tech

Published Oct 21, 2021   Updated Oct 22, 2021, 7:04 am CDT

A hacker on Wednesday discovered that former President Donald Trump’s newly-announced social media platform “Truth Social” was publicly accessible online despite the official launch not set to take place until next year.

After Trump revealed in a press release his intentions to take on tech giants such as Facebook and Twitter with an uncensorable social network, a hacker, who asked not to be identified but claimed affiliation with the hacking collective Anonymous, began researching Truth Social’s corporate structure.

The social media network, which will be launched through a new company called Trump Media and Technology Group, aims to “create a rival to the liberal media consortium and fight back against the Big Tech companies of Silicon Valley, which have used their unilateral power to silence opposing voices in America.”

Truth Social’s website currently allows users to sign up for a waiting list and also advertises an iPhone app, produced by a company known as “T Media Tech LLC,” that is available for preorder.

Armed with the app developer’s name, the hacker told the Daily Dot that they were able to utilize Shodan, a search engine that locates servers exposed to the open internet, to track down the company’s digital footprint.

The hacker was able to locate numerous web domains as a result, including one that appeared to be running the mobile beta for Truth Social.

News of the public website quickly spread across social media after making its way to Canadian hacker Aubrey “Kirtaner” Cottle, who was able to set up faux accounts for numerous high-profile individuals such as QAnon guru Ron Watkins.

https://twitter.com/ThatNotoriousK/status/1450996235075268612?s=20

Given that the mobile beta was not yet intended for public use, handles such as @realdonaldjtrump and @mikepence were openly available.

The Daily Dot was able to secure the account for @donaldtrump, uploading the profile image and banner previously used by Trump on Twitter to showcase the lack of verification protocols.

Truth Social appeared to notice the activity and began not only restricting access to the users who had signed up but blocking others from registering accounts as well.

“You can no longer use your account, and your profile and other data are no longer accessible,” a notice on the website said. “You can still login to request a backup of your data until the data is fully removed, but we will retain some data to prevent you from evading the suspension.”

The entire domain running the mobile beta was taken offline entirely shortly after.

The incident is just one of several embarrassments that have befallen the social media venture in the last several hours.

Analysis of Truth Social’s terms of service also revealed that users are barred from everything from using capital letters excessively to making fun of the website itself.’

Share this article
*First Published: Oct 21, 2021, 11:15 am CDT