Dutch Researcher Allegedly Hacks Trump’s Twitter For The Second Time

A dark web file, the secret surface and the same weak password.


Noah MacAulay, Writer

        In October of 2016 three hackers broke into Donald Trumps Twitter account not knowing that one of them would try again and succeed four years later. 

        Following a 2016 Brucon Hacker conference in the Netherlands, three Dutch hackers went back to their hotel room and accessed a newly published dark web file from 2012 contacting 117 million LinkedIn passwords and usernames. They then searched for a single name, Donald Trump, they then used the password and email associated with his account and put it into a Twitter login page. Twitter then asked for email verification something you must do when signing in from a new device, however, this meant that the password was correct. The hackers were startled seeing that a presidential candidate (because this is taking place in October 2016) reused the same password for multiple very important social media accounts and had not changed his reused password after the LinkedIn hack was made public in 2013. They then had a moment of pure panic, this was a very sought-after social media account and Twitter databases will now know that someone had tried to log in to Donald Trumps Twitter with the correct password. If anyone else looks at the dark web file and logs into Trump’s Twitter something the hackers had found would not be that hard and caused any sort of mayhem they would be blamed. Now you might be wondering, why would these hackers care who got blamed, because these hackers are white hat also called ethical hackers who act like hackers and exposes digital weakness then report it to the proper authorities so it may be fixed before actual malicious groups can exploit that same weakness. If they were to be blamed for a “cyber attack” (Ruining someone’s reputation or causing mayhem regarding them online) on a presidential candidate they would not only be in serious legal trouble but the reputation of white hat hackers and their ‘guild’ (larger group) would be forever damaged. Now they had to access Trump’s account to prove they had not done anything malicious once they were in, removing any potential blame. After around an hour of database farming, they had found lots of emails Trump allegedly used and then they tried each one finally finding ‘[email protected]’ and it matched, however, this did not mean they were in but rather Twitter had detected that this login was being made from the Netherlands a far different place from New York Trumps most recent login location so they were locked out. After briefly pausing and then activating a VPN (something that can change your digital location) they were into his account.  They then sent screenshots proving they wherein Trump’s Twitter to Donald Trump himself and Homeland’s computer security team telling them of the glaring hole in their digital defenses. The hackers then called it a day, each extremely fearful of enemies they had made such as a potential president and perhaps every U.S law enforcer.


        The aforementioned (previously talked about) hackers have said they would not have done what they did if they knew the fear that would follow. So why, would a member of their team decide to try again when they already had a ‘strike’. It seems that even Victor Geves, The hacker who tried again did not even know himself but he hinted towards trying again due to the major Twitter password leak in July to see if the President had taken his security more seriously. The researcher then tried to log in to Trump’s Twitter simply by guessing his password using the same information he had in 2016. The researcher on his fifth attempt of simply guessing had logged in, using the password “MAGA2020!” (MAGA stands for Make America Great Again Trumps commonly used campaign slogan). Then suddenly the researcher was in, again. Geves expressed his surprise that after four failed password attempts he was still allowed to try and login into an account and was even more surprised that after his 2016 antics Trump had not enabled two-step verification (A random code is sent to the Users phone which is infinitely harder/ near impossible to hack) making accounts much more secure. He then messaged Trump’s acquaintances and multiple security agencies such as the FBI and CIA through Trump’s own Twitter to prove his claim but received no response. Geves later went on to say that a day later two-step verification had been enabled. The following day the secret service allegedly got in touch with Geves and thanked him for finding the security flaw.


        Twitter vigorously denies Geves claim saying that they “had no evidence to support Geves claim” and that they “We proactively implemented account security measures for a designated group of high-profile, election-related Twitter accounts in the United States, including federal branches of government” There has been much speculation to the Truth of Geves claims however Dutch technology security experts say that the claims are credible. Due to the fact that Twitter denies these claims they must be taken with a grain of salt however many Dutch security experts agreed with Geves claim and each party has their own reason for doing so, therefore, verification of Geves claim may never fully surface.


        These security hacks show that in the age we live in we can’t have our only form of security being people with guns surrounding the president but rather digital security as well, given how important online information is for example in April of 2013 a fake associated press tweet said the white house had been attacked and Obama was injured and the stock market promptly sank showing just the difference a single false tweet could make now imagine the presidents twitter controlled by a malicious group. It could cause untold havoc and the only thing stopping that is the phrase “MAGA2020!”. This story really shows us that everybody, not only high profile people are digitally vulnerable and nowadays, that matters so we can all do a better job.

Paragraph 2 (source censored)

Paragraph 3

Paragraph 3&4

Paragraph 4

Paragraph 5