One week before the election U.S. President Donald Trump’s campaign website for re-election was briefly hacked on Tuesday evening, displaying a Monero cryptocurrency scam.
The hacked page below was displayed directing visitors to send the Monero cryptocurrency to vote on whether or not the hackers should reveal alleged sensitive data proving their claims that Trump was involved in various conspiracies stated. The hacked page was displayed in the “About” section of Trump’s campaign website which posted an image that made it appear as if the FBI had seized the site.
The New York Times reports. “This site was seized,” the fake FBI notice read, before claiming without proof to have gained access to Trump’s private communications containing evidence of wrongdoing. Two cryptocurrency wallet addresses were then listed, asking its visitors to send funds and vote on whether the “hacked” documents should be released.
In a statement posted on Twitter, the Trump campaign’s communications director Tim Murtaugh confirmed the defacement. He said “there was no exposure to sensitive data because none of it is actually stored on the site” and that the organization was “working with law enforcement authorities to investigate the source of the attack.” TechCrunch reports that the website’s original content was restored, “within a few minutes.”
According to The New York Times, journalist Gabriel Lorenzo Greschler was among the first to spot the hack and post screenshots of it to Twitter.
— Gabriel Lorenzo Greschler (@ggreschler) October 27, 2020
The notice posted on the site in broken English claimed to have proof that the Trump government was involved in the origins of the pandemic, and that Trump has been involved with “foreign actors manipulating the 2020 elections.”
It provided two Monero wallet addresses for visitors to send money to, allowing them to effectively vote on whether the hackers should release the incriminating evidence. One wallet was labeled with “Yes, share the data” and the other “No, do not share the data.”
A note on the website referenced a “deadline” after which the amount of funds in the two addresses would be compared, but provides no information on when the deadline is. It also showed a PGP encryption key which TechCrunch notes corresponds to an email address at planet.gov, a website that doesn’t exist. It’s unknown who hacked the website but authorities are currently investigating the cyber breach.
The United States Internal Revenue Service (IRS) previously announced a bounty of up to $625,000 to anyone who can crack Monero’s privacy encryption. Monero is said to be purportedly untraceable focusing on privacy, obfuscating transactions between individuals. This marks a shift from hacks in the past that have relied on Bitcoin, which opposite to Monero, is a public ledger or one that is more easily tracked.
The IRS previous stated, that (XMR) Monero is being used for all future ransom demands and transactions by ransomware group Sodinokibi due to its “privacy concerns.”
“Currently, there are limited investigative resources for tracing transactions involving privacy cryptocurrency coins such as Monero or other off-chain transactions that provide privacy to illicit actors,” the IRS wrote.
Trump’s campaign website is back online after it was partially hacked on Tuesday evening. The Trump campaign said no sensitive data was obtained in the hack. “There was no exposure to sensitive data because none of it is actually stored on the site,” tweeted communications director Tim Murtaugh.