According to Edwin, Mattijs and Victor, there was no harm when they hacked into Donald Trumps Twitter account in 2016. The Dutch hackers didnt even think it would work, says Vrij Nederland-journalist Gerard Janssen in the CCeit on 3 Tech Podcast.
Janssen interviewed the three of them about their act. Vrij Nederland today published a timeline of the hack and aftermath. The three hackers have provided screenshots that seem to support their story.
“These are not people who tell a story for fun. Ive seen the e-mail exchanges and their way of working,” says Janssen. “And theyre very highly regarded in the hacker community
The published screenshots show that the grumpy old hackers, a collective of which the three are members, report the hack to Trump and the American government. The Dutch had entered the account of the then presidential candidate just before the elections, on 27 October 2016.
They had retrieved the password from a LinkedIn database with 117 million usernames and passwords. It also contained details of the prominent Republican. The password yourefired, frequently used by Trump in his TV show The Apprentice, also proved to work on his Twitter account.
“They were shocked when they succeeded,” says Janssen. “The Dutch knew they were potentially in trouble, because it could be interpreted as a cyber attack on a presidential candidate The three of them had made the login attempt, as it were, out of the blue, they told the journalist, just to see if it was possible.
Edwin, Mattijs and Victor decided to record the hack as well and in as much detail as possible, so that they could later prove that they had no malicious intent. The hackers claim that they did not read or click on any confidential information. Nor were any tweets sent on behalf of Trump.
Janssen: “They think its a good example of responsible disclosure. If, for example, an agent sees a garage door open, it shouldnt matter who that door belongs to. Then he just reports it”, the journalist explains the position of the hackers.
In the end, the hackers never got a reaction from Trump. From the National Cyber Security Centre (NCSC) they received a message on 2 November, according to the screenshots provided. The American government agency US Cert is said to have picked up the message. “Thank you for contacting us”, the NCSC wrote back to the hackers.
The first time the three went back to America, for a big hacker conference in Las Vegas in 2017, it was scary. But so far they have had no problems.
Gerard Janssen tracked down the story at a similar congress. According to him, the grumpy hackers were at first very reluctant, but in the end they wanted to tell their story.
“How are they doing now? Good, I think, theyre terribly busy.” The Dutch have been working in the information security world for years. “A few of them are hired by banks and large companies. In order to gain access in every possible way and to demonstrate vulnerabilities”