Mikael Thalen Profile picture
Staff writer @dailydot covering tech & politics - mikael.thalen@dailydot.com - Signal: mikaelthalen.11

Oct 21, 2021, 9 tweets

NEW: I spoke with the hacker who discovered that Trump's new social media platform 'TRUTH Social' was openly accessible online.

Here's how they found it: dailydot.com/debug/hacker-t…

The hacker, who asked not to be identified but claimed affiliation with the hacking collective Anonymous, first noticed the name of the company behind TRUTH Social's app: T Media Tech LLC.

dailydot.com/debug/hacker-t…

The hacker then used Shodan, a search engine that finds servers exposed to the open web, to look for any domains linked to T Media Tech LLC.

dailydot.com/debug/hacker-t…

That's how the hacker was able to discover the domain mobile.tmediatech[.]io - which appeared to be running the mobile beta for TRUTH Social.

The site allowed anyone to sign up and register an account despite the official launch not being until next year. dailydot.com/debug/hacker-t…

News of the URL made its way soon after to @ThatNotoriousK, who was able to setup numerous accounts including one for QAnon guru Ron Watkins.

Numerous others were able to setup accounts as well.

One user was able to secure the handle @realdonaldjtrump and proceeded to share a meme of a defecating pig.

dailydot.com/debug/trump-tr…

Washington Post tech reporter @drewharwell was able to setup an account on TRUTH Social using the handle @mikepence.

I was able to setup an account with the handle @donaldtrump as well.

TRUTH Social eventually noticed the activity and blocked active users, disabled new signups, and eventually took the entire domain offline.

I emailed TRUTH Social to ask about the incident but did not receive a reply. dailydot.com/debug/hacker-t…

Share this Scrolly Tale with your friends.

A Scrolly Tale is a new way to read Twitter threads with a more visually immersive experience.
Discover more beautiful Scrolly Tales like this.

Keep scrolling