Gizmodo.com is being heavily criticized for a hacking prank that targeted the Trump administration.
Gizmodo’s website reads: “We love technology, we love gadgets, we love science, we love all kind of toys big and small.” They also dabble in other topics, such as politics.
Recently, the site decided to play a little game with members of the Trump administration. Using the name of a trusted source familiar to each target, they emailed an invitation to view a Google Docs spreadsheet.
The invitation was phony and it originated from a Gizmodo email address, but the sender’s name would be a familiar person, spouse or friend. If the recipient accepted the request, they were directed to what appeared to be a Google sign-in page. The recipient was then asked for their sign-in credentials.
According to Gizmodo, “Some of the Trump administration people completely ignored our email, the right move. But it appears that more than half the recipients clicked the link. Eight different unique devices visited the site, one of them multiple times.”
Although Gizmodo says it didn’t save any of the data it collected, such as passwords, the “test” is drawing criticism.
Jake Laperruque, a senior counsel for The Constitution Project, said Gizmodo’s test was “grossly irresponsible”.
Laperruque says the test reveals vulnerabilities, and it could also become the basis for a list of individuals who are susceptible to hacking. He fears the list could be used by someone with malicious intentions.
“I’m very worried that this will lead to efforts that list public figures that seem vulnerable to hacking,” Laperrugue said. “That would create serious cybersecurity risks and expose individuals to malicious hacks. Hopefully this activity will be condemned as seriously irresponsible and not repeated in the future on any scale.”
Gizmodo’s fake link went to 15 people. They included high-ranking members of the White House staff, like press secretary Sean Spicer and former FBI Director James Comey. They also sent it to senior adviser to the president Stephen Miller, deputy assistant to the president Sebastian Gorka, White House adviser Peter Thiel, White House cybersecurity adviser Rudy Giuliani, and informal adviser to the president Newt Gingrich.
Although they say they don’t know who clicked on the link, they did note that Comey and Gingrich appeared to have opened the emails, since both sent replies.
According to Gizmodo, Comey, apparently believing that he was writing to his friend, Lawfareblog.com editor-in-chief Ben Wittes, wrote: ‘Don’t want to open without care. What is it?’ As for Gingrich, he is said to have thought he was responding to an email from his wife, Callista. He wrote: ‘What is this?’
A true phishing scheme would have responded, but Gizmodo defends itself, saying it did not respond to Comey’s or Gingrich’s replys. They warn that in a real scheme, the victims of this hoax would have opened themselves up to more aggressive tactics.
If you would like to receive Breaking News text alerts on a smartphone or tablet, download the DML APP which is completely FREE and easy to use. Go to the Google Play Store or the IOS App Store and search for DML APP. Be sure to keep the app’s notifications setting on. Another way to receive alerts is to text to 40404 the following message: follow @realdennislynch (be sure to put a space between the word follow and the @ symbol).
To see more stories like this, sign up below for Dennis Michael Lynch’s email newsletter.
Sign up to get breaking news alerts from Dennis Michael Lynch.