Who hacked Gettr? Donald Trump's social media site targetted ‘just for fun’
The pro-Palestinian hacker changed account names of top MAGA loyalists on 4th of July as conservatives flooded to Gettr
Gettr, a conservative social media platform founded by Jason Miller, is back in the news, only this time for its poor security. A pro-Palestinian hacker was able to gain access to top verified accounts, including that of Miller, Marjorie Taylor Greene, Matt Schlapp and Mike Pompeo, leaving behind a not-so-subtle message.
Gettr is one of the many social media apps vying for attention from conservatives, as mainstream platforms like Twitter and Facebook limit extremist views. Earlier, conservatives flooded to Parler, before the app was booted off Amazon's servers. It then made a comeback of sorts but continued to be plagued with issues. That opened the door for other platforms, but few have gained the kind of fame that Gettr has.
Because of their affinity with conservatives, these pro-Trump platforms have also become strong targets for hackers and trolls. In November 2020, Parler was hacked and a screenshot of its database went viral on Twitter. Now, it is Getter's turn. Gettr was hacked by an activist who goes by the name JubaBaghdad on Twitter and other platforms. Who is he? Here's what we know. Days ago, we reported on the murky links between the new pro-Trump platform Gettr and China.
Who is JubaBaghdad?
Based in Iraq, the hacker's real name is Sarmad Hassan. Profiles on HackerOne and BugReader indicate he is an ethical hacker, i.e. someone who finds vulnerabilities and reports them on major websites. He is also a known bounty hunter, who tracks down bugs and issues in exchange for cash. So far, he has found and reported issues with Apple, Facebook, Instagram, Occulus and Mozilla. Little else is known about Hassan, who usually maintains a low profile. His Twitter account is protected and he doesn't appear to have a Facebook or Instagram page. He does however have a Medium blog, where he chronicles the exploits he made and how he found them.
Hassan opened up about hacking Gettr in an interview with Insider. According to him, Gettr quickly fixed the vulnerability, but he was still able to scrape data such as email addresses and birth years even after the patch. When asked why he targeted Gettr, Hassan said, "just for fun". It reportedly took him just 20 minutes to break into the platform, leading him to call the effort "easy". He told Insider, "They should not publish the website before making sure everything, or at least almost everything, is secure."
Hassan hacked the Gettr accounts around 8:30 am EST on July 4 and changed the account names to "@JubaBaghdad was here :) ^^ free palestine ^^." He managed to break into Gettr's support page as well, and also Steve Bannon's account. By 10 am EST, the accounts were restored and Miller offered a positive spin on the tale. "You know you're shaking things up when they come after you. The problem was detected and sealed in a matter of minutes, and all the intruder was able to accomplish was to change a few user names. The situation has been rectified and we've already had more than half a million users sign up for our exciting new platform!"
The hacking adds to Miller's woes, who is busy fighting to keep Gettr as a conservative-only platform. When it was launched, users flooded Gettr with pornography, most of which is still up since the platform doesn't have a system to root out porn automatically.