Trump campaign website hacked in 'cryptocurrency scam'

US President Donald Trump at podiumReuters

The official website of US President Donald Trump has been hacked by an apparent cryptocurrency scam.

His re-election campaign team is investigating the security breach.

"The world has had enough of the fake news spreaded [sic] daily" by the US president, a message on www.donaldjtrump.com briefly displayed.

The campaign team said there was "no exposure to sensitive data because none of it is actually stored on the site". The website has now been restored.

Screenshots circulating online show the website briefly displayed a fake message, accompanied by the FBI and the US Department of Justice badges.

How can you spot "fake news"?

"It is time to allow the world to know the truth," the text on the website read.

"Multiple devices were compromised that gave full access to Trump and relatives."

The hackers also claimed to have proof that the US administration "is involved in the origin of the coronavirus" and interfering in the presidential election, which takes place on 3 November.

This Twitter post cannot be displayed in your browser. Please enable Javascript or try a different browser.View original content on Twitter
The BBC is not responsible for the content of external sites.
Skip twitter post by Nicole Perlroth

Allow Twitter content?

This article contains content provided by Twitter. We ask for your permission before anything is loaded, as they may be using cookies and other technologies. You may want to read Twitter’s cookie policy and privacy policy before accepting. To view this content choose ‘accept and continue’.

The BBC is not responsible for the content of external sites.

The message then asked for cryptocurrency donations in exchange for access to this information.

There is no evidence to back these statements, and the Trump campaign denies any sensitive data was collected.

"The Trump campaign website was defaced and we are working with law enforcement authorities to investigate the source of the attack. There was no exposure to sensitive data because none of it is actually stored on the site," Trump campaign communications director Tim Murtaugh said in a statement to CNN.

Website defacements are a low level form of cyber-vandalism akin to someone trespassing on private land and writing a nasty message on a wall in spray paint.

The attack only lasted 30 minutes before the hackers were kicked out, so it's unlikely they would have gained much other than a target on their backs if they were silly enough to leave a trail.

What's more serious is the potential cyber-security failing on the part of the Trump campaign.

This embarrassing incident comes just a week after a Dutch ethical hacker claimed to have logged into the US president's Twitter account by guessing his password. This has yet to be verified.

There is no such thing as 100% secure when it comes to cyber-security, but in both these incidents it seems like basic steps might not have been taken.

Mr Trump has also been very critical of other people for failing cyber-security measures in the past.

During the 2016 election campaign, he criticised opponent Hillary Clinton when her emails were exposed in a hack.

Earlier this month, he ruffled feathers when he told supporters: "Nobody gets hacked. To get hacked you need somebody with 197 IQ and he needs about 15% of your password."

More on this story