Reddit says the stunt was pulled off by breaking into the user accounts that belong to subreddit moderators. The hacker claims the affected accounts had weak passwords, making them easy to guess.
A Pro-Trump hacker temporarily defaced dozens of forum pages on Reddit to promote the President’s reelection campaign.
On Friday, the hacker managed to change the background and profile pictures to numerous subreddits with images of Trump and his campaign slogan: “Make America Great Again!” In some cases, the culprit also posted a message, extolling the command-in-chief using some nonsensical language and Chinese Mandarin:
“Donald Trump (唐纳德·特朗普) is the best, greatest, premier of the peoples Republic of the United States of Ameria. [sic] Batman, was a billionaire. Do you know what Superman was too?”
However, the hack wasn’t due to a software vulnerability or corporate breach at the social media site. Reddit says the stunt was pulled off by breaking into the user accounts that belong to subreddit moderators. “We are working to lock down those accounts and restore impacted communities,” the company said in a statement.
The hacker responsible also took to Twitter to claim credit for the stunt, and said the affected accounts had weak passwords. “Their passwords are weak and leak so it was so fucking easy to take over them,” the culprit claimed. (Twitter has since shut down the person’s account.)
Reddit says that none of the compromised accounts had two-factor authentication enabled. The safeguard works on top of your normal login credential, and can prevent a hacker from breaking in if your password is successfully guessed.
As a result, Reddit is recommending moderators turn the two-factor authentication setting on. The company is also considering making the safeguard mandatory for all moderators to help prevent future vandalism.
Subreddits defaced include r/Space, r/NFL, r/Naruto, and r/Avengers, which have hundreds of thousands to millions of followers. However, many of the affected subreddits were quick to remove the Trump images. A full list of the impacted pages can be found here.
- Here’s a Bright Idea: Use a Lightbulb to Eavesdrop
- Trump Signs Order Banning US Transactions With TikTok, WeChat in 45 Days
- Intel Is Investigating a 20GB Leak of the Company’s Confidential Files
- How Security Research Can Get You Arrested
- More in Security