Vulnerabilities in US President Donald Trump’s 2020 campaign App exposed Twitter keys and secrets

0

United States President Donald Trump’s 2020 Presidential Campaign App leaked Twitter App keys and secrets, Google apps and maps keys and Branch.io keys

It’s June 2020 and the election jamboree in the United States has started picking up. The U.S. Presidential elections are to be held in 2020 and President Donald Trump is seeking a second term while Democrat candidate, Joe Biden is his challenger.

In the meantime, a team of researchers has found a security vulnerability in President Trump’s mobile campaign App for Android called Official Trump 2020 App. The research team led by Noam Rotem and Ran Locar from Website Planet found that the App revealed President Trump’s Twitter application keys and secrets, Google apps, and maps keys and Branch.io keys.

The researchers unpacked the Official Trump 2020 App and found that they could easily access the exposed keys and secrets. These keys and secrets if exploited could have given any potential hacker access to the app’s Twitter API and other parts of the app.

While the exposed keys allowed access to many parts of the app, we concluded in our investigation that user accounts remained inaccessible through this vulnerability. We did not attempt to access any user accounts on the app, as we felt the initial vulnerability was sufficient to alert the Trump campaign.

Website Planet blog post.

The researchers said if the exposed data was exploited, the potential hacker would need two additional keys to access accounts of Trump or any other user. “However, a malicious hacker could still use the keys to impersonate the app, and much worse,” the researchers said. “For example, using the branch.io keys, hackers could potentially access app user and usage data.”

The Website Planet team alerted President Trump’s campaign team who patched the App a few days later. It is not known whether anybody other than the researchers have could have accessed the exposed data earlier.

Share.

About Author

Hacker, coder, Jouno by night When a good man is hurt, all who would be called good must suffer with him

Subscribe
Notify of
0 Comments
Inline Feedbacks
View all comments