Hackers possibly operating out of Russia reportedly managed to hijack at least 195 web addresses linked to Donald Trump, his family or business empire four years ago, long before he took office. Users who attempted to visit the compromised websites were redirected to servers in St. Petersburg, Russia, which security experts said contained malware to steal passwords or hold files for ransom, the Associated Press reported.
It is unclear who the hackers were, why they targeted these websites specifically or whether unsuspecting persons were compromised while visiting the Trump-linked sites.
Some of the affected domains included donaldtrump.org, donaldtrumpexecutiveoffice.com, donaldtrumprealty.com and barrontrump.com that were hijacked in August and September 2013.
The hackers managed to hijack the web addresses by accessing and altering their domain registration records at hosting site GoDaddy.com. Accounts at GoDaddy often fall prey to phishing attacks designed to trick users into divulging their login credentials and personal information.
GoDaddy spokesman Nick Fuller said the firm did not suffer any breaches of its system in 2013 and noted it has security measures to detect any potentially malicious activity.
The sites were reportedly infiltrated a few months before Trump traveled to Moscow for the Miss Universe pageant held on 9 November, 2013, AP reported. However, there is currently no evidence to suggest that server computers at the Trump Organization or any other Trump-linked entities were compromised in the attacks.
The impacted websites were corrected just days after the AP questioned the Trump Organization regarding the cyberattacks.
Many of the web addresses were not being used by the Trump Organization and its affiliates which own at least 3,300 sites in total, AP noted. Companies often buy a trove of web addresses to potentially use in the future or avoid having them used by any rivals or threat actors.
Security experts have often voiced serious concerns over the Trump Organization's cybersecurity practices, including the WiFi networks at Mar-a-Lago and other Trump properties that were found with weak or absent security settings.
"This is beyond me," said Paul Vixie, CEO of Farsight Security told the AP. "I have simply never seen a benefit accrue from an attack of this kind. I'm at loss, unless it's a demonstration of capabilities. There's no way something like this could go by in the Bloomberg empire without this being seen."
The revelation comes as the White House faces intense scrutiny amid the ongoing probes into Russian meddling in the 2016 election and possible ties between Trump's team and the Kremlin. The Kremlin has continued to vehemently deny any involvement in the DNC hack or interference in the election. Trump has repeatedly denied any collusion and described the ongoing probes as a "witch hunt."
Last week, special counsel Robert Mueller filed the first charges against Trump's former campaign manager Paul Manafort, associate Richard Gates and former Trump campaign aide George Papadopoulos. NBC reported that Mueller has enough evidence to charge Trump's former national security adviser Michael Flynn and his son as well.