At least 195 websites belonging to U.S. President Donald Trump, his family, or businesses he is involved with were victims of DNS hijacking in 2013, with the last of them repaired only last week, the Associated Press (AP) reported Saturday.
The Trump Organization denied the domain names were compromised, AP reports, but records reviewed by AP and cybersecurity experts reportedly redirected website visitors to servers in St. Petersburg, Russia, containing malware. Affected domains were repaired within days of AP contacting the Trump Organization about the hacks.
The connection to Russia raises the spectre of alleged Russian hacking activities during the U.S. Presidential campaign.
The affected domain names, which were attacked in two waves in August and September 2013, include donaldtrump.org, donaldtrumpexecutiveoffice.com, donaldtrumprealty.com and barrontrump.com. The Trump Organization and its affiliates own at least 3,300 domain names, many of which are not in use, including some of those hacked.
At least 250 "shadow" subdomains were created by hackers, Mother Jones reports. IP addresses associated with the subdomains are also associated with an IP address for one or more domain previously used to deploy an exploit kit. The servers were hosted by the Petersburg Internet Network, which has drawn criticism for hosting malicious actors.
"If Cogent started blocking routes from the Petersburg Internet Network Ltd.(AS44050) until they clean up their act, it might save
Is Offshore Hosting For You?
Find out why you too should be hosting offshore. Click here now!