Hackers Take Advantage of Pro-Trump Social Media Site 'Gettr', Steal Info From 90K Users

Hackers have reportedly obtained the email addresses and information of at least 90,000 Gettr users, contributing to an increasingly rocky start for the new pro-Trump social media platform that has already been marred by other hacks, memes, and pornographic images.

According to Vice News' Motherboard, a hacker on Tuesday posted a database to an online hacking forum claiming to have scraped the information from the accounts of every Gettr user. The data, which was seen by Motherboard, includes email addresses, usernames, statuses, and locations.

Motherboard verified Tuesday that at least one of the emails posted to the hacking forum was in fact registered to Gettr. Additionally, the outlet confirmed additional emails in the database by attempting to set up Gettr accounts with those emails, and each time, the site said the email address was already connected with a Gettr account.

It is not clear if the database included information from every user on the site. The hacked database was first flagged by Alon Gal, the co-founder and chief technology officer of the cybersecurity firm Hudson Rock.

"Threat actors were able to take advantage of bad API implemented on Trump's recent social media platform, Gettr (@GettrOfficial). This allowed them to extract usernames, names, bios, bdays, but most importantly, the emails which were supposed to be private, of over 85,000 users," Gal tweeted Tuesday, along with images of the hacked information.

Newsweek contacted Gettr for comment on the reported hack but did not hear back in time for publication.

Tuesday's report comes after Gettr got off to an already rocky start during its official launch on July 4. The Twitter-style service launched on Sunday as an anti-censorship platform for conservative voices, led by former senior Trump advisor Jason Miller.

But the social media platform came under attack that day after a hacker briefly compromised the accounts of its most popular verified users, including several former Trump aides.

Among the hacked accounts were those of former Secretary of State Mike Pompeo, former senior White House advisor Steve Bannon, congresswoman Marjorie Taylor-Greene and the pro-Trump media platform Newsmax.

The hacker, who altered each account to show the message, "@JubaBaghdad was here :) ^^ free palestine ^^," later told Business Insider that he targeted the site "just for fun" and that it was "easy" to hack.

Hackers also jammed the site with pornographic images and GIFs after the platform posted its first welcome message. Users spammed that post and others with graphic videos, Sonic the Hedgehog memes, and images of Hillary Clinton's face photoshopped onto the body of a naked woman.

In response to the July 4 hack, Miller, the CEO of Gettr, said the issue was quickly addressed.

"You know you're shaking things up when they come after you. The problem was detected and sealed in a matter of minutes, and all the intruder was able to accomplish was to change a few user names," Miller said in a statement.

Nonetheless, on the day of its official launch, Ashkan Soltani, a security and privacy researcher and former FTC chief technologist, told Motherboard that Gettr's Application Programming Interface (API) had several bugs that made it an easy target.

"This app looks like a dumpster fire that was coded from the lavatory of Donald Trump," Soltani told Motherboard. "It literally took me longer to copy the screenshot images off of my test phone than it did to find the actual bug."

Gettr describes itself as a "marketplace for ideas" and is set up to include trending topics, verified users and the ability to share and like posts much like Twitter.

The app is being led by several people with ties to Trump, including Miller and former Trump communication's director, Tim Murtaugh, but the former president has yet to create an account himself.

Trump was permanently banned from Twitter and remains suspended by Facebook until at least 2023, and by YouTube until the company determines that his content no longer poses a safety threat.