GOP senator alleges password-hijack attempts after blasting WikiLeaks founder
Sen. Ben Sasse (R-Neb.) Saturday claimed that hackers were trying to gain access to his personal and government-issued devices through bogus password-reset notifications.
In a short flurry of Twitter messages, Sasse blamed the hacking attempts on his criticism of WikiLeaks and its founder, Julian Assange, earlier in the week.
“Heads-up…I’ve been critical of Assange & WikiLeaks this week. So…big surprise: Am having multiple ‘password reset’ attempts right now,” Sasse tweeted Saturday. The probing was hitting “basically every device, every platform, personal and govt,” he added in a follow-up tweet.
Sasse did not elaborate on the exact nature of the password-reset messages he said he’d seen, such as whether they were limited to a single app — Twitter, for instance — and how they had been sent.
Sasse was not the only federal lawmaker to make the claim about reset requests. “Getting a lot of ‘password reset’ requests. Must be angering the hacker/WikiLeaks crowd by calling out Trump/Russia ties,” tweeted Rep. Seth Moulton (D-Mass.) Sunday.
Most attacks featuring password-reset requests rely on email. The messages purport to be from a service’s support team. The links embedded in such notifications direct users to bogus sites, which harvest the credentials as they’re entered. Security experts have urged users for decades to ignore the links within emails like these, and instead steer their browser directly to a service’s legitimate password reset function.
Confusing that advice, however, have been the seemingly endless parade of service breaches, and the ensuing large-scale forced password resets those services then demand of their users.
As Sasse noted in his weekend tweets, he was critical of Assange after the secret-spilling WikiLeaks released a trove of CIA documents that alleged the agency could hack smartphones, personal computers, routers and other digital devices worldwide.
In a Thursday statement, Sasse — who chairs the Senate Judiciary Committee’s Subcommittee on Oversight — said, “Assange should spend the rest of his life wearing an orange jumpsuit” and called the Australian “an enemy of the American people and an ally to Vladimir Putin.”
Assange in 2012 took refuge in the London embassy of Ecuador to stymie extradition to Sweden, where he was wanted for questioning on sexual assault allegations. He held a press conference Thursday during which he pledged to provide technology firms like Apple, Google and Microsoft with technical information on the software vulnerabilities the CIA supposedly used to compromise devices. The vendors could then use that information to patch the flaws.
This story, “GOP senator alleges password-hijack attempts after blasting WikiLeaks founder” was originally published by Computerworld.